RE: I-D ACTION:draft-ietf-ldup-replica-req-11.txt

["Kurt D. Zeilenga" <Kurt@xxxxxxxxxxxx>]

At 07:59 AM 2002-03-06, Chris Apple wrote:
>The proposed re-write of the text in question doesn't add any value to
>the document in my opinion. Since the LDUP requirements document and
>RFC 2820 are both informational and are both requirements documents, I
>see no harm in one referring to the other in the Security Considerations
>section as currently written.
>
>The clarification that you are seeking to include is already well
>understood and I believe redundant with existing IETF process.

I disagree.  Some will read that statement as imply that there
is already an LDAP ACM technical specifications which LDAP
implementations can support.  As this is a security consideration,
I believe it needs to be clear that it is referring to a future
technical specification which meets the requirements stated
in RFC 2820.

>As a co-chair, I don't feel inclined to add the language revision you
>propose to this document at this time.  

Well, I'm inclined to disagree with you.  The editor has made a
substantive changes to the I-D.  Regardless of what they were in
response to, this WG must be given an opportunity to review those
changes.  If the WG does not agree with the changes, the document
must be changed to reflect the WG consensus.

Given that the WG has yet been given an opportunity to review
these changes, I think it is premature for you to declare
consensus in regards to these changes.

I certainly have not had time to review all the changes made,
the document revision was only recently announced.  I recommend
you give the working group two weeks to review the recent changes
and comment.

>One potential output of the LDUP Access Control Design Team could be
>such
>a standards-track technical specification,

I do not believe the LDUP Access Control Design Team is presently
chartered to undertake engineering of any technical specification.
If I am mistaken, please advise.

Kurt