On 6/28/23 2:23 PM, John Scudder wrote:
On Jun 28, 2023, at 4:31 PM, Michael Thomas <mike@xxxxxxxx> wrote:
My main problem is how the IESG failed so badly to not catch this. I
mean, how can the advice "bad guys should be good" get through review of
a BCP?
For what it’s worth, I see two IESG members did acknowledge the issue you raise while the document was being evaluated [1], even using language very similar to your comment quoted above. Adam Roach’s ballot says,
"The thesis of this document seems to be that bad actors can access authentication information that gives them broader or more durable authorization than is intended; and appears to want to mitigate this predominantly with a single normative statement in a BCP telling potential bad actors to stop doing the one thing that enables their shenanigans. For those familiar with the animated series "The Tick," it recalls the titular character yelling "Hey! You in the pumps! I say to you: stop being bad!" -- which, of course, is insufficient to achieve the desired effect."
and Ben Campbell’s ballot says "I agree with Adam's general sentiment about detection of bad behavior vs asking people not to be bad.”
This is baffling to me that they'd relent. Maybe Adam or Ben can comment
if they're listening.
Adam’s ballot goes on to note that, "I see that there is nevertheless "strong consensus" to publish the document”. This gets to the heart of the matter: it’s not in the IESG’s remit to substitute their preferences for IETF consensus, which is what I take Adam to be ruefully acknowledging. For similar reasons, to your earlier,
Strong consensus shouldn't be a reason to relent. I mean, why have the
IESG review it at all if a discuss can be overridden by "strong
consensus". When I brought this up in the wg way back then (ie, ~2013),
it sort of reminded me of an echo chamber which happens to some wg's
from time to time -- it wasn't just the main author raining fire on me.
I've always thought of the IESG as sort of a backstop for when that
happens along with its function of tightening things up. I guess it also
begs the question of why it was allowed into their charter in the first
place.
On Jun 22, 2023, at 3:09 PM, Michael Thomas <mike@xxxxxxxx> wrote:
IESG should move that terrible take to historic.
It’s also not in the IESG’s remit to unilaterally reclassify documents. The normal way of doing that is (as AB hints) for someone to write a short Internet Draft called “Reclassification of RFC foo as Historic” or the like, and progress it through the normal process. You can easily find examples by searching the RFC archive for the string “historic” in the title. Of course, part of “the normal process” involves getting IETF consensus to publish.
What is the venue for such a draft? If it's the OAUTH wg itself, that
seems like a pretty pointless effort since: "strong consensus".
It also may be interesting to look at the email follow-up to Adam’s ballot [2] although for all I know it may only be rehashing positions you’re already aware of.
So while you may view the document as wrong-headed, it was evidently not approved in ignorance of your point nor do the document authors appear to have minimized or disregarded it.
Well, it did make it through so regardless it was still a process
failure. It's even more of a process failure if it was evident at the time.
Allowing useless or harmful BCP's to go out makes a bad situation worse
because it gives an air of legitimacy.
Mike