RE: How many standards or protocols...
>Money money money... Is that what all these businesses think about? That is what they're for. Criticizing companies for putting money first is like criticizing animals for putting survival first. Now, criticizing *society* for creating companies, and for not having enough other ways to get things done, that could be valid. /==\ |John Stracke|Principal Engineer | |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |==| |A man's concepts should exceed his vocabulary, or what's a| |metaphor? | \==/
RE: How many standards or protocols...
Money money money... Is that what all these businesses think about? What is cheapest? Not all, but the vast majority. The IETF standards were and are compiled by voluntary contributions, approved and revised by other voluntary contributions. Therefor, you can say that the internet is run by volunteers. I personally believe that it is amazing that volunteers cooperate with each other to this extent. I would say that the internet is one of the most complex things developed. Fiber and wire running across the world, connecting most computers together. Complex, successful, and run by volunteers. Welcome to the IETF :-D -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jan Meijer Sent: Monday, May 06, 2002 5:51 PM To: [EMAIL PROTECTED] Cc: todd glassey; [EMAIL PROTECTED] Subject: Re: How many standards or protocols... > Over in Detroit, they design cars. They do a *LOT* of market research. > Market research may say that 75% of people interested in a certain model > car would be interested in a rear spoiler - but it would be quite negligent > to let the market researchers decide what size bolts to use to attach it > to the car, wouldn't it? Market researchers and the like were the ones that decided just waiting for lawsuits to come along and pay damages would be cheaper then getting all the vehicles back and replace the all-to-easily-exploding-gastank. This is just one example that shows that the ethics of marketing and management persons can be...different. It is quite safe to say they are generally devoted to making money, not technically sound products. If by sheer coincidence a technical soundness would imply more money are they prepared to 'go for the best'. > It may be informative to go read the list of authors of the RFCs that come out > of that area, and ask yourself if your army of salespeople understands security > better than they do. You might also want to go read Bruce Schneier's > "Secrets and Lies" and/or "Applied Cryptography", and learn why proprietary > security solutions are rarely, if ever, secure. And, while at it, think about the reason why so many closed-source-software-administrators are patching their software all the time. Not because that software has been designed so thouroughly. It would not be because marketing and management has forced them to push something out while it had not been properly finished and tested, now would it? I'm quite happy with the IETF process. It has produced the Internet, which is one of the most complex constructs on this planet. And it works. Jan
Re: How many standards or protocols...
> Over in Detroit, they design cars. They do a *LOT* of market research. > Market research may say that 75% of people interested in a certain model > car would be interested in a rear spoiler - but it would be quite negligent > to let the market researchers decide what size bolts to use to attach it > to the car, wouldn't it? Market researchers and the like were the ones that decided just waiting for lawsuits to come along and pay damages would be cheaper then getting all the vehicles back and replace the all-to-easily-exploding-gastank. This is just one example that shows that the ethics of marketing and management persons can be...different. It is quite safe to say they are generally devoted to making money, not technically sound products. If by sheer coincidence a technical soundness would imply more money are they prepared to 'go for the best'. > It may be informative to go read the list of authors of the RFCs that come out > of that area, and ask yourself if your army of salespeople understands security > better than they do. You might also want to go read Bruce Schneier's > "Secrets and Lies" and/or "Applied Cryptography", and learn why proprietary > security solutions are rarely, if ever, secure. And, while at it, think about the reason why so many closed-source-software-administrators are patching their software all the time. Not because that software has been designed so thouroughly. It would not be because marketing and management has forced them to push something out while it had not been properly finished and tested, now would it? I'm quite happy with the IETF process. It has produced the Internet, which is one of the most complex constructs on this planet. And it works. Jan
Re: How many standards or protocols...
When all you have is a hammer, every problem looks like a nail is needed. John Stracke wrote: > > >IMHO, people are people. Whether they are in sales or engineering or > >management or in > >Marketing or communication, it does not matter!! > > When you ask someone to do a job, it does matter what job they know how to > do. > > /===\ > |John Stracke|Principal Engineer| > |[EMAIL PROTECTED] |Incentive Systems, Inc. | > |http://www.incentivesystems.com |My opinions are my own. | > |===| > |Sleep is for wimps--healthy, well-adjusted wimps, but wimps| > |nonetheless. | > \===/ -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
Re: How many standards or protocols...
dont feed the troll. james - Original Message - From: "Sabharwal, Atul" <[EMAIL PROTECTED]> To: "'John Stracke'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, May 04, 2002 4:37 AM Subject: RE: How many standards or protocols... > The question is how you determine what *job* someone knows how to do. > It's all about perception. Again rating someone's performance is also a > perception. > Lots of people thrive in the grey areas. That is a problem though!! > > IMHO, approach to the job makes a big difference. People can learn and can > slack off. Persistence does help. So, does motivation. > > -Original Message- > From: John Stracke [mailto:[EMAIL PROTECTED]] > Sent: Friday, May 03, 2002 12:38 PM > To: [EMAIL PROTECTED] > Subject: RE: How many standards or protocols... > > >IMHO, people are people. Whether they are in sales or engineering or > >management or in > >Marketing or communication, it does not matter!! > > When you ask someone to do a job, it does matter what job they know how to > do. > > /===\ > |John Stracke|Principal Engineer| > |[EMAIL PROTECTED] |Incentive Systems, Inc. | > |http://www.incentivesystems.com |My opinions are my own. | > |===| > |Sleep is for wimps--healthy, well-adjusted wimps, but wimps| > |nonetheless. | > \===/ > >
RE: How many standards or protocols...
The question is how you determine what *job* someone knows how to do. It's all about perception. Again rating someone's performance is also a perception. Lots of people thrive in the grey areas. That is a problem though!! IMHO, approach to the job makes a big difference. People can learn and can slack off. Persistence does help. So, does motivation. -Original Message- From: John Stracke [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 12:38 PM To: [EMAIL PROTECTED] Subject: RE: How many standards or protocols... >IMHO, people are people. Whether they are in sales or engineering or >management or in >Marketing or communication, it does not matter!! When you ask someone to do a job, it does matter what job they know how to do. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Sleep is for wimps--healthy, well-adjusted wimps, but wimps| |nonetheless. | \===/
Re: How many standards or protocols...
Absolutely and they are competent to do whatever they are competent to do... Todd - Original Message - From: "Sabharwal, Atul" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; "todd glassey" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, May 03, 2002 11:52 AM Subject: RE: How many standards or protocols... > IMHO, people are people. Whether they are in sales or engineering or > management or in > Marketing or communication, it does not matter!! Some basic values make the > difference. > > Same with whether they are in industry or in school!! Approach is the key. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Friday, May 03, 2002 8:55 AM > To: todd glassey > Cc: [EMAIL PROTECTED] > Subject: Re: How many standards or protocols... > > On Fri, 03 May 2002 06:57:45 PDT, todd glassey said: > > real-world for you... Letting a technologist blindly develop a protocol > that > > is supposed to work in a commercial world is in my opinion more dangerous > > that allowing the salesperson to design a protocol for the technical world > > to solve > > a problem that they are faced with on a daily basis. Especially as the > IETF > > Find me a sales person who understands security well enough to do a better > job than IPSec, and then we'll talk. > > Find me a sales person who understands routing issues well enough to do > a better job than BGP, and then we'll talk. > > > TSG: But isn't the requirements document most of the design in most > > instances? If you cant define the need then the protocol definition is > > at best speculative and ambiguous. > > I never said that the sales people shouldn't be contributing the > requirements. I said they shouldn't be designing the protocol. > > Over in Detroit, they design cars. They do a *LOT* of market research. > Market research may say that 75% of people interested in a certain model > car would be interested in a rear spoiler - but it would be quite negligent > to let the market researchers decide what size bolts to use to attach it > to the car, wouldn't it? > > > TSG: perhaps. But I am not clear that the IETF should produce anything > other > > than recommendations. That Internet Standards and anything > > above an RFC is fodder for a more regimented and audited group. > > Anybody who thinks the IETF does anything other than recommend doesn't > understand the IETF at all. > > > TSG: But who here in the IETF has done commercial security analysis or > legal > > analysis of what the use models for a Protocol does? > > Erm... Jeff, Steve - will you wave hello to the nice gentleman, and > explain to him about the Security area within the IESG? ;) > > It may be informative to go read the list of authors of the RFCs that come > out > of that area, and ask yourself if your army of salespeople understands > security > better than they do. You might also want to go read Bruce Schneier's > "Secrets and Lies" and/or "Applied Cryptography", and learn why proprietary > security solutions are rarely, if ever, secure. > > > -- > Valdis Kletnieks > Computer Systems Senior Engineer > Virginia Tech >
RE: How many standards or protocols...
>IMHO, people are people. Whether they are in sales or engineering or >management or in >Marketing or communication, it does not matter!! When you ask someone to do a job, it does matter what job they know how to do. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Sleep is for wimps--healthy, well-adjusted wimps, but wimps| |nonetheless. | \===/
RE: How many standards or protocols...
IMHO, people are people. Whether they are in sales or engineering or management or in Marketing or communication, it does not matter!! Some basic values make the difference. Same with whether they are in industry or in school!! Approach is the key. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 8:55 AM To: todd glassey Cc: [EMAIL PROTECTED] Subject: Re: How many standards or protocols... On Fri, 03 May 2002 06:57:45 PDT, todd glassey said: > real-world for you... Letting a technologist blindly develop a protocol that > is supposed to work in a commercial world is in my opinion more dangerous > that allowing the salesperson to design a protocol for the technical world > to solve > a problem that they are faced with on a daily basis. Especially as the IETF Find me a sales person who understands security well enough to do a better job than IPSec, and then we'll talk. Find me a sales person who understands routing issues well enough to do a better job than BGP, and then we'll talk. > TSG: But isn't the requirements document most of the design in most > instances? If you cant define the need then the protocol definition is > at best speculative and ambiguous. I never said that the sales people shouldn't be contributing the requirements. I said they shouldn't be designing the protocol. Over in Detroit, they design cars. They do a *LOT* of market research. Market research may say that 75% of people interested in a certain model car would be interested in a rear spoiler - but it would be quite negligent to let the market researchers decide what size bolts to use to attach it to the car, wouldn't it? > TSG: perhaps. But I am not clear that the IETF should produce anything other > than recommendations. That Internet Standards and anything > above an RFC is fodder for a more regimented and audited group. Anybody who thinks the IETF does anything other than recommend doesn't understand the IETF at all. > TSG: But who here in the IETF has done commercial security analysis or legal > analysis of what the use models for a Protocol does? Erm... Jeff, Steve - will you wave hello to the nice gentleman, and explain to him about the Security area within the IESG? ;) It may be informative to go read the list of authors of the RFCs that come out of that area, and ask yourself if your army of salespeople understands security better than they do. You might also want to go read Bruce Schneier's "Secrets and Lies" and/or "Applied Cryptography", and learn why proprietary security solutions are rarely, if ever, secure. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Re: How many standards or protocols...
On Fri, 03 May 2002 06:57:45 PDT, todd glassey said: > real-world for you... Letting a technologist blindly develop a protocol that > is supposed to work in a commercial world is in my opinion more dangerous > that allowing the salesperson to design a protocol for the technical world > to solve > a problem that they are faced with on a daily basis. Especially as the IETF Find me a sales person who understands security well enough to do a better job than IPSec, and then we'll talk. Find me a sales person who understands routing issues well enough to do a better job than BGP, and then we'll talk. > TSG: But isn't the requirements document most of the design in most > instances? If you cant define the need then the protocol definition is > at best speculative and ambiguous. I never said that the sales people shouldn't be contributing the requirements. I said they shouldn't be designing the protocol. Over in Detroit, they design cars. They do a *LOT* of market research. Market research may say that 75% of people interested in a certain model car would be interested in a rear spoiler - but it would be quite negligent to let the market researchers decide what size bolts to use to attach it to the car, wouldn't it? > TSG: perhaps. But I am not clear that the IETF should produce anything other > than recommendations. That Internet Standards and anything > above an RFC is fodder for a more regimented and audited group. Anybody who thinks the IETF does anything other than recommend doesn't understand the IETF at all. > TSG: But who here in the IETF has done commercial security analysis or legal > analysis of what the use models for a Protocol does? Erm... Jeff, Steve - will you wave hello to the nice gentleman, and explain to him about the Security area within the IESG? ;) It may be informative to go read the list of authors of the RFCs that come out of that area, and ask yourself if your army of salespeople understands security better than they do. You might also want to go read Bruce Schneier's "Secrets and Lies" and/or "Applied Cryptography", and learn why proprietary security solutions are rarely, if ever, secure. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech msg08337/pgp0.pgp Description: PGP signature
Re: How many standards or protocols...
In response to the letter below: Vladis - you are wrong in my opinion. Your response seeks to minimize the issues and they are just not going away. And I have some news from the real-world for you... Letting a technologist blindly develop a protocol that is supposed to work in a commercial world is in my opinion more dangerous that allowing the salesperson to design a protocol for the technical world to solve a problem that they are faced with on a daily basis. Especially as the IETF moves more and more into user application protocols and away from core backbone routing and communications protocols... More inline below Todd - Original Message - From: <[EMAIL PROTECTED]> To: "todd glassey" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, April 18, 2002 9:01 AM Subject: Re: How many standards or protocols... On Wed, 17 Apr 2002 21:02:08 PDT, todd glassey said: > Actually James you have to a big extent hit the cause of the problem on the > head. The IETF is still predominantly Engineering Staffers and the Internet > has evolved to a point where it now needs Commercial input too. The lack of > commercial input into the IETF is clearly a statement of the IETF's concern > about being told what it can and can't develop... and to date the IETF has > long survived by saying "We know better, we are the technical gurus". But > this is inaccurate and a smokescreen these > days. You can be as great a salesman as you want, but you still can't design a stable feedback loop that responds in less than 2*RTT across the system. You don't let salespeople design bridges or cars or toasters either. There's nothing wrong with a salesperson saying "It would be really great if there were a protocol that let people do XYZ easily". But unless they actually know something about protocol design, they shouldn't design it. TSG: But isn't the requirements document most of the design in most instances? If you cant define the need then the protocol definition is at best speculative and ambiguous. > The other side of the coin is different though. These are End-User Protocols > and now more than ever these need to be governed or certified by commercial > acceptance... before they get to the point of being a proposed standard. OK.. So it should succeed in the marketplace, and *THEN* be standardized? TSG: perhaps. But I am not clear that the IETF should produce anything other than recommendations. That Internet Standards and anything above an RFC is fodder for a more regimented and audited group. 1) Once it's a success, why should the company turn over change control? Sure, Sun did it for NFS, but that was many years ago, and many people were surprised that they did so. Do you see any good reason why Sun would do that with Java, or Microsoft do it with their .NET stuff? 2) The time for there to be a *full* review of a protocol for things like scaling and security issues is *BEFORE* it gets widely deployed. Go look at WEP or Microsoft's first version of a point-to-point solution. TSG: But who here in the IETF has done commercial security analysis or legal analysis of what the use models for a Protocol does? > The problem as I see it is that the Engineer (or child) in us is frightened > by this, since traditionally the commercial folks (the adults) have driven > home that no matter how cool our inventions (or toys) are, there may in > fact be no commercial use for them... and they, in the interest of Business, > killed them (our toys) as such. What that meant is that the solutions we RFC2026, section 4.2.4. TSG: My point exactly. Todd
Apology (Re: How many standards or protocols...)
>>The way I see it: if you're an engineer, then you're-- by definition-- >>interested in *useful* applications of science and technology. If it's >>useful, then it has commercial value. > >In general, I'm not sure that follows. I just noticed that the message I was replying to had come to me privately, and I quoted it to the list. I apologize to Mr. Woodyatt (although he hasn't said anything); Lotus Notes makes it hard for me to tell sometimes. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |"This horse has made a career out of being dead." -- Harald| |Alvestrand | \===/
Re: How many standards or protocols...
>Or more practically, you'd probably want to sell a service based upon >you're one implementation of that single instance. Just keep skimming >from everyone's pocket to keep the fatted calf alive until the patent >protection ran out Yeah, I thought of that--but, with so much at stake, patents wouldn't mean much. Someone would read your patent, duplicate your work, and go set up shop in a poor nation that's more interested in feeding its people than enforcing your patent. You might do better not applying for a patent at all, and just keeping it secret--but Nature keeps no secrets; once you'd proved it was possible, someone else would figure it out. /=\ |John Stracke|Principal Engineer | |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |=| |Among animals, it's eat or be eaten. Among people, it's define or| |be defined. | \=/
Re: How many standards or protocols...
John Stracke wrote: > > >The way I see it: if you're an engineer, then you're-- by definition-- > >interested in *useful* applications of science and technology. If it's > >useful, then it has commercial value. > > In general, I'm not sure that follows. As an extreme example: a > sufficiently advanced piece of nanotech could construct anything, > including a replica of itself. It would mean an end to poverty, which > would certainly be useful; but it would have zero commercial value, > because the first one you sold would destroy your market. But think how much you could charge for that first one!! Or more practically, you'd probably want to sell a service based upon you're one implementation of that single instance. Just keep skimming from everyone's pocket to keep the fatted calf alive until the patent protection ran out (Oh, and given the obscene amounts of money you'd be making, you'd also be lobbying the gummit to extend patent protections throughout your lifetime, but I digress). In other words, nanotechnology has commercial value, and the business challenge is how to best monetize it. Maybe that's why you're an engineer, and not a marketing guy... ;-) - peterd -- --- Peter Deutsch [EMAIL PROTECTED] Gydig Software I cannot over emphasize the importance of good grammar. What a crock. I could easily overemphasize the importance of good grammar. For example, I could say "Bad grammar is the leading cause of slow, painful death in North America," or "Without good grammar, the United State would have lost World War II". - Dave Barry --
Re: How many standards or protocols...
>The way I see it: if you're an engineer, then you're-- by definition-- >interested in *useful* applications of science and technology. If it's >useful, then it has commercial value. In general, I'm not sure that follows. As an extreme example: a sufficiently advanced piece of nanotech could construct anything, including a replica of itself. It would mean an end to poverty, which would certainly be useful; but it would have zero commercial value, because the first one you sold would destroy your market. Closer to home: I used to work for a videoconferencing company. We had good tech, and it was useful, but not useful enough be commercially viable. We had some sales, but nearly all of them were for people to try out the product in their test labs. We didn't make money; we lost money. To me, that says that this useful technology had negative commercial value. /=\ |John Stracke|Principal Engineer | |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |=| |Nondeterminism may or may not mean never having to say you're| |wrong. | \=/
Re: How many standards or protocols...
>At the risk of sounding either like a reactionary or a >counter-revolutionary (you pick), I'll step forward to say that an >engineer with no commercial interests is like a politician with no >constituency. In other words: a monster raving looney. Oh, I don't know; there's plenty of room for open-source authors and academics here. Open source writers in the IETF can be useful because they tend to be interested in doing the Right Thing, without being tied to marketing requirements. Academics can be useful because they sometimes have a deeper understanding of the problem than we can get in the commercial world, where we move from project to project and job to job. (Not an absolute, of course; there are commercial engineers who stick with the same problem for 20 years, and there are probably some academics who move from one problem to another every year or so.) Both of these groups can provide a counterweight to the commercial tendency to focus on deadlines. /\ |John Stracke|Principal Engineer | |[EMAIL PROTECTED] |Incentive Systems, Inc.| |http://www.incentivesystems.com |My opinions are my own.| || |The plural of mongoose is polygoose.| \/
Re: How many standards or protocols...
Bob - I will respond to this off list since my commentary is going to be pretty acerbic. Todd - Original Message - From: "Bob Braden" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, April 18, 2002 1:32 PM Subject: Re: How many standards or protocols... > *> > *> The problem as I see it is that the Engineer (or child) in us is frightened > *> by this, since traditionally the commercial folks (the adults) have driven > > Unbelieveable arrogance. You have the roles confused. Children say, > "I know what I want, and I want it NOW! [And I don't care about the > effect it has on anyone else, or on me in the future!]" > > Now, does that sound like an Engineer speaking? Sounds more like > "commercial folks" to me. > > Bob Braden >
Re: How many standards or protocols...
todd, and fellow ietf participants-- I don't want to eat too much bandwidth on the IETF Discussion list, so this followup will be my last contribution on the subject. I considered not posting anything at all, but I feel motivated to clarify my views. On Wednesday, April 17, 2002, at 09:02 PM, todd glassey wrote: > > [...] The IETF is still predominantly Engineering Staffers and the > Internet > has evolved to a point where it now needs Commercial input too. [...] I see no problem whatsoever in the fact that an organization called the Internet Engineering Task Force is primarily composed of individual engineers. At the risk of sounding either like a reactionary or a counter-revolutionary (you pick), I'll step forward to say that an engineer with no commercial interests is like a politician with no constituency. In other words: a monster raving looney. It's true we might have a few bourgeois dilettantes who participate in IETF work without pursuing any commercial interests in doing so, but so what? If they can help out, we can use them. The rest of us all have employment contracts to fulfill or businesses to run, and we have a keen understanding that our commercial purposes drive the work we do. You got a problem with that? > [...] The problem as I see it is that the Engineer (or child) in us is > frightened by this, since traditionally the commercial folks (the > adults) have driven home that [...] This sentence made it very difficult for me to continue reading. It doesn't seem like you know what the word 'engineering' means. There are many fine dictionaries available on the web... hint hint. > [...] The current problem the world faces is that an Internet Standard > is > potentially worth billions of dollars. (see local exchange rates for > details > on the value in your own currency) and this now is a serious issue. It > taints > everything that the IETF does and participates in. [...] The logic you employed to reach this conclusion completely evades me. -- j h woodyatt <[EMAIL PROTECTED]>
Re: How many standards or protocols...
*> *> The problem as I see it is that the Engineer (or child) in us is frightened *> by this, since traditionally the commercial folks (the adults) have driven Unbelieveable arrogance. You have the roles confused. Children say, "I know what I want, and I want it NOW! [And I don't care about the effect it has on anyone else, or on me in the future!]" Now, does that sound like an Engineer speaking? Sounds more like "commercial folks" to me. Bob Braden
Re: How many standards or protocols...
rything > that the IETF does and participates in. > > And so in closing this rant I think its time to acknowledge that we need to > evolve a more formal and more user-participatory method of managing the ISOC > organizations. If the bodies are not there, then we need to recognize > that it's because we have failed in making this something that the average > participant could understand and work with, and that's our shortcoming, not > the rest of the world's. > > Todd Glassey > > - Original Message - > From: "james woodyatt" <[EMAIL PROTECTED]> > To: "Harald Tveit Alvestrand" <[EMAIL PROTECTED]> > Cc: "todd glassey" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Tuesday, April 16, 2002 11:06 AM > Subject: Re: How many standards or protocols... > > > > On Monday, April 15, 2002, at 10:34 PM, Harald Tveit Alvestrand wrote: > > > [...] I'd like to hear the IETF community's input on the topic. [...] > > > > This is a matter of politics, philosophy and economics (PPE). Asking > > engineers to comment on such things is nice-- we're so often left out of > > such discussions. > > > > Here's what I think: asking this question is like asking, "how many > > units of currency and instruments of payment does the world need?" The > > answer depends on your theories of PPE. > > > > If I could measure the "sovereignty" of the IETF as a political > > organization, I'd say it's a function of 1) the value of the networks > > defined by the standard protocols it has produced to the present, and 2) > > the forecasted increase in value derived from the standards the world > > expects it will produce in the future. > > > > > The obvious (but meaningless) answer is "as many as needed". > > > > Please allow me to speculate that what the Chair meant to say was "as > > many or as few as will serve to optimize the present and future value of > > the Internet." > > > > The more interesting question is whether the IETF process is well suited > > to finding the right number of standards or protocols for any given > > purpose. On *that* subject, I will demure to wiser and older hands than > > myself. For now, anyway. > > > > > > -- > > j h woodyatt <[EMAIL PROTECTED]> > > > > > >
Re: How many standards or protocols...
On Wed, 17 Apr 2002 21:02:08 PDT, todd glassey said: > Actually James you have to a big extent hit the cause of the problem on the > head. The IETF is still predominantly Engineering Staffers and the Internet > has evolved to a point where it now needs Commercial input too. The lack of > commercial input into the IETF is clearly a statement of the IETF's concern > about being told what it can and can't develop... and to date the IETF has > long survived by saying "We know better, we are the technical gurus". But > this is inaccurate and a smokescreen these > days. You can be as great a salesman as you want, but you still can't design a stable feedback loop that responds in less than 2*RTT across the system. You don't let salespeople design bridges or cars or toasters either. There's nothing wrong with a salesperson saying "It would be really great if there were a protocol that let people do XYZ easily". But unless they actually know something about protocol design, they shouldn't design it. > The other side of the coin is different though. These are End-User Protocols > and now more than ever these need to be governed or certified by commercial > acceptance... before they get to the point of being a proposed standard. OK.. So it should suceed in the marketplace, and *THEN* be standardized? 1) Once it's a success, why should the company turn over change control? Sure, Sun did it for NFS, but that was many years ago, and many people were surprised that they did so. Do you see any good reason why Sun would do that with Java, or Microsoft do it with their .NET stuff? 2) The time for there to be a *full* review of a protocol for things like scaling and security issues is *BEFORE* it gets widely deployed. Go look at WEP or Microsoft's first version of a point-to-point solution. > The problem as I see it is that the Engineer (or child) in us is frightened > by this, since traditionally the commercial folks (the adults) have driven > home that no matter how cool our inventions (or toys) are, there may in > fact be no commercial use for them... and they, in the interest of Business, > killed them (our toys) as such. What that meant is that the solutions we RFC2026, section 4.2.4. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech msg08249/pgp0.pgp Description: PGP signature
Re: How many standards or protocols...
