Re: Proposed IESG Statement on the use of the “Updates” header

Ben Campbell <> Tue, 11 September 2018 18:44 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D07F0130F0A; Tue, 11 Sep 2018 11:44:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.879
X-Spam-Status: No, score=-1.879 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ZNQJhNqpwLdC; Tue, 11 Sep 2018 11:44:53 -0700 (PDT)
Received: from ( [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CBF5D130F50; Tue, 11 Sep 2018 11:44:53 -0700 (PDT)
Received: from [] ( []) (authenticated bits=0) by (8.15.2/8.15.2) with ESMTPSA id w8BIipKD060664 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Tue, 11 Sep 2018 13:44:52 -0500 (CDT) (envelope-from
X-Authentication-Warning: Host [] claimed to be []
From: Ben Campbell <>
Message-Id: <>
Content-Type: multipart/signed; boundary="Apple-Mail=_BB776291-0D0A-4E21-AFE6-7020D8660AB9"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Subject: =?utf-8?Q?Re=3A_Proposed_IESG_Statement_on_the_use_of_the_?= =?utf-8?Q?=E2=80=9CUpdates=E2=80=9D_header?=
Date: Tue, 11 Sep 2018 13:44:50 -0500
In-Reply-To: <>
Cc: IETF <>, IESG <>
To: Bob Hinden <>
References: <> <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Sep 2018 18:45:03 -0000

> On Sep 11, 2018, at 1:31 PM, Bob Hinden <> wrote:
> Ben,
>> On Sep 11, 2018, at 8:55 AM, Ben Campbell <> wrote:
>> Hi Everyone,
>> There have been several discussions lately about the use and meaning of the “Updates” header in RFCs, and the resulting “Updates”/“Updated by” relationships. The IESG is thinking about making the following statement, and solicits feedback.
>> Thanks!
>> Ben.
>> --------------------------------------------
>> There has been considerable confusion among the IETF community about the formal meaning of the “Updates” / "Updated by" relationship in IETF stream RFCs. The “Updates” header has been historically used for number of reasons of various strength. For example, the “Updates” header may be used to indicate critical normative updates (i.e. bug fixes), optional extensions, and even “additional information”.
>> The IESG intends these headers to be used to inform readers of an updated RFC that they need to be aware of the RFC that updates it. The headers have no formal meaning beyond that. In particular, the headers do not, by themselves, imply a normative change to the updated RFC, nor do they, by themselves, imply that implementers must implement the updating RFC to continue to comply with the updated one.
>> The specific reasons that a given RFC updates another should be described in the abstract and body of the new RFC. The level of detail may differ between the abstract and the body; typically an abstract should contain enough detail to help readers decide if they need to read the rest of the RFC. The body should contain enough detail for readers to fully understand the nature of the update.
> I worry about the
>   "abstract should contain enough detail to help readers decide if they need to read the rest of the RFC”
> This may result in a long Abstract depending on the nature of the “update” and defeat the purpose of the abstract if it gets too long.   I think the update text in Abstract should be limited to a few sentences and that the IESG statement include something to that effect.

I agree with you on the length. I think we assumed that detail to “decide if you need to read the document” could be done in a a few sentences. We could add something to that effect, but I don’t think we want to take on the general topic of “what makes a good abstract” in this statement.

>> The importance of including an “Updates” header depends on the nature of the update. Normative updates that do not use a known extension point should always include an “Updates” header. Extensions that do use known extension points do not typically need to include the “Updates” header, but may in cases where it’s important to make the extension known to readers of the original RFC. Other uses of “Updates” may be appropriate when it’s important for readers to know about them; for example a new RFC may expand security or operational considerations in a way that is not normative, but still important.
>> RFCs that fully replace other RFCs should typically use the “Obsoletes” header rather than the “Updates” header. The “Updates” header should be used to flag updates to published RFCs; it is not appropriate to “Update” an Internet-Draft.
> While on the general topic of “Updates”.   Having done the process that resulted in RFC8200 that included incorporating the updates for RFC2460, it’s also important that updating RFCs are very clear what the actual change is.  This is important both for someone doing a BIS document, and for implementations understanding what the changes are.   It can be quite confusing when there a multiple updates to a single RFC.

I agree.


> Thanks,
> Bob