RFC SERIES OVERSIGHT COMMITTEE (RSOC) December 13, 2018 RSOC Meeting Reported by: Cindy Morgan, IETF Secretariat ATTENDEES --------------------------------- - Sarah Banks (Chair) - Heather Flanagan (RSE, non-voting) - Tony Hansen - Cindy Morgan (Scribe, non-voting) - Adam Roach - Peter Saint-Andre - Robert Sparks (Lead) REGRETS --------------------------------- - Christian Huitema - Portia Wenze-Danley (IETF LLC Board Liaison, non-voting) MINUTES --------------------------------- 0. Review of minutes The minutes of the 8 November 2018 RSOC meeting were approved. 1. Format work update Heather Flanagan reported that the RPC is continuing to test the new format tools. Robert Sparks reported that Henrik Levkowetz plans to release a first version of the RFC formatter soon. The first release will only support PDF-1.3, as there have been difficulties finding a library that creates PDF/A correctly. Robert Sparks noted that the new version of idnits should be completed before the end of 2018. Planning for the future of xml2rfc v3 was discussed in an executive session. 2. Satisfaction surveys Heather Flanagan reported that she and Peter Saint-Andre are discussing ways to change the author satisfaction surveys, such as surveying authors at the time of publication rather than sending surveys out to a random sample of authors at the end of the year. Heather will bring a more concrete plan back to the RSOC next month. 3. Upcoming: security audit Robert Sparks is putting together a statement of work for a security audit of the web-facing tools used by the RPC. The security audit needs to be completed before the RPC can move to a public code base that could leverage volunteer efforts. Sarah Banks asked who would be responsible for making changes to the code to remediate any issues found during the security audit. Robert Sparks replied that it would probably be the contractor who does the analysis; that will be part of the statement of work. Sarah Banks asked whether this would be a one-off effort or something that would be done periodically. Robert Sparks replied that for now, it is being treated as a one-off effort. Heather Flanagan added that this could be discussed further once the initial audit is complete; the RSOC might decide that they want to do this periodically depending on how much the code changes over time. Robert added that the initial audit will be paid for under the Tools Team's budget. 4. RSOC procedures and the IAOC/IETF LLC Tony Hansen volunteered to review the RSOC procedures and suggest updates to remove references to the IAOC. 5. Machine readable errata and hosting RFCs with errata in-line Heather Flanagan reported that the RPC has been working to get errata into a machine-readable format, which raises the question about using this material for annotated RFCs. Heather noted that previous RSOCs were hesitant to host annotated RFCs on the RFC Editor website because that might cause confusion between the canonical RFCs and the annotated versions, but that concern could be mitigated by putting the annotated versions in a sandbox space. Adam Roach reported that he has put together a prototype proof-of- concept tool that shows what inline errata could look like; this was presented to the IESG at IETF 103. Adam will send out the slides from that discussion to the RSOC.