Re: [secdir] SECDIR review of draft-leiba-cotton-iana-5226bis-08

Barry Leiba <> Tue, 11 November 2014 04:28 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id D67671A88C0; Mon, 10 Nov 2014 20:28:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cnMjZhu3HGoc; Mon, 10 Nov 2014 20:28:47 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5D3971A88F0; Mon, 10 Nov 2014 20:28:46 -0800 (PST)
Received: by with SMTP id pn19so8914468lab.32 for <multiple recipients>; Mon, 10 Nov 2014 20:28:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=noUf3TnbBvkxl7lbPTHRLP/v146AiPRqzyadUinLNd4=; b=X5l1Iw7asw4n120Ogfg3Lg7QQBGPUA+P1OjFishVKi2x1F0DSErXNivC5hkN//wL+4 TgabH4BCjFsrZg/ja1W+Y0JDSaPzWLDCmYTuvkq642qiRZNVywtxWyIuXf3Y+eR4tsMu Vpqz/mUsudF3kGRdewZrbCh2FdOS3LrK9DQRuo9mZtyfDQdgIj+s52HVTdOLSk1wVKG0 XC4QYvfsJsUBqshc0WDfGJGG+NHm/yJYMkMqdXRtrQSAmRSiM8uyzMVlgGdU4XrmzgQb onatMrgi5URVtIMw7qeWmBj9qNNl1SKYcn1fs8eiAunDu+CkULVXcZll4F2Vcc3Zch9E 5zXQ==
MIME-Version: 1.0
X-Received: by with SMTP id p1mr7045488lah.78.1415680124356; Mon, 10 Nov 2014 20:28:44 -0800 (PST)
Received: by with HTTP; Mon, 10 Nov 2014 20:28:44 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <>
Date: Mon, 10 Nov 2014 18:28:44 -1000
X-Google-Sender-Auth: Vhq8UfVaU2-vHXmOUUIxkt3Sy2A
Message-ID: <>
From: Barry Leiba <>
To: Donald Eastlake <>
Content-Type: text/plain; charset=ISO-8859-1
Cc: "" <>, "" <>, "" <>
Subject: Re: [secdir] SECDIR review of draft-leiba-cotton-iana-5226bis-08
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Nov 2014 04:28:48 -0000

> I'm OK with an unspecified strictness order. But I think "Expert
> review with significant, stable public documentation." is highly
> misleading. In the absence of express additional criterion,
> Specification Required constrains the expert to only judging whether
> or not the documentation is sufficient. It should say "Significant
> stable public documentation sufficient for interoperability." or
> something like that.

I can live with that.  Shall I make the changes, with that modification?

>      Have you ever been in the position of seeking a code point
> assignment when you believed the relevant expert was both
> unconstrained by any specific guidelines and actively hostile to your
> effort? I have and I can tell you I would have loved for the criterion
> to be a simple Specification Required. So this may color my thinking.

And that's why this version of BCP 26 is much stronger than the RFC
5226 version with respect to guidance for the designated expert.  And
I know that several of us on the IESG now are pushing that, strongly
asking for DE guidance (often to the puzzlement of the document
authors, who aren't sure what we're looking for).  I think the reason
guidance is often lacking is exactly because it's obvious to the
people writing the document what the DE should be considering, and the
problems happen much later.

All that said, the current IESG is not the future IESG, and there may
come a time when we again have an IESG that doesn't push on this point
at all.  Which is why it's good to have the strong push for DE
guidance baked into BCP 26.