Re: Last Call: <draft-leiba-3967upd-downref-00.txt> (Updating when Standards Track Documents may Refer Normatively to Documents at a Lower Level) to Best Current Practice

Brian E Carpenter <> Tue, 18 October 2016 20:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1D6C6129881; Tue, 18 Oct 2016 13:58:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3BB0672jm1JZ; Tue, 18 Oct 2016 13:58:25 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c00::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6AD641296FA; Tue, 18 Oct 2016 13:58:25 -0700 (PDT)
Received: by with SMTP id r16so2569242pfg.1; Tue, 18 Oct 2016 13:58:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=tAF6e/8H7HqYTAQxNrgNIapMsXUMm8pNQnFM3LztXw0=; b=gdN9IuNc14Izt0Z/zZ78Hkgl40ypAEuWYKmc2QtBSR+hMN6vPeDwMhMqyV/7DFBtor e/AOe3UsiGBb+Dbt6ILFQNBClfyEZ1xazyuxidbuaToj6Ya0Zp3pFS4LIoOwx5drhobu 12jwS0Cp6nQWgQzfrjWSckWGNLl1Dzzw2JPPz4WktqW3Dt7hWCo2FMUUtVACIMkjhSHF 0B5FqYyWi3xRsWhoSTiWqg+7wxHL83pZ+pP5KDXuyV9KoqdT4XBm6RtxnxStZf75+s6P p2y+/LM3bkB/4smxsNVTeM7i6qMZfZM2qhx4z4k1bcWOWRYSdAZaBjpV2OqSxrrnZyay DgpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=tAF6e/8H7HqYTAQxNrgNIapMsXUMm8pNQnFM3LztXw0=; b=UkjyUtV5KQuUGiXa804+MkMn4hKNjgF6qCdS4q898gChEVQDPZwV1W53Yp0dXsXVWW 11+9W7uXl59patc0ApFeHnIrS2xsVdP5vfy+j5KeRemqfZT22wCI9cgRLyhrQD2f3Yuh JxLZxKOtff1MKbOqxXXoGxAJoWbwbK2TH2h3PIZTiOtpfuy19g9MKKhflqG6pU2ddWk2 BV0igWXurEnUTaOwp9lVcjqyuKcDFNre2xKXTgFUz3YkJrRKwZmW8TBMIrMLg55Nf8ED gutsYZ201T2jEmAGlFuFTfrYCMUNNZPdShepYCVobqTj8xyQHMGywu1Z6poCwCPp9aAn r50w==
X-Gm-Message-State: AA6/9RmlVwWBp8HpGyL9u/QreWkEBqJG+0cn9Gd1Romt6b3tBRxs94ne9DCjqXMbabiLlg==
X-Received: by with SMTP id x2mr4126531pfb.136.1476824304994; Tue, 18 Oct 2016 13:58:24 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id b21sm58008979pfj.90.2016. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 18 Oct 2016 13:58:24 -0700 (PDT)
Subject: Re: Last Call: <draft-leiba-3967upd-downref-00.txt> (Updating when Standards Track Documents may Refer Normatively to Documents at a Lower Level) to Best Current Practice
To: Barry Leiba <>
References: <> <> <>
From: Brian E Carpenter <>
Organization: University of Auckland
Message-ID: <>
Date: Wed, 19 Oct 2016 09:58:24 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <>
Cc: Ben Campbell <>,, IETF discussion list <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 18 Oct 2016 20:58:27 -0000

Hi Barry,

Clarifications in line...

On 19/10/2016 08:55, Barry Leiba wrote:
>> I broadly in favour of this change, but I have a few comments.
> Thanks, Brian.
>> First, a minor suggestion on the text itself:
>> OLD:
>>    The responsible AD should
>>    still check for downrefs before sending out the last call notice, but
>>    any need to repeat a last call if this has not been done is at the
>>    discretion of the IESG.
>> NEW:
>>    The responsible AD should
>>    still check for downrefs before sending out the last call notice, but
>>    if an undetected downref is noticed during last call or IESG review,
>>    any need to repeat the last call is at the discretion of the IESG.
> Yes, that reflects the intent and is more explicitly clear.  I like the change.
>> Second,
>>>    there are no related security
>>>    considerations.
>> That bothers me a tiny bit. A missed downref could have security implications.
> I agree, but I contend that this doesn't make it any more likely that
> we'll miss a downref.  In fact, this change is only operable when we
> *don't* miss it -- it simply gives the IESG judgment on whether last
> call needs to be repeated when we catch it.  And the Security ADs will
> certainly have a say in that, if they think that broader review of the
> downref is warranted for security checking.

True. How about s/related/directly related/ ? But I certainly don't insist.

>> Third, I believe that in addition to this procedural change, there is a
>> little work needed on the ecosystem:
>> 1. Make the downref registry an intrinsic part of the data tracker. I mean that
>> each document listed at
>> would instead be tagged as 'downref allowed' in the tracker, with appropriate GUI
>> support for the IESG to apply this tag.
>> 2. Enhance idnits slightly to check this tag when it detects a downref.
>> A downref to a 'downref allowed' document would be a warning, and a downref
>> to a non-downref-allowed document would be an error.
> I agree that those would be excellent changes, and I'll ask Ben, as
> sponsoring AD, to send that request up to the tools team.  I don't
> gather than you're asking that the document be held for that, correct?

Correct; it's orthogonal.

> The change you suggest above is in my working copy for the next draft revision.



> Barry