IETF Plenary List Management Procedures

IETF Plenary List Management Procedures Cisco Systems

Richtistrasse 7 Wallisellen CH-8304 Switzerland +41 44 878 9200 lear@lear.ch

Cisco Systems

rwilton@cisco.com

Fastmail Pty Ltd

Level 2, 114 William Street 3000 Australia +61 457 416 436 brong@fastmailteam.com

Standcore LLC

+1 607 330 5711 standards@standcore.com

Internet-Draft This memo provides a procedure and authority to address inappropriate behavior on IETF plenary lists. It obsoletes RFC 3683 and updates RFC 9245.

Introduction The charter for the IETF discussion list is layed out in . Individuals are expected to behave at all times in a professional manner for the purposes of the organization, as specified in , and for the purposes of individual mailing lists. Thankfully the need to take action against individuals is relatively rare. Experience has shown that when the existing procedure is invoked, the procedure itself causes as many problems as it solves, including: Community discussion drawing away from the fundamental mission of the organization; Humiliation the individual who has behaved inappropriately; The need for a committee draws scarce volunteer resources from other potentially more fruitful activities; Consumption of IESG resources.

Goals For these reasons, a new approach that aligns with other professional bodies is specified. The goals of the approach address the problems above as follows: Minimize inappropriate behavior. Maximize appropriate participation in IETF activities. Minimize volunteer resources necessary to address inappropriate behavior. Allow for approaches that are tailored to each situation. Limit humiliation of those who have offended. Provide a right of appeal. Provide for transparency.

Summary of changes The following changes are made to IETF policy: and all processes therein are obsoleted by the new process that vests authority in the executive director. Only the moderation function in Section 3 of is obsoleted. Additional authority is given to the executive director to address other IETF mailing lists in limited circumstances. Thus is updated accordingly. What is and is not acceptable behavior has not changed.

Why shift this function from the community to the executive director? The previous policy required that a discussion take place within the community to ban an individual. Those discussions have proven to be long, meandering, emotional, and time consuming. The reason we have juries is so that the public needn't vote in a popularity contest about whether someone should be convicted. The executive director is in a position to address complaints and observe bad behavior outside the melee of any particular technical discussion, because they carry no agenda other than the aims of the organization. In addition, as a managerial arm of the IETF, the executive director has the capability to manage what are sometimes difficult personal situations. Finally, the executive director is in a position to engage and make decisions in an effective manner, without consuming inordinate amounts of community resources.

Mailing List Policy

Applicability This policy applies to all IETF plenary lists mentioned in . In addition, certain aspects of this policy may be applied across all IETF lists, as stated below.

What is appropriate or inappropriate behavior? describes both appropriate and inappropriate contributions to the IETF list, and lays out charters of other plenary lists. Any new plenary lists created shall contain a statement as to what the list is to be used for. Messages beyond that purpose are inappropriate, as are messages that violate our community standards as specified by , , and .

Initiating Complaints Complaints against individuals shall be transmitted to the executive director via a mailing list [TBD]. Complaints must not be sent to other IETF mailing lists. The executive director may also take action on their own initiative. It is beyond the scope of ANY mailing list to discuss the behavior of an individual, except for the purposes of reviewing this policy, in which case a separate mailing list shall be designated by the IESG for that purpose.

Who is responsible for addressing inappropriate messages? The executive director of the IETF shall be responsible for addressing inappropriate messages. The executive director may delegate this function. The moderation function described in Section 3 of is discontinued. The executive director may consult with members of the community, including but not limited to area directors, working group chairs, and IETF participants; in order to seek a good outcome.

What actions may be taken? The executive director may take any action they deem appropriate in a given circumstance, including but not limited to no action, advising, warning, moderating, rate-limiting, suspending, or banning individuals. In performing this function, the executive director should apply all appropriate processes specified by the IETF in relevant BCPs in an even-handed way, using the least amount of intervention necessary to satisfy the goals in . The executive director MAY, in consultations with the IESG, apply any action taken across all IETF mailing lists. However, posting rights limitations across all lists should be viewed as an absolute last resort.

Community Notice When the executive director takes an action in accordance with this policy, they shall inform the IESG by email. In the case of bans or suspensions, this notification shall be noted and minuted in the next IESG meeting. In cases where an individual is banned or suspended from any working group list, notice shall be given to either the impacted working group or to IETF-Announce.

