Hello all,
Sorry for opening this obvious can of worms (well, I think it has been
opened a number of times, so the worms are probably already gone
now..), but when considering how the IETF needs to change, it's
obvious that we'll first (unless we just stick to the relatively
"safe" changes, like improving review, enhancing the tools,
streamlining the process, etc.) have get consensus on what the IETF
should be doing in the first place.
From the URL (and the material it references):
http://www.alvestrand.no/ietf/chair/change-status.html
.. I'll quote some important pieces (hopefully) not too much out of
context:
===
The common purpose that brings the IETF together is that "The Internet
must work".
===
- I believe that's a shared purpose; of course, different people have
different things in mind when they think about what constitutes
"Internet" and "work" though.
===
A large part of making the Internet work is the job of others, and NOT
IETF business - because others do it better.
This includes:
- Deploying networks. ISPs do that.
- Building products. Vendors do that.
- Regulating the ways in which the Internet can be used. Governments
do that (and ICANN tries to).
===
- These are so overly broad statements that they're close to unusable
UNLESS you believe IETF is just a rubber-stamping standards
organization. For example, what constitutes "deploying networks"?
IETF certainly shouldn't be go digging fibers, or give advice on how
to dig fibers.
But as the vast evidence makes it clear, most ISPs do a very lousy job
of deploying networks *properly*, causing harm to the Internet as a
whole. Wouldn't it be somewhat in the IETF's business to try to give
advice (using BCP and Info documents) how to do it better?
I guess one could argue against this, with "well, then why don't the
users pick their competitors?" -- but the point is that many networks
aren't really that bad on the user of *that* network, but for the
Internet as a whole. It seems pretty clear that "darwinism" doesn't
help, and the stakes ("the commons") are too high to ignore these
issues.
Similarly, "building products" is vague, and may become problematic
especially if one believes the IETF (however that decision could be
reached is another can of worms entirely) has the power to say "No, we
don't want to standardize FOO" or "No, we don't want to standardize
the means to do BAR using the approach FOO". Then the vendor could
argue it's not the IETF's business to tell how it should build it's
products. Similarly, this "gray area" is often invaded when the
specifications state which knobs, toggles or features MUST/SHOULD be
implemented -- isn't this also telling the vendors how to build
products? (Of course, there is a fine line with actually "building
products" and "documenting how one could build a product (if it was to
be standards-compliant)".)
"Regulating the Internet" is also not problem-free. If the IETF
decides not to standarize or publish something which is considered to
be a Bad Thing (e.g., NAT for IPv6, Wiretapping mechanisms, VOIP
Backdoors, etc.etc.) -- couldn't one argue that the IETF is basically
regulating the Internet by some means? Naturally, the IETF has no
power outside it's own "jurisdiction" (i.e., publishing documents, and
to an extent, overseeing the administration of number spaces), so the
IETF can't (and shouldn't) disallow someone from doing something which
may be a bad idea anyway -- just it won't give its "blessing" for
doing so. But still, it seems the IETF is trying to (gently) guide
the Internet around the things that seem like really bad ideas.
===
"The purpose of the IETF is to create high quality, relevant, and
timely standards for the Internet."
Note that this clearly positions the IETF primarily as a standards
development organization. There are other activities in the IETF; but
if the IETF does not do its core mission, all else will quickly fade.
[...]
Supporting missions
[...]
The IETF has also had a strong operational component, with a tight
bond, and hence coordination, between protocol developers and network
operators, and has had many participants who did both. This has
provided valuable feedback to allow correction of misguided
standardization efforts, and has provided feedback to sort out which
standards were actually needed. As the field has grown explosively,
specialization has set in, and market pressures have risen, there has
been less and less operator participation in the IETF.
===
I'm not sure if I agree that the main purpose of the IETF is to
produce standards for the Internet. I guess this boils down to the
fact whether the processes should be vendor-driven or
consumer/customer-driven.
Naturally, from the vendor perspective, creating interoperable
standards is the most important thing. (Of course, some vendors could
use the lack of standards as a business driver as well, so this is
probably an animous opinion..) E.g., giving advice on how to deploy
technologies (e.g., ingress filtering) is probably not seen
interesting or necessary.
From the customer/operator/consumer perspective, however, this may be
slightly different. In a multi-vendor networks, interoperability is
of course important. But even more, the standards which exist must be
relevant -- anything else is waste of time and energy, or even
damaging ("misleading the users to think they need X, or to achieve
the effect of X, they should do it with mechanism X"). Second, what's
more important than the standards themselves is some guidance or
advise on where/whether they are needed or useful in the first place
and if there are significant problems in deploying something, some
advice on how to go about doing that. Of course, one could ask
whether the IETF is the right place to do that? Well, at least some
part of that has to (and should) be done by someone else, but putting
it everything on e.g. vendors would be extremely counter-productive,
as discussed above. Third, general documents in general are also very
useful (e.g., documenting how the implementations are _not_
standards-compliant and what practical problems that causes, or what
are the issues/considerations in FOO (e.g., DNSSEC, DDNS, etc. -- or a
subset thereof)).
Therefore, I'd be quite hesitant to lower the other functions the IETF
is doing to be just supporting missions. Producing the standards
should probably be listed in the mission, but not as the only item.
Sorry for the long note.
On Fri, 16 Jan 2004, Harald Tveit Alvestrand wrote:
I've attempted to update my summary of "where everything is" and placed it
on http://www.ietf.org/u/ietfchair/change-status.html
Because a cron job has to run before it's visible, it may be late in
arriving - if the date at the top says "January 13", it's the new version.
A pre-production copy is on
http://www.alvestrand.no/ietf/chair/change-status.html if anyone's in a
hurry.
Comments welcome - but don't expect a quick response from me; I'll be
(mostly) off the net next week....
Harald
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings