| Internet-Draft | IETF Lists | June 2024 |
| Lear, et al. | Expires 21 December 2024 | [Page] |
This memo provides a procedure and authority to address inappropriate behavior on IETF plenary lists. It obsoletes RFC 3683 and updates RFC 9245.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 21 December 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The charter for the IETF discussion list is layed out in [RFC9245]. Individuals are expected to behave at all times in a professional manner for the purposes of the organization, as specified in [RFC3935], and for the purposes of individual mailing lists.¶
Thankfully the need to take action against individuals is relatively rare. Experience has shown that when the existing procedure is invoked, the procedure itself causes as many problems as it solves, including:¶
Community discussion drawing away from the fundamental mission of the organization;¶
Humiliation the individual who has behaved inappropriately;¶
The need for a committee draws scarce volunteer resources from other potentially more fruitful activities;¶
Consumption of IESG resources.¶
For these reasons, a new approach that aligns with other professional bodies is specified. The goals of the approach address the problems above as follows:¶
Minimize inappropriate behavior.¶
Maximize appropriate participation in IETF activities.¶
Minimize volunteer resources necessary to address inappropriate behavior.¶
Allow for approaches that are tailored to each situation.¶
Limit humiliation of those who have offended.¶
Provide a right of appeal.¶
Provide for transparency.¶
The following changes are made to IETF policy:¶
[RFC3686] and all processes therein are obsoleted by the new process that vests authority in the executive director.¶
Only the moderation function in Section 3 of [RFC9245] is obsoleted.¶
Additional authority is given to the executive director to address other IETF mailing lists in limited circumstances. Thus [RFC3934] is updated accordingly.¶
What is and is not acceptable behavior has not changed.¶
The previous policy required that a discussion take place within the community to ban an individual. Those discussions have proven to be long, meandering, emotional, and time consuming. The reason we have juries is so that the public needn't vote in a popularity contest about whether someone should be convicted.¶
The executive director is in a position to address complaints and observe bad behavior outside the melee of any particular technical discussion, because they carry no agenda other than the aims of the organization. In addition, as a managerial arm of the IETF, the executive director has the capability to manage what are sometimes difficult personal situations.¶
Finally, the executive director is in a position to engage and make decisions in an effective manner, without consuming inordinate amounts of community resources.¶
This policy applies to all IETF plenary lists mentioned in [RFC9245]. In addition, certain aspects of this policy may be applied across all IETF lists, as stated below.¶
[RFC9245] describes both appropriate and inappropriate contributions to the IETF list, and lays out charters of other plenary lists. Any new plenary lists created shall contain a statement as to what the list is to be used for. Messages beyond that purpose are inappropriate, as are messages that violate our community standards as specified by [RFC7776], [RFC8716], and [BCP54].¶
Complaints against individuals shall be transmitted to the executive director via a mailing list [TBD]. Complaints must not be sent to other IETF mailing lists. The executive director may also take action on their own initiative.¶
It is beyond the scope of ANY mailing list to discuss the behavior of an individual, except for the purposes of reviewing this policy, in which case a separate mailing list shall be designated by the IESG for that purpose.¶
The executive director of the IETF shall be responsible for addressing inappropriate messages. The executive director may delegate this function. The moderation function described in Section 3 of [RFC9245] is discontinued.¶
The executive director may consult with members of the community, including but not limited to area directors, working group chairs, and IETF participants; in order to seek a good outcome.¶
The executive director may take any action they deem appropriate in a given circumstance, including but not limited to no action, advising, warning, moderating, rate-limiting, suspending, or banning individuals. In performing this function, the executive director should apply all appropriate processes specified by the IETF in relevant BCPs in an even-handed way, using the least amount of intervention necessary to satisfy the goals in Section 1.¶
The executive director MAY, in consultations with the IESG, apply any action taken across all IETF mailing lists. However, posting rights limitations across all lists should be viewed as an absolute last resort.¶
When the executive director takes an action in accordance with this policy, they shall inform the IESG by email. In the case of bans or suspensions, this notification shall be noted and minuted in the next IESG meeting. In cases where an individual is banned or suspended from any working group list, notice shall be given to either the impacted working group or to IETF-Announce.¶
Individuals may appeal the decisions taken by the executive director, as specified in Section 2.5. Appeals follow a fairly usual IETF appeals process and timeline, as follows. Any initial appeal should be made to the executive director, and if the appeallant is unhappy with the outcome of the appeal decision, they may escalate the complaint to the IESG, and finally the IAB, as described in [RFC2026]. Appeals must be made within one month of receiving initial notification of the moderation action, or subsequent appeal outcome. In taking any action, the executive director shall notify the offender of these rights.¶
An individual who has been moderated, rate-limited, suspended, or banned from a list within the scope of this policy may apply to the executive director to restore normal posting rights after a period of twelve months, and every twelve months thereafter. At their sole discretion, the executive director may reinstate some or all posting priveleges to an individual. Such decisions are not subject to appeal.¶
The executive director may take any action they deem appropriate to limit spam, phishing, and other such automated attacks. They shall inform the IETF community of the mechanisms in place to the extent that sensible operational security permits.¶
The executive director shall collect and report aggregate statistics annually to the community about complaints received and their disposition.¶
The IETF requests that, if requested by the executive director, sufficient resources be allocated for this purpose.¶
This policy attempts to limit exposure of the names of individuals accused of inappropriate behavior. However, the transparency needs of the organization demand that the community be informed of certain actions taken against individuals. This permits community oversight of the function without causing undue embarressment or humiliation.¶
This memo creates no new technical mechanisms and therefore there are no security considerations.¶
[This section to be removed by RFC Editor.]¶
No registries are requested.¶
The authors would like to thank Marshall Rose for having first addressed this difficult subject in our series, as well as all those who have served as moderators and ombudspeople.¶
[[This section to be removed by RFC Editor]]¶