Hi, I agree with Vidya. To be honest, I really thought this was an oversight and not intentional. If the Security area has a similar split as the O&M area, I think this really should be discussed. To my understanding, we don't have such split documented to any other area and I think this kind of "hard" split should be discussed. Perhaps the split is right and I just wasn't aware of it. However, it seems other people were unaware of the split as well. BTW, are the explicit technologies Kerberos, GSS-API, and SASL representing the "other half" of the area. I'm asking, because I'm not a security expert and not active in the security area. Cheers, Jonne. On 7/25/07 1:12 AM, "ext Narayanan, Vidya" <vidyan@xxxxxxxxxxxx> wrote: > I thought the requirements were too specific for the SEC area last year > as well :) I do realize that the text has been largely reused from last > year, but, I think we need to revisit some of these specific > descriptions. > > We cannot expect the Nomcom to be familiar enough with all areas to use > their judgment in addition to the requirements received. I think we > need to get better at providing the requirements so that the Nomcom will > really know what they are looking for in candidates. > > At the moment, I really think the SEC area requirements are misleading > to the Nomcom and can use a revision. > > Vidya > >> -----Original Message----- >> From: Russ Housley [mailto:housley@xxxxxxxxxxxx] >> Sent: Tuesday, July 24, 2007 2:01 PM >> To: Narayanan, Vidya >> Cc: ietf@xxxxxxxx >> Subject: RE: Requirements for Open IESG Positions >> >> One important thing needs to be considered in the Security >> and O&M Areas. There are two ADs, and they are expected to >> have somewhat different skill sets. For contrast, here are >> the requirements that were provided to NomCom2006 for these positions. >> >> Russ >> >> ----------------------------------------------- >> Operations & Management Area: >> >> The primary technical areas covered by the Operations & >> Management area include: Network Management, AAA, and various >> operational issues facing the Internet such as DNS >> operations, IPv6 operations, Routing operations. >> >> Unlike most IETF areas, the Operations & Management area is >> logically divided into two separate functions: Network >> Management and Operations. >> David Kessens is currently responsible for the Operations >> portion of the OPS area, so specific expertise required for >> the open position would include a strong understanding of >> Internet operations, as well as the ability to step into >> Network Management issues when necessary. >> >> The Operations AD is largely responsible for soliciting >> operator feedback and input regarding IETF work. This is a >> challenging task that requires strong contacts in the >> operations community and a great deal of persistence. >> >> Another important role of the Operations AD is to identify >> potential or actual operational issues regarding IETF >> protocols and documents in all areas, and to work with the >> other areas to resolve those issues. >> This requires a strong understanding of how new and updated >> protocols may affect operations, and the ability to gather >> information from the operations community and translate that >> information into suggestions for protocol architecture and >> design within the IETF. It also requires a strong cross-area >> understanding of IETF protocol architecture and technologies. >> >> The Operations portion of the OPS area intersects most often >> with the Routing, Internet and Security areas. So, >> cross-area expertise in any of those areas would be >> particularly useful. >> >> ----------------------------------------------- >> Security Area: >> >> The WGs within the Security Area are primarily focused on >> security protocols. They provide one or more of the security >> services: >> integrity, authentication, non-repudiation, confidentiality, >> and access control. Since many of the security mechanisms >> needed to provide these security services are cryptographic, >> key management is also vital. >> >> Security ADs are expected to ensure that all IETF >> specifications are reviewed for adequate security coverage. >> They also manage a set of security resources that are >> available to most IETF areas and WGs. >> >> Specific expertise required for a Security AD would include a >> strong knowledge of IETF security protocols, particularly >> IPsec, IKE, and TLS, and a good working knowledge of security >> protocols and mechanisms that have been developed inside and >> outside the IETF, most notably including PKI. >> >> Also, a Security AD should understand how to weigh the >> security requirements of a protocol against operational and >> implementation requirements. We must be pragmatic; otherwise >> people will not implement and deploy the secure protocols >> that the IETF standardizes. >> >> The Security Area intersects with all other IETF areas, and >> its ADs are expected to read and understand the security >> implications of documents in all areas. So, broad knowledge >> of IETF technologies and the ability to assimilate new >> information quickly are imperative for a Security AD. >> >> At 02:44 PM 7/24/2007, Narayanan, Vidya wrote: >>> Some additional comments on the topic: >>> >>> In particular, taking the security area requirements as an >> example, the >>> description provided talks about expertise needed based on >> the current >>> ongoing work in the security area. While this is one part, >> we want ADs >>> that can bring in/ evaluate new work which may or may not be >> related to >>> any of the ongoing work in the area. Especially in the >> security area, >>> such relation to other work is very hard to predict. >>> >>> Personally, I don't think it is a requirement for an AD to >> have a deep >>> understanding of all the protocols produced by the area; rather, for >>> the security area, for example, I think it is important that the ADs >>> are capable of analyzing threat models and evaulating the security >>> implications of work happening in other areas, or have a sufficient >>> security background to grasp issues raised by experts of a certain >>> protocol, etc. I think it is much less important that the AD has a >>> top-to-bottom understanding of TLS or Kerberos or IKEv2 or any one >>> thing in particular. >>> >>> I provided this input last year as well and I think it is very >>> important for us to select an "area generalist" as an AD over a >>> specialist in a particular set of protocols. >>> >>> Vidya >>> >>> >>> _______________________________________________ >>> Ietf mailing list >>> Ietf@xxxxxxxx >>> https://www1.ietf.org/mailman/listinfo/ietf >> >> > > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www1.ietf.org/mailman/listinfo/ietf -- Jonne Soininen Nokia Siemens Networks Tel: +358 40 527 46 34 E-mail: jonne.soininen@xxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf