That bothers me a tiny bit. A missed downref could have security
implications.
I agree, but I contend that this doesn't make it any more likely that
we'll miss a downref. In fact, this change is only operable when we
*don't* miss it -- it simply gives the IESG judgment on whether last
call needs to be repeated when we catch it. And the Security ADs will
certainly have a say in that, if they think that broader review of the
downref is warranted for security checking.
True. How about s/related/directly related/ ? But I certainly don't insist.
Well, as I think about it, I might just put in a note that references
to immature protocols can have security implications, and that should
be considered in deciding whether re-consulting the community is
useful.
b