On 10 October 2014 00:31, Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> wrote:
When security applications got their own area it was because doing
secure applications was unusual and considered specialist. Then when
realtime came along it was considered unusual and considered
specialist.
>From here on all application protocols will need security and
virtually all will be realtime. So realtime becomes just 'apps'.
Security area should be like transport, security infrastructure, not
applications that happen to be secure.
I suspect that for the most part, many of the security area groups are applications which concern themselves with security. If you consider how TLS is used within Applications as essentially a Transport protocol, or how the SASL Working Group was almost entirely populated with Applications people, there's a reasonable argument that the Security Area should shed its working groups into other areas, and concentrate instead on cross-area review.
That's not saying that we should drop a Security AD, mind - but saying that working groups do not an area make.
What concerns me with dropping Applications is that without applications, we have an interesting academic exercise rather than a product. Dropping Applications expertise is decreasing user focus from the IESG, and I don't see how this is a positive step, or one in which the overall "relevance" of the IETF will increase. As an organization, I think we should be working across the entire stack, of course, but we should be working to improve the internet for its users. And while each layer of the stack has, or should have, an impact on end users, the closest edge to those users is Applications.
In fairness, I'm also worried that we're conflating the management functions of the Area Directors with the technical expertise functions, and, noting a reduced requirement for management function, we are removing the expertise as well. I would rather a surplus of management capability than a dearth of technical skill. While separating these two functions entirely would also be a disaster of a different colour, maintaining an awareness that there are two factors at play would put my mind more at ease.
Dave.