Paul: You have asked a question in a manner that assumes a technical assessment can be made. I do not think that is the situation. Instead, I think the question is whether the IETF is the proper organization to write a BCP about protocol requirements for root servers and RSSAC is the right organization to write a document about operational requirements for root servers. In short, this more of a political question than a technical one. Back when RFC 2870 was written, the IETF (rightly or wrongly) included both requirement sets in the same document. >From my perspective, IETF is the proper organization to write a BCP about protocol requirements. RSSAC has been going through a restructuring process. Assuming that a functional organization emerges from that process, RSSAC will be a fine organization to handle the operational requirements. Russ On May 24, 2014, at 12:47 PM, Paul Hoffman wrote: > This message covers a procedural problem with draft-iab-2870bis obsoleting RFC 2870. > > On May 22, 2014, at 9:34 AM, Joe Abley <jabley@xxxxxxxxxxx> wrote: > >> I understand that RSSAC have made recent progress on that document, and that it will appear soon. I would presume that the RFC Editor would hold final publication of this document, once approved, until that reference showed up, as is the case for references to IETF documents. I don't know whether that's a good presumption though. I just thought I'd mention it as a plausible workflow. > > From the draft: > > The operational requirements are defined in [RSSAC-001]. > . . . > This document and [RSSAC-001] together functionally replace [RFC2870]. > > Note that it is only this draft that obsoletes RFC 2870. RFC 2870 (which is a BCP) has protocol, deployment, and operational requirements, but it's title says only "Operational". This draft explicitly has no "operational" requirements: those are in a different, as-yet unpublished, non-RFC-track document. > > This IETF LC is asking us to obsolete a BCP with a draft that is arguably on a different topic, with the real replacement not yet published, and that will not even be published as an RFC. How can we decide whether or not the important parts of RFC 2870 are dealt with? > > To be clear: draft-iab-2870bis covers the relevant protocol and deployment requirements. (There are some issues with those short lists; I'll cover those in a separate message.) But that is not sufficient for *this draft* to obsolete a BCP like RFC 2870 unless we know that the operational parts of RFC 2870 are covered somewhere else. > > --Paul Hoffman