Time required to write down "wisdom" (Re: "Adult supervision")

Spencer Dawkins spencer at mcsr-labs.org
Wed May 7 16:57:56 CEST 2003 

Dear Keith,

Call me naive ("ok, you're naive"), but I think your experience, and
Harald's experience with IAB security considerations guidelines, argues for
quick Informational RFC publication, followed by BCP wrangling if necessary.

Spencer

p.s. I'm asking as an individual, but I think the editor's team would like
to hear comments on whether documents are "still getting stuck in limbo for
months at a time". We're trying to make sure that the problems we're listing
are still problems, and not hangovers from previous problems that went
away...

----- Original Message -----
From: "Keith Moore" <moore at cs.utk.edu>
To: "Spencer Dawkins" <spencer at mcsr-labs.org>
Cc: <moore at cs.utk.edu>; <problem-statement at alvestrand.no>
Sent: Wednesday, May 07, 2003 3:25 PM
Subject: Re: Time required to write down "wisdom" (Re: "Adult supervision")


> > p.s. I don't know who is playing the part of Keith Moore on this
> > mailing list, but the Keith Moore I know is listed as the author of
> > RFC 3205/BCP56,"On the use of HTTP as a Substrate", exactly the type
> > of document that we're saying is too laborious for sitting ADs to
> > produce. It's an excellent document. I am now officially confused.
>
> Thanks.  As you might have surmised, I'm speaking from experience when I
> say it's difficult to get those documents published as RFCs.
>
> The first draft of that document was written on 5 August 1998.  It
> wasn't published until February 2002, which was far too late to
> influence the groups for which it was originally intended to provide
> advice (though of course they did have access to the I-D).  The
> document generated a lot of controversy and strong reaction, both
> inside and outside of IETF, and significant resources were required to
> respond to the objections.  Part of the controversy was from parties who
> simply didn't want to be told how to use HTTP ("we'll do whatever we
> want over port 80 because that's what we need to circumvent
> firewalls, and furthermore we insist on being able to implement our
> protocol using libraries that were written to facilitate retrieval
> of web pages").   Part of it was due to strong philosophical
> differences between those who saw HTTP as an application, and those who
> saw it as a general means of providing access to arbitrary resources, as
> in web services or SOAP.  Even so the final wording of the document was
> (IIRC) fairly close to the original. It just took LOTS of time to
> understand where the differences came from and to identify the minor
> wording changes necessary to address those people's concerns.
>
> The document also got stuck in limbo for months at a time, when it was
> unclear who had the ball for the document or whether a particular set of
> concerns had been addressed to that party's satisfaction.  (there was a
> bit of discussion on w3c's TAG list for instance, which I didn't become
> aware of for some time, and I ended up joining that list for awhile so
> that I could explain why the document said the things that it did.  even
> then, it was hard to know whether the concerns had been addressed.)
>
> Keith

More information about the Problem-statement mailing list