I am opposed. Anonymous email recommendations are not how the IETF operates.
Attached below is a note I wrote a month ago to the Chairs. None of the points written there – and MOST of them were a summary of WG discussion – were addressed. From: Rich Salz <rs...@akamai.com<mailto:rs...@akamai.com>> Date: Tuesday, July 30, 2024 at 1:49 PM To: "tls-cha...@ietf.org<mailto:tls-cha...@ietf.org>" <tls-cha...@ietf.org<mailto:tls-cha...@ietf.org>> Subject: Rethinking the formal analysis triage TLS Chairs, I wasn’t sure whether to send this to you or the entire WG. I let another person read this and they suggested the Chairs. So here you go. I re-read all the messages in the archive [1] and re-watched the 119 and 120 segments on the triage panel. I believe that, as currently set up, it is so flawed that it should be taken down and rebuilt from scratch. After the idea was proposed in March, the two most common feedback suggestions were • Collaborate with UFMRG • Make all communications open and on the mailing list Neither of these were done. In fact, there was no response from the Chairs on either point. From the beginning, the stated intent was the that one thing the panel would provide is an estimate of how much work any suggested analysis would take. The one review that was done so far did not include that, other than “feasible.” Many people have already commented that collating all responses is a bad idea. I want to add one point that I have not seen before: if a subset of the triage reviewers recommends analysis, the WG has no information about the qualifications of those making the recommendation and no way to evaluate how to accept it. This brings up a related point. Anonymous evaluations are against the very nature of the IETF. How can we assess the value of someone’s contributions when we don’t know who they are? Will “Reviewer 1” always be the same person? If the entire panel did not do a review, are WG members expected to treat all members as equally competent and qualified? The WG is strongly in favor of more formal analysis. The Chairs tried to do too much and failed. Start over, respond to the feedback you got from the WG, and pick something easier. [1] https:/mailarchive.ietf.org/arch/browse/tls/?q=triage
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
