Re: TLS WG Chair Comments on draft-ietf-tls-authz-07

From: Tim Polk <tim.polk at nist.gov>
To: Eric Rescorla <ekr at networkresonance.com>
Cc: draft-housley-tls-authz-extns at tools.ietf.org, iesg at ietf.org, ietf at ietf.org
Date: Wed, 11 Feb 2009 14:37:55 -0500
In-reply-to: <20090211053342.C765E50822 at romeo.rtfm.com>
References: <20090211053342.C765E50822 at romeo.rtfm.com>

Eric & Joe,

In retrospect, I certainly should have consulted with the TLS WG before

initiating yet another Last Call. I failed to do so because thecontroversy

had not centered on technical questions, but a great deal of time has
passed, and the mechanism is clearly relevant to the scope of your
working group.  I appreciate the course correction, as I did not intend
to perform an end around.

I will rectify the situation this week and request that the TLS WGreview

the document to gauge interest in this area.  I would be delighted to
learn that the TLS WG is now interested in pursuing work in the
authorization space.  I have always thought that would be the best
course of action.  An important metric for working group interest
would be availability of an editor, since the lead editor for authz does
not have the necessary cycles available for active editorship.

In this case, I would ask the WG chairs to support approval of
draft-housley-tls-authz as experimental, with a hold in the RFC queue
until the the WG document  is ready for publication.  When completed,
the WG document would include an appendix that moves

draft-housley-tls-authz to historic. In this way, draft-housley-tls-authz

would not appear as an RFC until the standards track document is
also an RFC, and would always be designated historic.  (This is
consistent with the recent handling of personal drafts in several other
working groups.)

If the working group decides not to pursue this work, I will *not*ask the

IESG to approve for standards track.  After two years as AD, I have my
own reservations about advancing individual submissions as standards

track. (It has been problematic almost every time!) I am not readyto set

a hard and fast rule, but opposition from the relevant wg chairs would

seem to be an important indicator. :) I will consider requestingapproval

as Experimental, *contingent on the consensus call* of course.

I am unsure what course is best if the working group decides to pursue
authorization work but the authors decline to submit the document to the
working group a second time.  Hopefully, that set of conditions will not
come to pass.

Again, my apologies for the process failure (at least in spirit).Thanks for

responding, and I look forward to hearing the results of the TLS WG
discussions.

Thanks,

Tim Polk

On Feb 11, 2009, at 12:33 AM, Eric Rescorla wrote:

[Resent with proper addressing information]

As chairs of the TLS Working Group, we request that the IESG not
approve draft-ietf-tls-authz-07 as a Proposed Standard. This document
was initially brought to the TLS WG, which passed on it due to lack of
interest and it was subsequently advanced as an individual submission,
but IESG approval was rescinded after the disclosure of IPR that
affected the document. These events occurred in late 2006 and early
2007. In the nearly two years since the previous attempts at
progressing the document, the authors have not coordinated with the
TLS WG. The TLS WG was not consulted prior to the start of this new
Last Call.

Although we recognize that opinions vary about the wisdom of advancing
documents as individual submissions, this does not seem like an edge
case to us. First, there is a functioning, relevant, working group:
TLS. While it is true that the WG did not object to advancement two
years ago, that was with the impression that it would be
uncontroversial, which clearly is not the situation. On the contrary,
the IPR situation remains quite unclear and there are also technical
issues with the document (see Eric Rescorla's separate review), as
well as at least one part of the document which is obsoleted by RFC
5246.  These factors provide substantial evidence that the document
would benefit from the Working Group process.

If the authors wish to advance the document on the standards track,
the appropriate path is to submit it to the TLS WG as a work item. TLS
WG has the appropriate participation and skills to evaluate the need
for this work and the suitability of this document.  If there is
sufficient support for work in this area (including the usual RFC 3979
IPR Evaluation), then it can advance through the standards track via
the WG process. If the authors don't wish to go through the WG
process, we do not oppose advancement of this document as
Experimental. However, we do not believe that advancing a two year old
document which is clearly in scope of an active WG is an appropriate
use of the individual submission process. Therefore we urge the IESG
not to approve this document.

Eric Rescorla
Joe Salowey
[TLS WG Chairs]

Follow-Ups:
- Re: TLS WG Chair Comments on draft-ietf-tls-authz-07
  - From: SM

References:
- TLS WG Chair Comments on draft-ietf-tls-authz-07
  - From: Eric Rescorla

Prev by Date: Re: draft-housley-tls-authz-extns-07.txt to Proposed Standard
Next by Date: TLS authorization standard
Previous by thread: RE: TLS WG Chair Comments on draft-ietf-tls-authz-07
Next by thread: Re: TLS WG Chair Comments on draft-ietf-tls-authz-07
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: TLS WG Chair Comments on draft-ietf-tls-authz-07

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.