Appeals Individuals may appeal the decisions taken by the executive director, as specified in . Appeals follow a fairly usual IETF appeals process and timeline, as follows. Any initial appeal should be made to the executive director, and if the appeallant is unhappy with the outcome of the appeal decision, they may escalate the complaint to the IESG, and finally the IAB, as described in . Appeals must be made within one month of receiving initial notification of the moderation action, or subsequent appeal outcome. In taking any action, the executive director shall notify the offender of these rights.

Review An individual who has been moderated, rate-limited, suspended, or banned from a list within the scope of this policy may apply to the executive director to restore normal posting rights after a period of twelve months, and every twelve months thereafter. At their sole discretion, the executive director may reinstate some or all posting priveleges to an individual. Such decisions are not subject to appeal.

Handling of Spam, Phishing, and other automated messages The executive director may take any action they deem appropriate to limit spam, phishing, and other such automated attacks. They shall inform the IETF community of the mechanisms in place to the extent that sensible operational security permits.

Informational Collection and Reporting The executive director shall collect and report aggregate statistics annually to the community about complaints received and their disposition.

LLC Considerations The IETF requests that, if requested by the executive director, sufficient resources be allocated for this purpose.

Privacy Considerations This policy attempts to limit exposure of the names of individuals accused of inappropriate behavior. However, the transparency needs of the organization demand that the community be informed of certain actions taken against individuals. This permits community oversight of the function without causing undue embarressment or humiliation.

Security Considerations This memo creates no new technical mechanisms and therefore there are no security considerations.

IANA Considerations [This section to be removed by RFC Editor.] No registries are requested.

Acknowledgments The authors would like to thank Marshall Rose for having first addressed this difficult subject in our series, as well as all those who have served as moderators and ombudspeople.

IETF Discussion List Charter The Internet Engineering Task Force (IETF) discussion mailing list furthers the development and specification of Internet technology through the general discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist. As this is the most general IETF mailing list, considerable latitude in terms of topics is allowed, but there are posts and topics that are unsuitable for this mailing list. This document defines the charter for the IETF discussion list and explains its scope. This document obsoletes RFC 3005 and updates RFC 3683. A Mission Statement for the IETF This memo gives a mission statement for the IETF, tries to define the terms used in the statement sufficiently to make the mission statement understandable and useful, argues why the IETF needs a mission statement, and tries to capture some of the debate that led to this point. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) This document describes the use of Advanced Encryption Standard (AES) Counter Mode, with an explicit initialization vector, as an IPsec Encapsulating Security Payload (ESP) confidentiality mechanism. Updates to RFC 2418 Regarding the Management of IETF Mailing Lists This document is an update to RFC 2418 that gives WG chairs explicit responsibility for managing WG mailing lists. In particular, it gives WG chairs the authority to temporarily suspend the mailing list posting privileges of disruptive individuals. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. IETF Anti-Harassment Procedures IETF Participants must not engage in harassment while at IETF meetings, virtual meetings, or social events or while participating in mailing lists. This document lays out procedures for managing and enforcing this policy. This document updates RFC 2418 by defining new working group guidelines and procedures. This document updates RFC 7437 by allowing the Ombudsteam to form a recall petition without further signatories. Update to the IETF Anti-Harassment Procedures for the Replacement of the IETF Administrative Oversight Committee (IAOC) with the IETF Administration LLC The IETF Anti-Harassment Procedures are described in RFC 7776. The IETF Administrative Oversight Committee (IAOC) has been replaced by the IETF Administration LLC, and the IETF Administrative Director has been replaced by the IETF LLC Executive Director. This document updates RFC 7776 to amend these terms. RFC 7776 contained updates to RFC 7437. RFC 8713 has incorporated those updates, so this document also updates RFC 7776 to remove those updates. IETF Guidelines for Conduct This document provides a set of guidelines for personal interaction in the Internet Engineering Task Force. The guidelines recognize the diversity of IETF participants, emphasize the value of mutual respect, and stress the broad applicability of our work. This document is an updated version of the guidelines for conduct originally published in RFC 3184. The Internet Standards Process -- Revision 3 This memo documents the process used by the Internet community for the standardization of protocols and procedures. It defines the stages in the standardization process, the requirements for moving a document between stages and the types of documents used during this process. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.

Changes from Earlier Versions [[This section to be removed by RFC Editor]]