> Reading through the comments on voting I am struck by a difference in > the approach people take to what the IETF is for. > > * One school of thought is that the reason for starting a working > group is to arrive at a better engineering outcome than is possible > independently. > > * Another school of thought is that the endorsement of a respected > body will lead to deployment > > * The position I do not see argued is that the point of a working > group is to establish the constituency required to deploy the > proposal. These are not mutually exclusive, and the last point is more dubious than the first two. While deployment is a necessary condition for success, so is technical soundness. Our broader purpose is not just to create new protocols - it's to keep the Internet working well. > As far as the first two positions go, I have made the mistake of > beleiving in them in the past. These days I recognize that there are > very few occasions where the way to arrive at an optimal solution is > to get a group of 40 people together to work on it. On the contrary, there are very many occasions where the way to understand the solution space to a problem is to involve a large number of people with varied concerns related to that problem. You don't want so many people involved in the actual design - but you do want them in on the problem definition and to provide feedback to design proposals. I've seen very few occasions where a design that was done in isolation - even by very intelligent people - held up well on the Internet. > I don't think that the imprimataur effect exists, if it did we would > all be using IPv6, IPSec and DNSsec. IETF's imprimatur does have an effect, in the sense that if there's a perceived need for a solution to some problem an IETF document is more likely to be seen as _the_ solution than a competing solution from, say, a vendor. IETF's imprimatur has less effect in cases where there is not a perceived need, or the solution doesn't seem like a good fit for the perceived need. People don't buy new hardware or software just because IETF has a spec for it. And IPv6 and IPsec are certainly being used, though perhaps not in the way _you_ think they should be used. > The real point of a working group process is to establish the > coalition of support you need to get the work deployed. I strongly disagree. And treating this as the real point of a WG is a good way to produce garbage. What is really needed is a balance - get the right people on board to produce a good solution that meets a wide variety of needs, AND who will help get the result deployed. That's not the same set of people, but often there is some overlap. > All a hum tells me is who makes most noise. If I am sitting in a WG > meeting and I vote for a particular proposal then the meeting knows > that I have a level of commitment to that proposal. If the group votes > the other way and I stay in the group even so there is another data > point. That's why, in my experience, we don't rely entirely on hums. We do hums and straw polls, but we also take individuals' input into account. People will adjust their hums and votes according to which individuals support the proposal and which ones oppose it, and they'll even take those individuals' affiliation into account. People will say to themselves, if the FemtoSoft or TransCo guy is that opposed to this proposal, it doesn't have a chance of being deployed, so I'm going to withhold my support also. I've seen it happen lots of times. I'm very opposed to giving FemtoSoft and TransCo more votes than anyone else but I don't have a problem with individuals considering that certain contributors input carries more weight than others. > In my book people who actually write code and deploy code have a > rather bigger say in the typical decision than those who do not. If > someone makes a proposal and the authors of the six major > implementations and all the ISPs in the room vote against it then in > my view the proposal isn't happening regardless of what the > 'consensus' might be. And in all my IETF experience I've never seen anyone declare consensus when the authors of six major implementations and all of the ISPs in the room were opposed to it. > The other really big problem with hums is that they can be very > corrosive of trust in the chairs. The vote might have been in favor 40 > to 10 and the chair assesed the hum as in favor and ten people still > go to the bar thinking that the system is rigged. Hums lack > auditability and as recent experience of machine voting in several > countries has demonstrated auditability is the single biggest issue > for a voting system as far as most voters are concerned. Large scale > intimidation is pretty easy to pick up. We do rely on our chairs to not abuse their positions. And we often have multiple chairs to reduce the risk of this happening. When chairs do abuse their positions, there's a process for that. I do think that we have too many cases where chairs are also document authors so that there is an almost inherent conflict of interest. > Why can't we elect the WG chairs? Why can't we elect the ADs? Say for the purpose of argument you're running a business, or maybe a large non-profit organization. Would you let your employees elect their managers? Do you think that would be a good way of choosing people who would carry out the organization's strategic goals? The last thing that iETF needs is to let organizations buy votes by having their employees become members or sending them to meetings. We have too much influence from two or three large corporations these days, and far too little input from operators and users. Yes we need the input from the corporations, but we don't need more input from them that we have now. What we need is more balance. I could see a place for voting in some things - like choosing people who decide or oversee how the organization's money is spent, and maybe in choosing ombudsmen who would help in dispute resolution. I don't think voting has a place in IETF's technical decision-making. > I feel > absolutely no responsibility or duty towards officials that I have no > part in electing and I don't think many other people do. There is a > reason why the IESG is generally treated as if it was some sort of > politburo, that is how people will relate to a body that is formed by > a proceedure whose clear purpose is to distract the masses. On the contrary, the purpose of popular elections is often to distract the masses by making them think they have buyin when they actually don't. Nomcom works much better than that. > If people want to deploy IPv6 or IPSec or DNSsec or any of the other > decades overdue technologies the IETF has grown infamous for delaying > the only way it is going to happen is to hold a meeting with the > stakeholders whose buy in is needed to deploy and to negotiate. If you had tried to identify the parties whose buyin were needed to deploy IPsec and IPv6 you'd have gotten it wrong. In both of those cases a big part of the reason for the delay is that the people developing the protocols didn't understand their target market. (this may still be the case to a large degree) And it's not because the presumed-to-be major players weren't involved, it's because the participants didn't fully understand and anticipate how the Internet was changing. Voting wouldn't solve that problem. > Contrary to what some people believe the problems are not going to be > solved by a more perfect document. Nor is refusing to hold such a > meeting under IETF auspices going to stop such meetings happening, in > fact they are going on already and the IETF is not being invited. People say such things like it's some sort of threat or reality check. That's silly. Everyone should understand that there will always be other standards organizations (including both those that try to be fair and balanced, and those that are shills for a particular vendor) with different agendas than IETF. They have their own goals and agendas. That doesn't mean that IETF should abandon its goals. > The biggest problem with 'voting' is the tourism factor. A group can > have a carefully worked out possition on a topic and then have it > wrecked by a group of people coming into the room because they have > heard about 'the issue' through the totally unbiased and accurate lens > of a story on Slashdot. > > The way the system works in OASIS is that there is a con call every > week or two weeks and members of the group have to attend the con > calls to maintain voting rights. That's a really lousy way to ensure broad input and a really good way to make sure that the group works in isolation and produces irrelevant output. > The fact that people can leave and take their ball with them is the > thing that makes the standards process work. It is absolutely not a > failure of process that a group whose idea is rejected by the IESG can > go off and work on it elsewhere. It is the only check to balance the > whole system. I agree with that much. Competing organizations help keep IETF honest. Keith _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf