Hi All,
Like most people who have been involved in these discussions over the past couple of years, I have my own personal views on the core problems facing the IETF's administrative support functions and what we should do to resolve them.
As we have worked through these issues, it has become clear to me that there are some significant problems with the organizational structure of the IETF's administrative support functions and with the current IETF funding model.
In my opinion, the current IETF administrative support function (the IETF Secretariat as provided by CNRI/Foretec) is poorly-defined, insufficiently accountable to the community, and insufficiently transparent. In particular:
(1) The current relationship between the IETF and CNRI/Foretec is unclear and poorly-defined.
This lack of clarity results in inefficient and often ineffective communication between the IETF leadership and those responsible for the IETF's administrative support functions. It also blurs important issues such as ownership of IETF data, tools and other intellectual property.
The roles and responsibilities of the IETF's administrative support organization should be well-defined in BCPs, and all relationships with outside service providers should be defined in publicly available contracts or MOUs.
(2) Our current administrative support functions are insufficiently accountable to the IETF community.
The community should have more say in how these functions are prioritized, funded and provided. The IETF community (through its chosen leadership) should have the ability to contract for administrative services that are not currently provided by CNRI/Foretec. We should also have the ability to seek competitive bids for current services in order to obtain better or more cost-effective service.
IMO, the IETF's administrative support functions should be overseen by a community-appointed board that is directly accountable to the IETF community, similar to the IAB or the IESG. This board should be responsible for understanding the IETF's administrative needs and working with any IETF administrative support employee(s) and other service providers to meet those needs. The use of the word "board" in this paragraph is not meant to imply that this should be a corporate board -- in fact, my preferred model would be an organizational board that is run under the auspices of ISOC, just like the IAB is today.
(3) The IETF community has insufficient visibility and control over our finances.
Revenue that is generated through IETF attendance fees, meeting sponsorship and related donations goes directly to CNRI and is used at CNRI/Foretec's discretion to fund the IETF Secretariat functions. I have a great deal of confidence in the honesty, integrity and good will of Bob Kahn and the other people involved in the CNRI/Foretec Secretariat function, but the result is that the IETF community is offered no real say in how these funds are spent, and the ownership of any real or intellectual property that is purchased or developed with these funds (such as the IETF mail systems, the I-D Tracker, our mailing list archives, our I-D archives) is unclear, at least to me.
There is also a significant flaw in this funding model, as the amount of IETF work (new I-Ds, RFCs published, active WGs) has continued to increase even though meeting attendance has fallen in recent years. Many of the performance/reliability issues that the community has experienced with the IETF Secretariat may be the result of inadequate staff and funding. To be fair to CNRI/Foretec, they have suggested other possibilities to raise additional funds for the IETF Secretariat service, such as running exhibits in conjunction with IETF meetings, but the IETF Chair has (wisely, IMO) refused to consider those options. And, any options that involve direct donations to the IETF Secretariat (such as additional sponsorship fees that have been paid by some sponsors) may directly undercut ISOC fund raising efforts, in effect choosing taxable income over tax-free income.
In addition to a lack of transparency, our current funding model results in having two separate budget pools -- the meeting fees and sponsorship revenues that fund the IETF Secretariat, and ISOC monies (from direct fundraising or PIR surpluses) that fund the RFC Editor, the IAB, the IETF's liability insurance and a discretionary fund for the IETF chair. Having these funds in two different pools limits the ability of the IETF community to do some things that I think we should do, such as investing in IT infrastructure improvements or developing unified tools for use throughout the IETF standards process (for I-Ds and RFC editor documents).
So, it is my personal belief that we need a single, not-for-profit (hopefully tax-exempt) organization that collects all of the IETF donations and revenues and distributes those funds in accordance with community-controlled priorities.
Some people have suggested that we should form a new corporation to replace CNRI (Scenario C), to avoid a possible future in which the goals of the IETF and ISOC are no longer aligned. Personally, I consider the possibility that the IETF and ISOC might part ways to be a very minor risk, especially given the extent to which ISOC's efforts are currently focused on the IETF.
I also think that there are three more relevant and substantially more serious risks that should be very carefully considered before we decide to form a new corporation:
(1) Any new organization that we create will need to have a corporate board and a corporate charter. It will have relationships with many other parties and may eventually have organizational members or corporate donors (at least for meeting sponsorships and donations-in-kind). So, it may be no less likely that a new organization will eventually fall out of alignment with the IETF.
(2) Forming a new organization to replace CNRI while keeping the current relationship with ISOC intact perpetuates some of the funding problems we have today. Corporate donors would still have to choose between making donations to ISOC and making direct donations (including sponsorships or donations-in-kind) to the IETF administrative function. We would still have two separately administered budget pools and we still wouldn't have one organization that is responsible for prioritizing and managing the IETF's budget.
(3) There are significant costs and risks associated with setting up a new organization. It has taken years to stabilize the ISOC governance model and achieve financial stability. It can also take many months to establish tax-exempt status for a new organization (PIR took about 1-1/2 years) and it is not a no-brainer that an IETF administrative support organization could achieve tax exempt status. It is substantially more expensive to hire a CEO (and related administrative, financial and legal support services) for a new organization than it would be to hire a director-level employee inside an existing corporation such as ISOC. Also, there is insufficient information to be certain that an IETF administrative support organization could be financially stable on its own -- we are told that CNRI/Foretec consistently loses money providing these services today.
Because of all of these issues, I would personally prefer to see an administrative support organization that consists of an organizational board that is organized under the ISOC corporate umbrella (just like the IAB is today). I believe that this is a model that has worked well for the IETF for many years, and it could continue to work well for many years into the future.
I don't really know if I have a preference for Scenario A or for Scenario B in Carl's draft, as the difference between those two choices somewhat eludes me. I don't believe that anyone could rationally propose that we enter into a relationship with ISOC to provide our administrative support services without formalizing that agreement in BCPs and/or MOUs as appropriate. And, regardless of how the relationship with ISOC is originally constituted, I am sure that it will evolve over time to serve the needs of an evolving IETF community.
I also feel very strongly that our administrative support functions should be overseen by a community-selected board, not by the corporate board of ISOC or any other corporation. That possibility doesn't seem to be explored in Carl's draft, but I think it is a vital part of any solution.
So, as usual, I am out on a limb voting for a choice that no one has offered me yet... At least I'm predictable that way. :-)
Margaret
[Disclaimer: In the interest of full disclosure, I would like to point out that I am currently serving as an Internet AD on the IESG and as an IETF-selected member of the ISOC Board of Trustees. I've been involved in the IETF for approximately 8 years and in ISOC for about 1-1/2 years. While I do consider ISOC to be a worthwhile organization in its own right, I also consider my ISOC Board of Trustee services to be one of the ways that I serve the IETF community.]
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf