Paul:
You have asked a question in a manner that assumes a technical assessment can
be made. I do not think that is the situation. Instead, I think the question
is whether the IETF is the proper organization to write a BCP about protocol
requirements for root servers and RSSAC is the right organization to write a
document about operational requirements for root servers. In short, this more
of a political question than a technical one. Back when RFC 2870 was written,
the IETF (rightly or wrongly) included both requirement sets in the same
document.
From my perspective, IETF is the proper organization to write a BCP about
protocol requirements.
RSSAC has been going through a restructuring process. Assuming that a
functional organization emerges from that process, RSSAC will be a fine
organization to handle the operational requirements.
Russ
On May 24, 2014, at 12:47 PM, Paul Hoffman wrote:
This message covers a procedural problem with draft-iab-2870bis obsoleting
RFC 2870.
On May 22, 2014, at 9:34 AM, Joe Abley <jabley(_at_)hopcount(_dot_)ca> wrote:
I understand that RSSAC have made recent progress on that document, and that
it will appear soon. I would presume that the RFC Editor would hold final
publication of this document, once approved, until that reference showed up,
as is the case for references to IETF documents. I don't know whether that's
a good presumption though. I just thought I'd mention it as a plausible
workflow.
From the draft:
The operational requirements are defined in [RSSAC-001].
. . .
This document and [RSSAC-001] together functionally replace [RFC2870].
Note that it is only this draft that obsoletes RFC 2870. RFC 2870 (which is a
BCP) has protocol, deployment, and operational requirements, but it's title
says only "Operational". This draft explicitly has no "operational"
requirements: those are in a different, as-yet unpublished, non-RFC-track
document.
This IETF LC is asking us to obsolete a BCP with a draft that is arguably on
a different topic, with the real replacement not yet published, and that will
not even be published as an RFC. How can we decide whether or not the
important parts of RFC 2870 are dealt with?
To be clear: draft-iab-2870bis covers the relevant protocol and deployment
requirements. (There are some issues with those short lists; I'll cover those
in a separate message.) But that is not sufficient for *this draft* to
obsolete a BCP like RFC 2870 unless we know that the operational parts of RFC
2870 are covered somewhere else.
--Paul Hoffman