Some additional comments on the topic:
In particular, taking the security area requirements as an example, the
description provided talks about expertise needed based on the current
ongoing work in the security area. While this is one part, we want ADs
that can bring in/ evaluate new work which may or may not be related to
any of the ongoing work in the area. Especially in the security area,
such relation to other work is very hard to predict.
Personally, I don't think it is a requirement for an AD to have a deep
understanding of all the protocols produced by the area; rather, for the
security area, for example, I think it is important that the ADs are
capable of analyzing threat models and evaulating the security
implications of work happening in other areas, or have a sufficient
security background to grasp issues raised by experts of a certain
protocol, etc. I think it is much less important that the AD has a
top-to-bottom understanding of TLS or Kerberos or IKEv2 or any one thing
in particular.
I provided this input last year as well and I think it is very important
for us to select an "area generalist" as an AD over a specialist in a
particular set of protocols.
Vidya
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf