Re: Proposed IESG Statement on the use of the “Updates” header

Ben Campbell <> Thu, 07 February 2019 07:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AC08E130EEB; Wed, 6 Feb 2019 23:18:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 80r_lwmEGuZV; Wed, 6 Feb 2019 23:18:55 -0800 (PST)
Received: from ( [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 053F71228B7; Wed, 6 Feb 2019 23:18:55 -0800 (PST)
Received: from [] ( []) (authenticated bits=0) by (8.15.2/8.15.2) with ESMTPSA id x177IqJ9066503 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 7 Feb 2019 01:18:53 -0600 (CST) (envelope-from
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=default; t=1549523934; bh=ipdZiMMv8qRWin5V4fyHZdvJ2mvFKIpvzARjTI4pp0o=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=Ar/bg2+QSmJUeIRBeb96vFe2WOSVpomp4HBIw8Fm9ffJ+UKyUjFzVfpGHD/EIjuAb DWeHeRxQsRA05rAVPLbc3g2c6FFOXbMkCT8y0Ar30fxUVilC5TF7cfELeXoTIQK4bd 3DqsHevxGczgHxqVC+99QghkML6V5BxwjyPgWZSc=
X-Authentication-Warning: Host [] claimed to be []
From: Ben Campbell <>
Message-Id: <>
Content-Type: multipart/signed; boundary="Apple-Mail=_B91DC9F7-B7BE-4316-80BA-7339412AD4DD"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Subject: =?utf-8?Q?Re=3A_Proposed_IESG_Statement_on_the_use_of_the_?= =?utf-8?Q?=E2=80=9CUpdates=E2=80=9D_header?=
Date: Thu, 7 Feb 2019 01:18:50 -0600
In-Reply-To: <>
Cc: The IESG <>
References: <>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Feb 2019 07:18:57 -0000

Hi Everyone,

I would like to bring some closure to this discussion.

The IESG has discussed the feedback from this thread. We heard that a number of people would like “Updates” to mean something more formal, such as a normative change, or an update that means implementers need to make changes. We heard that some are concerned that we are focusing too much on the standards track. We heard from others supporting the more informal interpretation that we originally proposed. We did not hear a clear consensus.

At this point, a formal IESG statement does not seem warranted. However, we would like to remind everyone that different people make different assumptions about what it means for one RFC to update another. The important thing is for a given RFC to make its intent clear. We suggest that authors and working groups consider including such explanations early and prominently in documents that purport to update RFCs.

The IESG recognizes that there would be value in being able to express a more formal “updates” relationship. At the same time, there is value in allowing an informal “see also” or “For Your Information" (FYI) relationship. We are considering starting work to create a new “FYI” relationship to be used for the less formal situations. Please watch this space for updates.


Ben (Campbell).

> On Sep 11, 2018, at 10:55 AM, Ben Campbell <> wrote:
> Hi Everyone,
> There have been several discussions lately about the use and meaning of the “Updates” header in RFCs, and the resulting “Updates”/“Updated by” relationships. The IESG is thinking about making the following statement, and solicits feedback.
> Thanks!
> Ben.
> --------------------------------------------
> There has been considerable confusion among the IETF community about the formal meaning of the “Updates” / "Updated by" relationship in IETF stream RFCs. The “Updates” header has been historically used for number of reasons of various strength. For example, the “Updates” header may be used to indicate critical normative updates (i.e. bug fixes), optional extensions, and even “additional information”.
> The IESG intends these headers to be used to inform readers of an updated RFC that they need to be aware of the RFC that updates it. The headers have no formal meaning beyond that. In particular, the headers do not, by themselves, imply a normative change to the updated RFC, nor do they, by themselves, imply that implementers must implement the updating RFC to continue to comply with the updated one.
> The specific reasons that a given RFC updates another should be described in the abstract and body of the new RFC. The level of detail may differ between the abstract and the body; typically an abstract should contain enough detail to help readers decide if they need to read the rest of the RFC. The body should contain enough detail for readers to fully understand the nature of the update.
> The importance of including an “Updates” header depends on the nature of the update. Normative updates that do not use a known extension point should always include an “Updates” header. Extensions that do use known extension points do not typically need to include the “Updates” header, but may in cases where it’s important to make the extension known to readers of the original RFC. Other uses of “Updates” may be appropriate when it’s important for readers to know about them; for example a new RFC may expand security or operational considerations in a way that is not normative, but still important.
> RFCs that fully replace other RFCs should typically use the “Obsoletes” header rather than the “Updates” header. The “Updates” header should be used to flag updates to published RFCs; it is not appropriate to “Update” an Internet-Draft.