>>>>> "Eric" == Eric Rescorla <ekr@xxxxxxxx> writes: Eric> bad decisions we have a mechanism for unseating them. Eric> 3. Decisions of the IAOC should be appealable (following the Eric> usual 2026 appeal chain) on the sole grounds that the IASA's Eric> processes were not followed. Those decisions should NOT be Eric> appealable on the grounds that the decisions were simply bad Eric> ones. Eric> I recognize that point (3) above is somewhat controversial, Eric> so I'll attempt to justify it a bit. The simple fact is that Eric> the IASA (both IAD and IAOC) will be constantly making Eric> business decisions and if we are to keep the job manageable Eric> (and in the case of IAD keep the costs down) they have to Eric> know that they will not be constantly second-guessed by the Eric> community on what kind of cookies they purchased. I agree so far. However people seem to be making a jump I don't agree with from they should not be constantly second-guessed to they should never be second-guessed. The problem with constant second-guessing is that it takes up too much time and resources, not that it doesn't sometimes improve quality of decisions. So, my goal is to find the minimal restriction that prevents a resource consumption attack against the IASA in practice. I'd prefer to err on the side of allowing a resource consumption attack and fixing it later than on the side of being too restrictive in what review we allow. Eric> If the Eric> community feels very strongly that the wrong kind of cookies Eric> were purchased then they can ask for a rule demanding Eric> chocolate chip, and in the worst case pass a chocolate chip Eric> cookie RFC. That's one way to look at it. And if that's the only way we can make forward progress it's better than not making forward progress. Eric> There's a parallel here in the RFC 2026 appeals Eric> process. While the IAB and IESG can review a decision both Eric> for process violations AND for technical merit, the ISOC BOT Eric> is extremely constrained in that it can only provide limited Eric> procedural review (S 6.5.3) Eric> Further recourse is available only in cases in which the Eric> procedures themselves (i.e., the procedures described in Eric> this document) are claimed to be inadequate or insufficient Eric> to the protection of the rights of all parties in a fair and Eric> open Internet Standards Process. Claims on this basis may Eric> be made to the Internet Society Board of Trustees. The Eric> President of the Internet Society shall acknowledge such an Eric> appeal within two weeks, and shall at the time of Eric> acknowledgment advise the petitioner of the expected Eric> duration of the Trustees' review of the appeal. The Eric> Trustees shall review the situation in a manner of its own Eric> choosing and report to the IETF on the outcome of its Eric> review. Eric> The Trustees' decision upon completion of their review Eric> shall be final with respect to all aspects of the dispute. Eric> It seems to me that this is a good model to follow for IASA. OK. I don't like this model because I don't believe it is minimal restrictive. I'd like to cite another parallel from RFC 2026. Under RFC 2026 section 6.5, the IAB does not have the power to assert a specific decision, only to void an existing decision. I'd rather see limits on what the results of a review can be than on the subject matter of reviews. I think that is a more minimal restriction and believe it will be sufficient to avoid DOS concerns. --Sam _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf