Hello all, Sorry for opening this obvious can of worms (well, I think it has been opened a number of times, so the worms are probably already gone now..), but when considering how the IETF needs to change, it's obvious that we'll first (unless we just stick to the relatively "safe" changes, like improving review, enhancing the tools, streamlining the process, etc.) have get consensus on what the IETF should be doing in the first place. >From the URL (and the material it references): http://www.alvestrand.no/ietf/chair/change-status.html .. I'll quote some important pieces (hopefully) not too much out of context: === The common purpose that brings the IETF together is that "The Internet must work". === - I believe that's a shared purpose; of course, different people have different things in mind when they think about what constitutes "Internet" and "work" though. === A large part of making the Internet work is the job of others, and NOT IETF business - because others do it better. This includes: - Deploying networks. ISPs do that. - Building products. Vendors do that. - Regulating the ways in which the Internet can be used. Governments do that (and ICANN tries to). === - These are so overly broad statements that they're close to unusable UNLESS you believe IETF is just a rubber-stamping standards organization. For example, what constitutes "deploying networks"? IETF certainly shouldn't be go digging fibers, or give advice on how to dig fibers. But as the vast evidence makes it clear, most ISPs do a very lousy job of deploying networks *properly*, causing harm to the Internet as a whole. Wouldn't it be somewhat in the IETF's business to try to give advice (using BCP and Info documents) how to do it better? I guess one could argue against this, with "well, then why don't the users pick their competitors?" -- but the point is that many networks aren't really that bad on the user of *that* network, but for the Internet as a whole. It seems pretty clear that "darwinism" doesn't help, and the stakes ("the commons") are too high to ignore these issues. Similarly, "building products" is vague, and may become problematic especially if one believes the IETF (however that decision could be reached is another can of worms entirely) has the power to say "No, we don't want to standardize FOO" or "No, we don't want to standardize the means to do BAR using the approach FOO". Then the vendor could argue it's not the IETF's business to tell how it should build it's products. Similarly, this "gray area" is often invaded when the specifications state which knobs, toggles or features MUST/SHOULD be implemented -- isn't this also telling the vendors how to build products? (Of course, there is a fine line with actually "building products" and "documenting how one could build a product (if it was to be standards-compliant)".) "Regulating the Internet" is also not problem-free. If the IETF decides not to standarize or publish something which is considered to be a Bad Thing (e.g., NAT for IPv6, Wiretapping mechanisms, VOIP Backdoors, etc.etc.) -- couldn't one argue that the IETF is basically regulating the Internet by some means? Naturally, the IETF has no power outside it's own "jurisdiction" (i.e., publishing documents, and to an extent, overseeing the administration of number spaces), so the IETF can't (and shouldn't) disallow someone from doing something which may be a bad idea anyway -- just it won't give its "blessing" for doing so. But still, it seems the IETF is trying to (gently) guide the Internet around the things that seem like really bad ideas. === "The purpose of the IETF is to create high quality, relevant, and timely standards for the Internet." Note that this clearly positions the IETF primarily as a standards development organization. There are other activities in the IETF; but if the IETF does not do its core mission, all else will quickly fade. [...] Supporting missions [...] The IETF has also had a strong operational component, with a tight bond, and hence coordination, between protocol developers and network operators, and has had many participants who did both. This has provided valuable feedback to allow correction of misguided standardization efforts, and has provided feedback to sort out which standards were actually needed. As the field has grown explosively, specialization has set in, and market pressures have risen, there has been less and less operator participation in the IETF. === I'm not sure if I agree that the main purpose of the IETF is to produce standards for the Internet. I guess this boils down to the fact whether the processes should be vendor-driven or consumer/customer-driven. Naturally, from the vendor perspective, creating interoperable standards is the most important thing. (Of course, some vendors could use the lack of standards as a business driver as well, so this is probably an animous opinion..) E.g., giving advice on how to deploy technologies (e.g., ingress filtering) is probably not seen interesting or necessary. >From the customer/operator/consumer perspective, however, this may be slightly different. In a multi-vendor networks, interoperability is of course important. But even more, the standards which exist must be relevant -- anything else is waste of time and energy, or even damaging ("misleading the users to think they need X, or to achieve the effect of X, they should do it with mechanism X"). Second, what's more important than the standards themselves is some guidance or advise on where/whether they are needed or useful in the first place and if there are significant problems in deploying something, some advice on how to go about doing that. Of course, one could ask whether the IETF is the right place to do that? Well, at least some part of that has to (and should) be done by someone else, but putting it everything on e.g. vendors would be extremely counter-productive, as discussed above. Third, general documents in general are also very useful (e.g., documenting how the implementations are _not_ standards-compliant and what practical problems that causes, or what are the issues/considerations in FOO (e.g., DNSSEC, DDNS, etc. -- or a subset thereof)). Therefore, I'd be quite hesitant to lower the other functions the IETF is doing to be just supporting missions. Producing the standards should probably be listed in the mission, but not as the only item. Sorry for the long note. On Fri, 16 Jan 2004, Harald Tveit Alvestrand wrote: > I've attempted to update my summary of "where everything is" and placed it > on http://www.ietf.org/u/ietfchair/change-status.html > > Because a cron job has to run before it's visible, it may be late in > arriving - if the date at the top says "January 13", it's the new version. > > A pre-production copy is on > http://www.alvestrand.no/ietf/chair/change-status.html if anyone's in a > hurry. > > Comments welcome - but don't expect a quick response from me; I'll be > (mostly) off the net next week.... > > Harald > > > > -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings