Re: Call for review of proposed update to ID-Checklist

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




--On Wednesday, 09 July, 2008 10:19 -0400 Thomas Narten
<narten@xxxxxxxxxx> wrote:

> And on the particular question of example DNS names:
> 
> 
>> 6.  Addresses used in examples SHOULD use fully qualified
>> domain names instead of literal IP addresses, and SHOULD use
>>     example fqdn's such as foo.example.com instead of
>>     real-world fqdn's. See [RFC2606] (Eastlake, D. and A.
>>     Panitz, "Reserved Top Level DNS Names," June 1999.) for
>>     example domain names that can be used.
> 
> Why the SHOULD? Presumably, because you don't want naive folk
> to take the examples in the RFC and use them in local config
> files and such, causing problems or other undesirable effects
> when they (unexpectedly) get used in the real world..
> 
> But in cases where this really is not a concern, there is also
> presumably not a need to _require_ use of the example names.

Well, I agree, but, based on the response to the 2821bis appeal
and the proposed RFC Editor note on that document, the IESG
apparently sees actual harm (rather than, e.g., impolite
behavior) where some of the rest of us do not.  In the interest
of being constructive, reducing ambiguity, surprises and
post-last-call quibbling, of focusing on the areas where I think
there is consensus about harm, and of being specific, I propose
the following as alternative text: 

	"6.  Addresses used in I-Ds SHOULD use fully qualified
	domain names (FQDNs) instead of literal IP addresses.
	Working Groups or authors seeing exemptions from that
	rule MUST supply the rationale for IP address use with
	inline comments (e.g., "Editor's note:" or "Note in
	Draft:" that can be evaluated by the IESG and the
	community along with the rest of the document.  Domain
	names  in pseudo-code, actual code segments, sample data
	structures and templates, specifically including MIB
	definitions and examples that could reasonably be
	expected to be partially or entirely copied into code,
	MUST be drawn from the list reserved for documentary use
	in BCP32 (RFC 2606 or its successors).  It is generally
	desirable for domain names used in other I-D discussion
	contexts to be drawn from BCP32 as well, if only as an
	act of politeness toward those who might be using the
	domains for other purposes at the time of publication or
	subsequently.   Working groups or editors who are
	convinced that different names are required MUST be
	prepared to explain and justify their choices and SHOULD
	do so with explicit inline comments such as those
	described above."

Now, that is somewhat longer and more complicated, but it would
seem to satisfy the criteria that have been discussed on the
IETF list, not just since the ID-Checklist update draft was
posted, but over the last six weeks or so.  In particular:

	(i) I believe that there actually is consensus that use
	of non-2606 names in places where they are likely to be
	copied into production code (even if only by the lazy or
	careless) is likely to be harmful as well as a terrible
	idea.

	(ii) There is, at best, much less consensus that use of
	non-2606 names in narrative or illustrative examples is
	likely to be harmful.  There may be consensus that it is
	impolite (or, to quote some recent IESG comments,
	"rude") but that is, IMO, a rather different matter.
	
	(iii) The IETF has indicated enough times that domain
	names, not literal addresses, should be used in both
	protocols and documents that doing anything else should
	reasonably require clear and strong justification.
	
	(iv) If someone wants to use non-2606 names, it is
	entirely reasonable to expect them to explain why and to
	do so in public.  If that drives editors and WGs to take
	the path of least resistance and use the 2606 names, I
	think it should be fine with all of us.

FWIW, please note the philosophical similarity between the above
and RFC 4897.  In both cases, we move away from incentives for
elaborate procedures and private negotiations between the IESG
and authors (and the consequent late-stage guessing about what
is likely to happen).  Instead, we get the issues and
justifications up front as part of document processing or in the
document itself so that the community can address them as part
of Last Call.  The IESG can then make decisions based on
evidence of community consensus (or community indifference, as
the case may be).

I think that is supposed to be what we all want around here,
isn't it?

    john




_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]