Ned Freed <ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
Sam Hartman writes:
David filed the following discuss on Brian's draft to rescind 3683.
David is concerned that the IETF consensus is not strong enough to
approve this draft.
We definitely could use your feedback on this issue.
I am already on record as opposing the adoption of an earlier version
of this draft. I see nothing in the current version that would cause
me to change my position.
I'm afraid that neither Ned nor I have anything to add to or subtract
from the "strength of consensus" on this issue. However, last call has
started, and we must tolerate a certain amount of repetition. If _any_
of us start flaming, please call us to task...
I just noticed another serious problem with this draft that I don't
think anyone has commented on previously.
Indeed, though I noticed it beore the first I-D was even published,
I have not commented previously. But at Ned's prompting, I shall.
RFC 3683 defines _two_ different types of Posting Rights Actions
(PR-Actions): Ones to rescind posting rights and ones to _restore_
previously rescinded rights...
Indeed. Both, inevitably, will prove contentious. I strongly
recommend obsoleting both.
Whether or not we obsolete RFC 3683, I'd be surprised if any AD
will want to restore "posting rights" for the folks involved. But if
RFC 3683 remains in force, AD's will surely be asked to start a
process to restore rights. Can we be sure how they'll reply?
If we ever do have ADs interested in restoring the rights, I quite
specifically do _not_ want to repeat the denial-of-service attack on
this list.
IMHO, the strong majority of IETF participants are willing to let
the IESG design a process to deal with these two special cases _if_
the occasion even arises!
So the two (?) existing PR-Actions will remain in effect, but the
mechanism to rescind those PR-Actions will be gone if RFC 3693 is
obsoleted.
Exactly! That mechanism to restore rights is a bad mechanism.
I really don't think this is an acceptable state of affairs - either
the restoration mechanism has to be retained or the current PR-Actions
would have to be terminated...
Ned's view is too limited: there are many other ways to handle this.
He is seeing _only_ two ways; and those two are pretty close to the worst
I can imagine.
In order to address David's concern, I'm going to last call the draft
again. The last call will will include two specific questions.
First, I'll ask whether people support restoring the IESG/AD's ability
to make longer than 30-day suspensions and to engage in alternate
methods of mailing list control as described in RFC 2418.
I have no problem with restoring this ability, but I do note that this
doesn't return things to the pre-RFC 3934 state...
I agree with Ned on both points here. I strongly support more options
for ADs. The draft being last-called is the product of negotiations
among IESG members. I quite agree it doesn't return to exactly where we
were; but I believe other considerations are more important.
I think what this draft describes is a reasonable thing to have, but
IMO it is not a substitute for RFC 3683.
It does not attempt to be a "substitute". It attempts to give needed
power to WGCs, subject to review by ADs under rules established by the
IESG. I believe this is what most folks want; and I do not believe that
most folks want to be subjected to lengthy arguments whether so-and-so
is a bad person.
Second, I'll ask whether people support rescinding RFC 3683.
This is where my problem lies. In the absence of a mechanism with
characteristics similar to RFC 3683, I cannot support rescinding it.
And, no surprise, I cannot support keeping a mechanism which generates
denial-of-service-like situations on this mailing-list and within the
IESG.
David Kessens writes:
I don't see that there is IETF wide consensus on this draft at all.
Based on that, I don't believe that this document should be published.
I agree with David here. Unless the IESG is in receipt of a large number
of favorable comments sent privately, I don't believe the necessary
consensus exists.
Most last-calls generate few comments. It's common for the IESG to
review negative comments and decide to publish the RFC anyway. I suspect
the IESG members have private conversations to help them decide whether
issues raised in the negative comments are serious enough to block
publication. (Goodness knows, I've had enough of _my_ negative comments
determined to be "not serious enough".)
Truth is, neither Ned nor I are charged to decide what is "serious
enough".
The biggest general problem is that this draft does two things at the
same time:
- it rescinds 3683
- it allows longer than 30 day mailing list posting suspension
From a management perspective, these actions would normally be used
together: eg. 3883 actions would only be used after longer than 30
day mailing list suspension have been tried and were unsuccessful.
David has had quite a while to propose an I-D to allow that. There
has been no such proposal. If one emerges, I'll be happy to comment on
it; but unless it actually _required_ say 90-day suspensions to have
been tried and failed, I'd worry about denial-of-service on the lists.
From a process perspective, it seemed more appropriate to separate
both issues. For example, I suspect that longer mailing list
suspensions are actually not controversial.
Exactly. This document attempts to do too much at once and conflates
things that should be separate.
Nobody has proposed them separately. I'd _much_ rather not react to
something which hasn't even been proposed.
The devil in these things is always in the details,
I absolutely agree!
and the fact that problems like what I pointed out above are still
turning up argues quite strongly that even if you agree with the goal
(which I don't) the approach here is fatally flawed.
I hope I've explained the first "flaw" Ned mentioned. I there's
another, I'm willing to explain it too. But we need to understand that
"perfect" procedures simply don't happen except by iteration, with a
serious commitment by all involved to improve things.
I see no "fatal" flaws here.
It is haphazardous at best to rescind one control mechanism and to
replace it with one that leaves non working group mail management
completely out in the dark, especially considering that we have had
most problems recently on non working group mailing lists and that the
only PR actions that were taken were specifically used to deal with
issues on non working group lists.
This, IMHO, is David's strongest point. But I believe we have to,
first, get RFC 3683 out of the way, and second, look at why we've found
ourselves discussing P-R actions when possibly honest differences of
opinion arise (by which I mean only that Dean Anderson and JFC Morfin
appeared to honestly believe what they were saying).
Another reason what's being proposed is not a substitute for RFC 3683.
I don't believe we _know_ the right apprach for non-WG lists. I
strongly support trying the geometrically-increasing suspensions being
tried on <ietf(_at_)ietf(_dot_)org>
We need experience with such ideas before we can claim to have a
solution for non-WG lists. We should not hold up Brian's proposal in
search of a perfection which may be beyond our reach.
--
John Leslie <john(_at_)jlc(_dot_)net>
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf