Re: TLS WG Chair Comments on draft-ietf-tls-authz-07

[Tim Polk <tim.polk@nist.gov>]

Eric & Joe,

In retrospect, I certainly should have consulted with the TLS WG before
initiating yet another Last Call.  I failed to do so because the  
controversy
had not centered on technical questions, but a great deal of time has
passed, and the mechanism is clearly relevant to the scope of your
working group.  I appreciate the course correction, as I did not intend
to perform an end around.

I will rectify the situation this week and request that the TLS WG  
review
the document to gauge interest in this area.  I would be delighted to
learn that the TLS WG is now interested in pursuing work in the
authorization space.  I have always thought that would be the best
course of action.  An important metric for working group interest
would be availability of an editor, since the lead editor for authz does
not have the necessary cycles available for active editorship.

In this case, I would ask the WG chairs to support approval of
draft-housley-tls-authz as experimental, with a hold in the RFC queue
until the the WG document  is ready for publication.  When completed,
the WG document would include an appendix that moves
draft-housley-tls-authz to historic.  In this way, draft-housley-tls- 
authz
would not appear as an RFC until the standards track document is
also an RFC, and would always be designated historic.  (This is
consistent with the recent handling of personal drafts in several other
working groups.)

If the working group decides not to pursue this work, I will *not*  
ask the
IESG to approve for standards track.  After two years as AD, I have my
own reservations about advancing individual submissions as standards
track.  (It has been problematic almost every time!)  I am not ready  
to set
a hard and fast rule, but opposition from the relevant wg chairs would
seem to be an important indicator.   :)  I will consider requesting  
approval
as Experimental, *contingent on the consensus call* of course.

I am unsure what course is best if the working group decides to pursue
authorization work but the authors decline to submit the document to the
working group a second time.  Hopefully, that set of conditions will not
come to pass.

Again, my apologies for the process failure (at least in spirit).   
Thanks for
responding, and I look forward to hearing the results of the TLS WG
discussions.

Thanks,

Tim Polk

On Feb 11, 2009, at 12:33 AM, Eric Rescorla wrote:

> [Resent with proper addressing information]
>
> As chairs of the TLS Working Group, we request that the IESG not
> approve draft-ietf-tls-authz-07 as a Proposed Standard. This document
> was initially brought to the TLS WG, which passed on it due to lack of
> interest and it was subsequently advanced as an individual submission,
> but IESG approval was rescinded after the disclosure of IPR that
> affected the document. These events occurred in late 2006 and early
> 2007. In the nearly two years since the previous attempts at
> progressing the document, the authors have not coordinated with the
> TLS WG. The TLS WG was not consulted prior to the start of this new
> Last Call.
>
> Although we recognize that opinions vary about the wisdom of advancing
> documents as individual submissions, this does not seem like an edge
> case to us. First, there is a functioning, relevant, working group:
> TLS. While it is true that the WG did not object to advancement two
> years ago, that was with the impression that it would be
> uncontroversial, which clearly is not the situation. On the contrary,
> the IPR situation remains quite unclear and there are also technical
> issues with the document (see Eric Rescorla's separate review), as
> well as at least one part of the document which is obsoleted by RFC
> 5246.  These factors provide substantial evidence that the document
> would benefit from the Working Group process.
>
> If the authors wish to advance the document on the standards track,
> the appropriate path is to submit it to the TLS WG as a work item. TLS
> WG has the appropriate participation and skills to evaluate the need
> for this work and the suitability of this document.  If there is
> sufficient support for work in this area (including the usual RFC 3979
> IPR Evaluation), then it can advance through the standards track via
> the WG process. If the authors don't wish to go through the WG
> process, we do not oppose advancement of this document as
> Experimental. However, we do not believe that advancing a two year old
> document which is clearly in scope of an active WG is an appropriate
> use of the individual submission process. Therefore we urge the IESG
> not to approve this document.
>
> Eric Rescorla
> Joe Salowey
> [TLS WG Chairs]