Network Working Group E. Lear Internet-Draft Cisco Systems GmbH Expires: April 6, 2006 H. Alvestrand Cisco Systems October 3, 2005 Getting rid of the cruft: an experiment to identify obsolete standards document draft-ietf-newtrk-decruft-experiment-01.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 6, 2006. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This memo documents an experiment to review and classify Proposed Standards as not reflecting documented practice within the world today. The results identify a set of documents marked as Proposed Standards that should be considered for retirement in some way or another. Lear & Alvestrand Expires April 6, 2006 [Page 1] Internet-Draft Cruft Experiment October 2005 1. Introduction and history RFC 2026, and RFC 1602 before it, specified timelines for review of immature (draft or proposed) standards. The purpose of such review was to determine whether such documents should be advanced, retired, or developed further.[1] This procedure has never been followed in the history of the IETF. Since this procedure has not been followed, members of the community have suggested that the retiring of a document to Historic is a significant event, which should be justified carefully - leading to the production of documents such as RFC 2556 (OSI connectionless transport services on top of UDP Applicability Statement for Historic Status) and RFC 3166 (Request to Move RFC 1433 to Historic Status). Such documents require significant time and effort on the part of authors, area directors, and the RFC Editor. 2. Bulk Decommissioning Procedure From the Fall of 2004 through the Spring of 2005 the authors conducted an experiment to determine how many Proposed Standards could be considered obsolete. The experiment was operated as follows: o Identify a group of documents that are standards. o Assume by default that each document will be retired. o Create a mailing list for discussion with a policy of open access. o Allow any document to be removed from the list of those to be retired for virtually any reason, so long as a reason is provided. o Present the list to the working group, IETF, and IESG for review. o Revise list based on comments. o Write up results. The initial intent of the authors was to present a list of documents to be reclassified as Historic. The NEWTRK working group supported this view. The IESG, and the IETF as a community, makes the final decision. We will discuss this further below. 3. Input, Mailing list, Output, and Observations We started with our initial document set being all RFCs with numbers less than 2000 and a status of Proposed Standard. The input we used, starting Noevember 25, 2004, can be found in the Appendix. There were some 125 documents in all. A mailing list, old-standards@alvestrand.no, was created to discuss Lear & Alvestrand Expires April 6, 2006 [Page 2] Internet-Draft Cruft Experiment October 2005 and remove candidates from this list. A call for participation was issued to the IETF-Announce list on or around the 15 Nov 2004. There were 29 members of the mailing list. Approximately 244 messages were sent to the list. People were encouraged to consider the question of whether or not an implementer would either write a new implementation or maintain an existing one. After some months the list of documents to be considered was reduced considerably. This list was then forwarded to the IETF discussion list on 16 Dec 04 and to the NEWTRK working group list for wider review. The last standards to be removed during working group discussion were RFCs 1518 and 1519 based on the fact that work is ongoing to revise them. Here are the results: RFC1234 (Tunneling IPX traffic through IP networks) RFC1239 (Reassignment of experimental MIBs to standard MIBs) RFC1276 (Replication and Distributed Operations extensions to provide an Internet Directory using X.500) RFC1285 (FDDI Management Information Base) RFC1314 (A File Format for the Exchange of Images in the Internet) RFC1328 (X.400 1988 to 1984 downgrading) RFC1370 (Applicability Statement for OSPF) RFC1378 (The PPP AppleTalk Control Protocol (ATCP)) RFC1381 (SNMP MIB Extension for X.25 LAPB) RFC1382 (SNMP MIB Extension for the X.25 Packet Layer) RFC1397 (Default Route Advertisement In BGP2 and BGP3 Version of The Border Gateway Protocol) RFC1414 (Identification MIB) RFC1415 (FTP-FTAM Gateway Specification) RFC1418 (SNMP over OSI) RFC1419 (SNMP over AppleTalk) RFC1421 (Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures) RFC1422 (Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management) RFC1423 (Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers) RFC1424 (Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services) RFC1461 (SNMP MIB extension for Multiprotocol Interconnect over X.25) RFC1469 (IP Multicast over Token-Ring Local Area Networks) Lear & Alvestrand Expires April 6, 2006 [Page 3] Internet-Draft Cruft Experiment October 2005 RFC1471 (The Definitions of Managed Objects for the Link Control Protocol of the Point-to-Point Protocol) RFC1472 (The Definitions of Managed Objects for the Security Protocols of the Point-to-Point Protocol) RFC1473 (The Definitions of Managed Objects for the IP Network Control Protocol of the Point-to-Point Protocol) RFC1474 (The Definitions of Managed Objects for the Bridge Network Control Protocol of the Point-to-Point Protocol) RFC1478 (An Architecture for Inter-Domain Policy Routing) RFC1479 (Inter-Domain Policy Routing Protocol Specification: Version 1) RFC1494 (Equivalences between 1988 X.400 and RFC-822 Message Bodies) RFC1496 (Rules for downgrading messages from X.400/88 to X.400/84) when MIME content-types are present in the messages RFC1502 (X.400 Use of Extended Character Sets) RFC1512 (FDDI Management Information Base) RFC1513 (Token Ring Extensions to the Remote Network Monitoring MIB) RFC1525 (Definitions of Managed Objects for Source Routing Bridges) RFC1552 (The PPP Internetworking Packet Exchange Control Protocol (IPXCP)) RFC1553 (Compressing IPX Headers Over WAN Media (CIPX)) RFC1582 (Extensions to RIP to Support Demand Circuits) RFC1584 (Multicast Extensions to OSPF) RFC1598 (PPP in X.25) RFC1648 (Postmaster Convention for X.400 Operations) RFC1666 (Definitions of Managed Objects for SNA NAUs using SMIv2) RFC1692 (Transport Multiplexing Protocol (TMux)) RFC1696 (Modem Management Information Base (MIB) using SMIv2) RFC1742 (AppleTalk Management Information Base II) RFC1747 (Definitions of Managed Objects for SNA Data Link Control (SDLC) using SMIv2) RFC1749 (IEEE 802.5 Station Source Routing MIB using SMIv2) RFC1755 (ATM Signaling Support for IP over ATM) RFC1763 (The PPP Banyan Vines Control Protocol (BVCP)) RFC1764 (The PPP XNS IDP Control Protocol (XNSCP)) RFC1828 (IP Authentication using Keyed MD5) RFC1835 (Architecture of the WHOIS++ service) RFC1848 (MIME Object Security Services) RFC1913 (Architecture of the Whois++ Index Service) RFC1914 (How to Interact with a Whois++ Mesh) One additional document, RFC 1829, the ESP DES-CBC transform, was suggested for Historic stauts, but in this case, the group consensus is that the community would benefit from a separate document describing the security implications of using this algorithm. Lear & Alvestrand Expires April 6, 2006 [Page 4] Internet-Draft Cruft Experiment October 2005 4. Discussion As one peruses this list one sees several classes of documents: o Multiprotocol functions for protocols that are obsolete, such as Appletalk or X.400. o Protocols that were defined but not used, such as PEM or Whois++ In either case above a judgment is necessary as to whether or not a protocol is both in use and likely to be supported. The parameters of our experiment were sufficiently conservative to avoid cases where protocols were likely to continue to be supported. That is, anyone could remove a document from the list for any reason. In fact, in some cases we may have been too conservative. Thus, it is also worth considering the categories of documents that were removed from the list: o specifications known to be in full use that should be considered for advancement o specifications that are currently under review within the IETF process o Specifications that were previously considered for deprecation and rejected. The last category is exclusive to telnet options, which were reviewed in the late 1990s. Arguably such options should be reconsidered for deprecation. Realistically nobody is going to develop a new version of telnet that supports the TACACS option, for instance. Nevertheless, as a first cut we were still left with 61 documents that could be reclassified. In at least one case discussion of deprecation has spurred work on documents. For instance, there is a CIDR update in progress. 5. Next Steps As we mention in the introduction, the current process requires reconsideration of immature standards, and this review currently does not occur. This experiment has been an attempt at a procedure that could ease that review. The final step was working group consideration of what to do next. There were four options: 1. Accept the results of this experiment, issue a last call, and deprecate standards that remain on the list past last call. This is an aggressive approach that would preserve the intent of RFC 2026. 2. Do not accept the results of this experiment and update RFC 2026 to indicate a new practice. Lear & Alvestrand Expires April 6, 2006 [Page 5] Internet-Draft Cruft Experiment October 2005 3. Revise the procedure based on the results of this experiment, based on feedback from the IESG. This option might take into account the different types of old standards as described above. 4. Do nothing. This would leave the IETF and the IESG practice inconsistent with documented practice. The working group chose the first option. The RFC Editor is requested to mark the above listed standards as Historic. [[NOTE IN DRAFT: This document is written after WG consensus was established, but before IESG approval. If the IESG approves this document, the RFC Editor is requested to remove this note before publication. If the IESG does not approve, this is moot.]] It should be pointed out that we only looked at proposed standards and only those RFCs with numbers less than 2000. Should either the first or third of the above options be accepted, draft standards and those older than several years should be considered. Finally, should NEWTRK deliver a new document classification system, these documents may provide a basis for one or more new categories of that. 6. IANA Considerations The IANA is requested to review the above list of documents for any entries that may need to be marked as Historic in various databases. 7. Security Considerations Documents that have security problems may require special attention and individual documents to indicate what concerns exist, and when or in what ways an implementation can be deployed to alleviate concerns. 8. Acknowledgments This experiment would have been completely useless without participation of the members of the old-standards mailing list. Most notably, Pekka Savalo, Bob Braden, and John Klensin were very active contributors to the discussions. 9. Normative References [1] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. Lear & Alvestrand Expires April 6, 2006 [Page 6] Internet-Draft Cruft Experiment October 2005 Appendix A. Input RFCs RFC0698 (Telnet extended ASCII option) RFC0726 (Remote Controlled Transmission and Echoing Telnet option) RFC0727 (Telnet logout option) RFC0735 (Revised Telnet byte macro option) RFC0736 (Telnet SUPDUP option) RFC0749 (Telnet SUPDUP-Output option) RFC0779 (Telnet send-location option) RFC0885 (Telnet end of record option) RFC0927 (TACACS user identification Telnet option) RFC0933 (Output marking Telnet option) RFC0946 (Telnet terminal location number option) RFC0977 (Network News Transfer Protocol) RFC1041 (Telnet 3270 regime option) RFC1043 (Telnet Data Entry Terminal option: DODIIS implementation) RFC1053 (Telnet X.3 PAD option) RFC1073 (Telnet window size option) RFC1079 (Telnet terminal speed option) RFC1091 (Telnet terminal-type option) RFC1096 (Telnet X display location option) RFC1144 (Compressing TCP/IP headers for low-speed serial links) RFC1195 (Use of OSI IS-IS for routing in TCP/IP and dual) RFC1234 (Tunneling IPX traffic through IP networks) RFC1239 (Reassignment of experimental MIBs to standard MIBs) RFC1256 (ICMP Router Discovery Messages) RFC1269 (Definitions of Managed Objects for the Border Gateway Protocol: Version 3) RFC1274 (The COSINE and Internet X.500 Schema) RFC1276 (Replication and Distributed Operations extensions to provide an Internet Directory using X.500) RFC1277 (Encoding Network Addresses to Support Operation over Non- OSI Lower Layers) RFC1285 (FDDI Management Information Base) RFC1314 (A File Format for the Exchange of Images in the Internet) RFC1323 (TCP Extensions for High Performance) RFC1328 (X.400 1988 to 1984 downgrading) RFC1332 (The PPP Internet Protocol Control Protocol (IPCP)) RFC1370 (Applicability Statement for OSPF) RFC1372 (Telnet Remote Flow Control Option) RFC1377 (The PPP OSI Network Layer Control Protocol (OSINLCP)) RFC1378 (The PPP AppleTalk Control Protocol (ATCP)) RFC1381 (SNMP MIB Extension for X.25 LAPB) RFC1382 (SNMP MIB Extension for the X.25 Packet Layer) RFC1397 (Default Route Advertisement In BGP2 and BGP3 Version of The Border Gateway Protocol) RFC1413 (Identification Protocol) Lear & Alvestrand Expires April 6, 2006 [Page 7] Internet-Draft Cruft Experiment October 2005 RFC1414 (Identification MIB) RFC1415 (FTP-FTAM Gateway Specification) RFC1418 (SNMP over OSI) RFC1419 (SNMP over AppleTalk) RFC1420 (SNMP over IPX) RFC1421 (Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures) RFC1422 (Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management) RFC1423 (Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers) RFC1424 (Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services) RFC1461 (SNMP MIB extension for Multiprotocol Interconnect over X.25) RFC1469 (IP Multicast over Token-Ring Local Area Networks) RFC1471 (The Definitions of Managed Objects for the Link Control Protocol of the Point-to-Point Protocol) RFC1472 (The Definitions of Managed Objects for the Security Protocols of the Point-to-Point Protocol) RFC1473 (The Definitions of Managed Objects for the IP Network Control Protocol of the Point-to-Point Protocol) RFC1474 (The Definitions of Managed Objects for the Bridge Network Control Protocol of the Point-to-Point Protocol) RFC1478 (An Architecture for Inter-Domain Policy Routing) RFC1479 (Inter-Domain Policy Routing Protocol Specification: Version 1) RFC1494 (Equivalences between 1988 X.400 and RFC-822 Message Bodies) RFC1496 (Rules for downgrading messages from X.400/88 to X.400/84) RFC1502 (X.400 Use of Extended Character Sets) RFC1510 (The Kerberos Network Authentication Service (V5)) RFC1512 (FDDI Management Information Base) RFC1513 (Token Ring Extensions to the Remote Network Monitoring MIB) RFC1517 (Applicability Statement for the Implementation of Classless Inter-Domain Routing (CIDR)) RFC1518 (An Architecture for IP Address Allocation with CIDR) RFC1519 (Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy) RFC1525 (Definitions of Managed Objects for Source Routing Bridges) RFC1552 (The PPP Internetworking Packet Exchange Control Protocol) RFC1553 (Compressing IPX Headers Over WAN Media (CIPX)) RFC1570 (PPP LCP Extensions) RFC1572 (Telnet Environment Option) Lear & Alvestrand Expires April 6, 2006 [Page 8] Internet-Draft Cruft Experiment October 2005 RFC1582 (Extensions to RIP to Support Demand Circuits) RFC1584 (Multicast Extensions to OSPF) RFC1598 (PPP in X.25) RFC1618 (PPP over ISDN) RFC1628 (UPS Management Information Base) RFC1648 (Postmaster Convention for X.400 Operations) RFC1663 (PPP Reliable Transmission) RFC1666 (Definitions of Managed Objects for SNA NAUs using SMIv2) RFC1692 (Transport Multiplexing Protocol (TMux)) RFC1696 (Modem Management Information Base (MIB) using SMIv2) RFC1697 (Relational Database Management System (RDBMS) Management) RFC1731 (IMAP4 Authentication Mechanisms) RFC1734 (POP3 AUTHentication command) RFC1738 (Uniform Resource Locators (URL)) RFC1740 (MIME Encapsulation of Macintosh Files - MacMIME) RFC1742 (AppleTalk Management Information Base II) RFC1747 (Definitions of Managed Objects for SNA Data Link Control) RFC1749 (IEEE 802.5 Station Source Routing MIB using SMIv2) RFC1752 (The Recommendation for the IP Next Generation Protocol) RFC1755 (ATM Signaling Support for IP over ATM) RFC1763 (The PPP Banyan Vines Control Protocol (BVCP)) RFC1764 (The PPP XNS IDP Control Protocol (XNSCP)) RFC1767 (MIME Encapsulation of EDI Objects) RFC1793 (Extending OSPF to Support Demand Circuits) RFC1808 (Relative Uniform Resource Locators) RFC1812 (Requirements for IP Version 4 Routers) RFC1828 (IP Authentication using Keyed MD5) RFC1829 (The ESP DES-CBC Transform) RFC1831 (RPC: Remote Procedure Call Protocol Specification Version 2) RFC1833 (Binding Protocols for ONC RPC Version 2) RFC1835 (Architecture of the WHOIS++ service) RFC1847 (Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted) RFC1848 (MIME Object Security Services) RFC1913 (Architecture of the Whois++ Index Service) RFC1914 (How to Interact with a Whois++ Mesh) RFC1928 (SOCKS Protocol Version 5) RFC1929 (Username/Password Authentication for SOCKS V5) RFC1961 (GSS-API Authentication Method for SOCKS Version 5) RFC1962 (The PPP Compression Control Protocol (CCP)) RFC1964 (The Kerberos Version 5 GSS-API Mechanism) RFC1968 (The PPP Encryption Control Protocol (ECP)) RFC1973 (PPP in Frame Relay) RFC1982 (Serial Number Arithmetic) RFC1985 (SMTP Service Extension for Remote Message Queue Starting) Lear & Alvestrand Expires April 6, 2006 [Page 9] Internet-Draft Cruft Experiment October 2005 RFC1995 (Incremental Zone Transfer in DNS) RFC1996 (A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)) RFC1997 (BGP Communities Attribute) Lear & Alvestrand Expires April 6, 2006 [Page 10] Internet-Draft Cruft Experiment October 2005 Authors' Addresses Eliot Lear Cisco Systems GmbH Glatt-com Glattzentrum, ZH CH-8301 Switzerland Phone: +41 1 878 7525 Email: lear@cisco.com Harald Tveit Alvestrand Cisco Systems Weidemanns vei 27 7043 Trondheim Norway Email: harald@alvestrand.no Lear & Alvestrand Expires April 6, 2006 [Page 11] Internet-Draft Cruft Experiment October 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Lear & Alvestrand Expires April 6, 2006 [Page 12]