ietf
[Top] [All Lists]

Re: Proposed IESG structure change

2014-10-10 10:11:40
On 10 October 2014 00:31, Phillip Hallam-Baker 
<phill(_at_)hallambaker(_dot_)com>
wrote:

When security applications got their own area it was because doing
secure applications was unusual and considered specialist. Then when
realtime came along it was considered unusual and considered
specialist.

From here on all application protocols will need security and
virtually all will be realtime. So realtime becomes just 'apps'.

Security area should be like transport, security infrastructure, not
applications that happen to be secure.


I suspect that for the most part, many of the security area groups are
applications which concern themselves with security. If you consider how
TLS is used within Applications as essentially a Transport protocol, or how
the SASL Working Group was almost entirely populated with Applications
people, there's a reasonable argument that the Security Area should shed
its working groups into other areas, and concentrate instead on cross-area
review.

That's not saying that we should drop a Security AD, mind - but saying that
working groups do not an area make.

What concerns me with dropping Applications is that without applications,
we have an interesting academic exercise rather than a product. Dropping
Applications expertise is decreasing user focus from the IESG, and I don't
see how this is a positive step, or one in which the overall "relevance" of
the IETF will increase. As an organization, I think we should be working
across the entire stack, of course, but we should be working to improve the
internet for its users. And while each layer of the stack has, or should
have, an impact on end users, the closest edge to those users is
Applications.

In fairness, I'm also worried that we're conflating the management
functions of the Area Directors with the technical expertise functions,
and, noting a reduced requirement for management function, we are removing
the expertise as well. I would rather a surplus of management capability
than a dearth of technical skill. While separating these two functions
entirely would also be a disaster of a different colour, maintaining an
awareness that there are two factors at play would put my mind  more at
ease.

Dave.
<Prev in Thread] Current Thread [Next in Thread>