From 8103f07ec7598867a7b18c37d51371785755bb4d Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Fri, 6 Jun 2025 16:44:39 -0600 Subject: [PATCH 1/5] Define some process for placeholder MSCs --- content/proposals.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/content/proposals.md b/content/proposals.md index b58a98be..fcb8ace3 100644 --- a/content/proposals.md +++ b/content/proposals.md @@ -493,6 +493,34 @@ In summary: a small table at the bottom mapping the various values from stable to unstable. +### Placeholder MSCs + +Some proposals may contain security-sensitive or private context which can't be +publicly disclosed until a later stage in the idea or solution process. Typically, +the initial idea is validated using some amount of implementation or experimentation +and may require an MSC number to make that implementation easier. + +Placeholder MSCs are used to represent proposals in a state where implementation +is ongoing, but the MSC details can't yet be disclosed. Authors which feel as +though their MSC could be highly sensitive MUST get in contact with the Spec Core +Team or Security Team prior to opening their MSC. If either team determines that +a placeholder MSC is required, it may be opened as such. + +There are a few expectations attached to placeholder MSCs: + +* They are tagged as WIP drafts ahead of receiving real content. +* They are relatively short-lived (ideally less than 6-12 months in placeholder). +* They propose solutions which are reasonably likely to be accepted. If a placeholder + needs to be closed because the idea won't work, isn't needed, etc, then the MSC's + content MUST be published ahead of that closure. +* When they are updated to receive real content, the following happens: + 1. The Spec Core Team or the author leaves a comment to cause a notification + that the MSC has been replaced with real content. + 2. The `proposal` label (or its equivalent) is removed and re-applied to trigger + chat notifications in the public Matrix rooms. +* The Spec Core Team is aware of the intended MSC's title and purpose. This is + especially important if the Security Team approved the use of a placeholder MSC. + ## Proposal Tracking This is a living document generated from the list of proposals on the From 3014a2bea98ada4e0e987597c1077d35c210bb75 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Fri, 6 Jun 2025 16:46:31 -0600 Subject: [PATCH 2/5] changelog --- changelogs/internal/newsfragments/2157.feature | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelogs/internal/newsfragments/2157.feature diff --git a/changelogs/internal/newsfragments/2157.feature b/changelogs/internal/newsfragments/2157.feature new file mode 100644 index 00000000..58571d8c --- /dev/null +++ b/changelogs/internal/newsfragments/2157.feature @@ -0,0 +1 @@ +Add "placeholder MSC" process definition. \ No newline at end of file From 8a68e4e67e71bc4f6dc8b1dde53d5cd2627c1b3d Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Thu, 3 Jul 2025 13:23:16 -0600 Subject: [PATCH 3/5] Clarity + adjust to use dedicated labels --- content/proposals.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/content/proposals.md b/content/proposals.md index fcb8ace3..467ee99a 100644 --- a/content/proposals.md +++ b/content/proposals.md @@ -508,7 +508,9 @@ a placeholder MSC is required, it may be opened as such. There are a few expectations attached to placeholder MSCs: -* They are tagged as WIP drafts ahead of receiving real content. +* They have a title which marks them WIP, and are in the "draft" state. +* They have the following labels: `[proposal-placeholder, action-required, needs-implementation]`. + * Notably, *not* `proposal`. * They are relatively short-lived (ideally less than 6-12 months in placeholder). * They propose solutions which are reasonably likely to be accepted. If a placeholder needs to be closed because the idea won't work, isn't needed, etc, then the MSC's @@ -516,8 +518,10 @@ There are a few expectations attached to placeholder MSCs: * When they are updated to receive real content, the following happens: 1. The Spec Core Team or the author leaves a comment to cause a notification that the MSC has been replaced with real content. - 2. The `proposal` label (or its equivalent) is removed and re-applied to trigger - chat notifications in the public Matrix rooms. + 2. The `proposal` label (or its equivalent) is added to trigger chat notifications + in the public Matrix rooms. The `proposal-placeholder` and `action-required` + labels should be removed at this stage as well. Other labels are removed/applied + per normal process. * The Spec Core Team is aware of the intended MSC's title and purpose. This is especially important if the Security Team approved the use of a placeholder MSC. From 2317aab205ecd015b4def1be9077cf830477d559 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Thu, 3 Jul 2025 13:26:23 -0600 Subject: [PATCH 4/5] add contact details --- content/proposals.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/content/proposals.md b/content/proposals.md index 467ee99a..ba01028b 100644 --- a/content/proposals.md +++ b/content/proposals.md @@ -503,8 +503,9 @@ and may require an MSC number to make that implementation easier. Placeholder MSCs are used to represent proposals in a state where implementation is ongoing, but the MSC details can't yet be disclosed. Authors which feel as though their MSC could be highly sensitive MUST get in contact with the Spec Core -Team or Security Team prior to opening their MSC. If either team determines that -a placeholder MSC is required, it may be opened as such. +Team or [Security Team](https://matrix.org/security-disclosure-policy/) prior to +opening their MSC. If either team determines that a placeholder MSC is required, +it may be opened as such. There are a few expectations attached to placeholder MSCs: From f50ec74b45b90047ded7ac058a8c6f17a102b741 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Thu, 3 Jul 2025 13:28:08 -0600 Subject: [PATCH 5/5] Clarify that closure may be later --- content/proposals.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/content/proposals.md b/content/proposals.md index ba01028b..2f32fe2b 100644 --- a/content/proposals.md +++ b/content/proposals.md @@ -516,6 +516,9 @@ There are a few expectations attached to placeholder MSCs: * They propose solutions which are reasonably likely to be accepted. If a placeholder needs to be closed because the idea won't work, isn't needed, etc, then the MSC's content MUST be published ahead of that closure. + * Note: the MSC's publication (and therefore closure) may be delayed until an + appropriate point in the security disclosure cycle. For example, an alternative + MSC being published, or a stream of work being completed. * When they are updated to receive real content, the following happens: 1. The Spec Core Team or the author leaves a comment to cause a notification that the MSC has been replaced with real content.