I think that a rather more fundamental problem is the fact that the IETF constitution prevents any organization or party speaking on behalf of the IETF as a whole.
I agree that it would be rather better if the IAB could take on this particular role than ISOC. But even the IAB can only represent a subset of IETF views on this topic. The tendency of NOMCON is to pick an IAB that 'will work together', which tends to mean that conflicting technical views have already been excluded before the IAB discussion begins.
At least the IAB could serve as a conduit for Liberty views into the IETF. I don't see ISOC playing that role.
>From a wider industry view, it is important to recognize here that the Liberty Alliance of 2009 is not the same organization that it was at the start, nor do the same conditions exist in the industry as then.
Liberty began at a time when the industry and mainstream press saw 'identity' as a gold rush. Many thought that the first company to establish a claim would gain control of cyberspace and so on. Liberty and AOL Magic Carpet were begun as an attempt to stop Microsoft Passport.
At this point we know that the original premise behind that particular industry battle was false. Deployment of an industry wide identity system is a much harder prospect than anyone thought then. There is really no risk that a proprietary system will grow like kudzu and engulf the net and this is now something that all the industry majors understand (but not some VC funded startups predicated on that strategy).
So at this point the rule in the identity space is safety in numbers. The major waring factions are now spending considerable time and effort to show that the war is over and there is going to be a concerted joint effort. Thus ISOC joining liberty does not represent the IETF taking sides in a Betamax/VHS battle. That would have been an issue three years ago, it is not really an issue at this point.
There are however some technical issues that need to be input to the debate that the IETF does need to take a stand on:
1) The DNS is the sole naming system for the Internet.
Identity is not an opportunity to roll out a new naming scheme whether the protocols are proprietary or not, whether the registry is open or not. Uniform naming schemes arise very infrequently. We have only had five uniform addressing schemes since the industrial revolution - latitude/longitude, the postal address system, telephone numbers, UPC barcodes and DNS names. If you can think of another, please let me know, I am thinking of writing a brief history of names.
Attempting to create a new naming basis inevitably attracts antibodies. My strong belief is that it is only possible to establish a naming system if people are not really paying attention. At this point everything connected to the Internet is scrutinized by people and organizations and governments that much prefer nothing to happen than for something to happen than might subsequently create a control point that is outside their control.
2) Make the base protocol simple
One of the big issues I take with many of the schemes out there is that they take an ISAKMP type approach to technology. Rather than commit to an actual decision we have mechanisms to negotiate mechanisms. It is not necessary to do that. Factor the authentication question out of the federation problem. Authentication technology is a bilateral choice between the end user and the authentication service. The relying party does not need to know anything about the technology or protocol employed.
3) Make the protocol comprehensible
The most irritating phenomena in the 'identity' world is the proliferation of jargon. Rather than attempting to learn existing nomenclature, some have invented their own. As a result technical progress tends to be slow.
-----Original Message-----
From: ietf-bounces@xxxxxxxx on behalf of John C Klensin
Sent: Sun 3/1/2009 10:12 PM
To: Patrik Fältström; Dave CROCKER
Cc: Hannes Tschofenig; ietf@xxxxxxxx; Lynn St. Amour; daigle@xxxxxxxx
Subject: Re: Internet Society joins Liberty Alliance Management Board: Why?
Patrik,
I fear that I need to side with Dave on this (!). For issues at
the technology-policy boundary, ISOC is seen in the outside
community as the representative and "voice" of the IETF. That
is generally a good thing and it is an impression many of us
have worked for years to create. However, its side-effect is
that, if ISOC ventures into a management/policy role with one
particular consortium, the same folks we have been trying to
persuade that ISOC should be seen as the lead policy body in the
Internet technical community --in large measure because it does
represent the IETF-- are likely to infer (and reasonably so)
IETF endorsement of that consortium and its efforts.
That ultimately has little or nothing to do with whether the
IETF has active work in the area or how that work is organized.
It is the presumption that the IETF is taking/endorsing a set of
positions via ISOC.
Like Dave, I don't see looking for IETF community consensus on
the details is either necessary or desirable. At the same time,
I think the IETF should be aware of the decisions being made and
the actions being taken early enough that interested community
members can make comments that are considered in the ISOC mix
and decision process. If this has been discussed in depth with
the IAB and the IAB chose to not engage the community in advance
of the press releases, then, IMO, the IAB has fallen down on its
job. Independent of the IAB, while IETF-appointed ISOC BoT
members represent themselves and not the IETF, I believe that
you (collectively) have at least a moral obligation to notice
issues on which the IETF community should be informed and to
make sure that happens... an obligation that goes well beyond
"well, you could have come to the meetings or read the minutes".
Certainly I know that the IETF has, as a body, tended to pay
fairly little attention to ISOC actions and activities. But
that may be a reason for more, rather than less, outreach.
I am not suggesting trying to undo this decision, but believe
that, as ISOC adds sufficient technically-qualified staff to
engage in activities like this on its own, we need to work,
collectively, on better ways to facilitate communication in a
timely basis in the future. In particular, we need to work
fairly hard to avoid a situation in which the IETF and ISOC end
up with different positions on an issue with external visibility
and consequences. To do so would damage the credibility of all
concerned.
best,
john
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf