An update.
I wrote:
Well actually there is confusion about this, which is in part why
there is a debate. We've already seen one working group chair
expecting the IESG to take actions on documents based on this
statement of principle. And so some care is therefore required.
The group I had in mind was HTTPBIS.
Here is a snipit from a message from Mark Nottingham who is chair of the
HTTPBIS working group today:
The wild card in all of this is draft-farrell-perpass-attack. If that
document gains IETF consensus, we'll need to demonstrate that we've at least
considered pervasive monitoring as a threat, and can explain why we have
taken the approach we have.
In my opinion, that is PRECISELY what needs to happen. WGs should "show
their work" that they have conscientiously considered the matter of
pervasive monitoring. A more generalized form of the above text in the
document would be very helpful.
Eliot