Hi Tony,
At 17:36 03-05-2013, Tony Hain wrote:
Yes it can, and they often do. The question in this case is more about the
way that was documented, and Douglas' effective call for a wider review of
the decision. It may simply be the wording in the issue tracker, but reading
that the effective message is:
"a security issue was raised, and a subset of the potential attack is
easily mitigated, therefore the WG is dropping it"
Yes. I would add a little more than so that the external reviewer
can assess whether the potential attack is easily mitigated.
There may well be more to it, and I said I have not been following it. The
point is that 'outside reviewers' will not be immersed in past discussion,
so what and why should be clear. I purposefully tied this to the ongoing
IESG process discussion, because it is a prime example of why post-WG
discussions take longer than expected, and may result in changes.
It is difficult for someone who joins a working group in the middle
of a discussion to understand what happened. It's a lot of work for
the external reviewer. The external reviewer has to decide whether
to take the word of the author when the latter says "it has been
discussed". An IESG member would probably generate a DISCUSS. The
working group might respond angrily. The effect is excessive delay
for an issue which could easily have been resolved. In terms of IETF
time there are four persons having to deal with it. It is a prime
example of tail-heavy.
Regards,
S. Moonesamy