Re: [GNAP] GNAP Editors' Use of GitHub Issues

[Justin Richer <jricher@mit.edu>]

The editors met again today to process some more of the outstanding issues. The following issues have been added to the queue for pending close with the same Dec 11th deadline as the first set (that’s next Friday). Editors’ comments are included on GitHub.

Pending Close:

* JWS Headers for JOSE-based signature methods
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/106
* Key redundancy in DPoP method
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/111
* Fragility of JOSE-based signature methods
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/108
* Detached-JWS Header, 
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/107
* Create more examples of interaction modes
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/52
* Splitting the “claims” request
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/63
* Response Extensions
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/80
* Provide guidance for defining new interactions
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/61
* Guidance for Grant Request Extensions
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/65
* Privacy considerations of returned user information
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/74
* Alignment with RAR
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/34
* Non-role protocol elements
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/33

Needs Text:
* Updating and reading access tokens
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/99

The editors believe that this list list now includes all of the issues filed that represent items that are mostly just comments on the state or history of the protocol as extracted from Editor’s Notes, as discussed in #128.

https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/128

The goal of this exercise, as stated in #128, is to clean out the clutter of the issue backlog and allow us to focus on specification text, issues, and features. Note that for these marked issues, closing the issue is not an indication that a final decision has been made to exclude a feature or option. However the editors determined that the issues as written did not incorporate actionable text or sufficient use cases to move forward at this time. If future discussions wish to raise any of these issues again, particularly additional features, they can do so with more explicit context and a concrete way forward, and link back to these historical items.

Additionally, several of these were determined to be part of larger discussions, and so separate issues have been raised to incorporate them:

* Terminology
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/29
* Security considerations
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/135
* Guidance for extensions
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/134
* Privacy considerations
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/133
* Claim extensions
** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/131

Note that other issues are also being processed in addition to this clean-up effort, so please keep an eye out for pull requests and discussions on those. Also please note that if you :support: a change in a pull request, it’s helpful to the group if you comment as such, or leave an “approved” review using the GitHub issue tracker.

Finally, the editors are working on a proposed update to the use of the “proposed” tag based on working group feedback, and we’ll update shortly with those details.

Thank you,
 — Justin, Aaron, and Fabien

> On Nov 25, 2020, at 11:36 AM, Aaron Parecki <aaron@parecki.com> wrote:
> 
> The editors met yesterday to discuss the issues that were pulled out of the previous draft text and document a process for how to resolve these and future issues. We would like to explain how we plan on using labels on GitHub issues to keep track of discussions and keep things moving.
> 
> When there are substantive issues or pull requests, the editors will avoid merging or closing those outright, and instead mark them as "pending", so that these can be brought to the attention of the larger group. If no additional discussion happens on these, the merge or close action will be taken in 7 days. Note for this first round we are setting the deadline for the issues below as Dec 11th due to the US holiday and the fact that this is the first time using this process.
> 
> "Pending Merge"
> When specific text is proposed in a PR (by anyone, not limited to the editors), and the editors believe this text reflects the consensus of the working group, this marks that the PR will be merged in 7 days unless there is a clear alternative proposal accepted by the working group.
> 
> "Pending Close"
> When the editors believe an issue no longer needs discussion, we'll mark it "Pending Close". The issue will be closed in 7 days unless someone brings new information to the discussion. This tag is not applied to issues that will be closed by a specific pull request.
> 
> There are two additional labels we will use to flag issues to the group.
> 
> "Needs Text"
> The editors suggest this issue needs additional text in the spec to clarify why this section is needed and under what circumstances. Without a concrete proposal of text to be included in the spec, this section will be removed in a future update.
> 
> "Postponed"
> This issue can be reconsidered in the future with a more concrete discussion but is not targeted for immediate concrete changes to the spec text. When used on its own, this label does not indicate that an issue is targeted to be closed. An issue may also be marked "Pending Close", and this is used so that we can distinguish closed issues between discussions that have concluded or things that we may want to revisit in the future. Remember that closed issues are not deleted and their contents are still findable and readable, and that new issues can reference closed issues.
> 
> With these labels in mind, here are the list of issues and their statuses we were able to discuss on our last editor's call. The action on these pending issues will be taken on Dec 11th to give the group enough time to review this list. For this first round, many of the issues are marked "Pending Close" as we're looking for low hanging fruit to prune the list of issues down. In the future, you can expect to see more "Pending Merge" issues as we're bringing proposed text to review by the WG.
> 
> Postponed:
> 
> * Generic claim extension mechanism
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/131 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/131>
> 
> Pending Merge:
> 
> * Make access token mandatory for continuation API calls
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/129 <https://github.com/ietf-wg-gnap/gnap-core-protocol/pull/129>
> 
> Postponed and Pending Close:
> 
> * Fetchable Keys
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/47 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/47>
> * Including OpenID Connect Claims
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/64 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/64>
> * Application communication with back-end
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/82 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/82>
> * Additional post-interaction protocols
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/83 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/83>
> 
> Pending Close:
>     
> * HTTP PUT vs POST for rotating access tokens
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/100 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/100>
> * Use of hash with unique callback URL
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/84 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/84>
> * Interaction considerations
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/81 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/81>
> * Expanding dynamic reference handles
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/76 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/76>
> * Post interaction callback nonce
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/73 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/73>
> * Unique callback URIs 
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/55 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/55>
> * Instance identifier
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/46 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/46>
> * Requesting resources by reference
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/36 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/36>
> * Mapping resource references
> ** https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/35 <https://github.com/ietf-wg-gnap/gnap-core-protocol/issues/35>
> 
> ---
> Aaron Parecki
> https://aaronparecki.com <https://aaronparecki.com/>
> 
> -- 
> TXAuth mailing list
> TXAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/txauth