Perhaps we all agree that standardization without some sort of
conformance >verification is ineffective.
The only problem with that assessment is 25 years of Internet
experience, all of which was based of no conformance verification,
but quite a bit of effectiveness.
ps. yes, yes. individual implementors worry quite a lot about
conformance verification. however, the topic under discussion has
to do with formal, community-based efforts, rather than individual
actions.
Let's just do this, it's simple, easy, and a no-hassles revenue
generator for IETF:
- Design and Register an "Internet Certified" Trademark, Owned
by the IETF
- Create an application, as part of the application you must
sign that your product complies with all approved and relevant
IETF RFCs. You just sign it and agree that you think your
product does.
- Boom, you get back a license to use the trademark. No compliance
testing, nothing. This is a good-faith "general" trademark.
- You give everyone who files the application use of the trademark,
until *they* break the trust, and fail to correct.
- If a given vendor, who is "Internet Certified" starts behaving
badly you can suspend or even revoke use of the trademark. This
action should be taken at the working group level. Some rules
should be developed here, but it should be simple, clear, and
easy for everyone to understand. Clear expectations of use of the
generic IETF trademark are key. It is the clarity that is key.
- The IETF community at large needs to educate all the CIOs and
IT Managers we know about the "Internet Certified" trademark,
and explain to them, that if they want a hassle-free IT shop
free from vendor battles, they need to demand that they write
in IETF "Internet Certified" compliance.
If companies refuse to comply, that's fine. They'll be forced to
comply at the choke point... the CIO buying their software. I know
many CIOs and they are all as fed up with standards problems as I am,
and they would be *THRILLED* to get a strangle hold on bad vendors,
and this is the fair, ethical way to do it.
It's for the good of everyone, because fundamentally the IETF is
about interoperability, and that's what it needs to be about. It
has done an incredible job, but moving forward, it needs to take
a bigger step. Just give everyone who fills out an application
instant certification based on good faith, and at a very low cost.
This will get certification levels really up there. All the smaller
businesses, like us, will emblazon and champion our products as
interoperable. The bigger ones trying to do "standards" plays on
the market will be forced to conform.
Fundamentally these stuped battles just hurt everyone, double the
costs on everything and make everything move at half-speed, and
frankly, I'm tired of it.
We need a simple, effective solution, and this is the solution.
I am confident of that, because we can write it into our contracts,
and we wholeheartedly trust the IETF to make the best "standards"
decisions. There have been so many times we thought we were right
about things.. when the IETF came up with a better solution.
Badly behaving companies need to learn how to play fair, and if
they aren't willing to, we need to force them to, at the choke
point, their cash flow.
The above solution is the simple, easy solution to this problem,
and if there is *anything* in the world I can do to help make it
happen, please let me know what I should do, and I'll do it.
Kyle Lussier
AutoNOC LLC