Harald - this is indicitive of the higher level problem with how things are run today - I would propose that the IETF needs to embrace a variant of the SNMP solution that you have listed below. That the IETF allow as many protocols to be worked on that are correctly filed and meet the filing criteria for I-D's or RFC's. It is not the IETF's management team's place to make any decisions as to which end-user protocols are adopted and pressed forward, and its time this issue was resolved to create a level playing field for all concerned. More inline below - Todd Glassey - Original Message - From: "Harald Tveit Alvestrand" <[EMAIL PROTECTED]> To: "todd glassey" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, April 15, 2002 10:34 PM Subject: Re: How many standards or protocols... > > > --On 15. april 2002 19:55 -0700 todd glassey > <[EMAIL PROTECTED]> wrote: > > > > > Harald - what is the IETF's policy on this question. > > > > How many of any one protocol will the IETF allow to be push through to > > standard. And the IESG? Is it that there is only one standard for each > > type of protocol or what? > > This is an official resuest, > > Since this is an official request asking for what the IETF will allow, I > think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] > > The obvious (but meaningless) answer is "as many as needed". > > Speaking for myself, I think it would be foolish of the IETF to create a > hard rule about this question - the circumstances may differ a lot. I dont think the IETF can have soft rules - they are too easily abused by individuals. The whole idea behind running this as an open standards organization is that it is supposed to offer the exact same opportunity for all and by your response you have painted the IETF management as a group actively involved in a conspiracy to determine who's protocols are advanced and who's are not. If that's true then its patently insane IMHO since I believe that it clearly opens the IETF to litigation. > Consider a few "multiple protocol" scenarios the IETF has faced recently. > > - In the IPNG discussions, we decided to pursue IPv6 only. > - In the SNMP vs CMOT discussions, we decided to pursue two approaches. > One died, the other remains. > - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. > Both survive, with little apparent harm to the community. > - In the SNMPv2 discussions, we decided to pursue one, then to pursue > multiple and "let the market decide", and then to pursue one again. > - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. > One seems to be winning, but the market has not decided yet. > - In the PGP vs S/MIME discussions, we decided to pursue two, arguing > that they have different fields of applicability. Both survive so > far, but neither has become ubiquitous. > > When we pursue multiple approaches, there is one very hard question - which > is when we take the decision to drop the pursuit of one approach. > Sooner or later the answer is usually obvious. But the cost of pursuit is > substantial; it would often be advantageous to concentrate on one as soon > as one is clearly superior to the others. > > I'd like to hear the IETF community's input on the topic. > > Harald > > PS: The mail being responded to was addressed to the chair of the IETF in > his IETF role, and is thus a "contribution" under the terms of the NOTE > WELL statement you've all seen. >
Re: How many standards or protocols...
Actually James you have to a big extent hit the cause of the problem on the head. The IETF is still predominantly Engineering Staffers and the Internet has evolved to a point where it now needs Commercial input too. The lack of commercial input into the IETF is clearly a statement of the IETF's concern about being told what it can and can't develop... and to date the IETF has long survived by saying "We know better, we are the technical gurus". But this is inaccurate and a smokescreen these days. My example of the IETF's warranting commercial involvement is a simple statement in that there are essentially two types of protocols that are being developed in this forum these days that are outside the realm of new developments like Wireless and new physical backbone protocols. The first protocol types are additions and evolutions to existing routing and service protocols, and for these efforts the current status and form of the IETF is still adequate although it lacks documentation to validate their actions. Still, it's probably OK for the existing IETF to manage these. The other side of the coin is different though. These are End-User Protocols and now more than ever these need to be governed or certified by commercial acceptance... before they get to the point of being a proposed standard. The problem as I see it is that the Engineer (or child) in us is frightened by this, since traditionally the commercial folks (the adults) have driven home that no matter how cool our inventions (or toys) are, there may in fact be no commercial use for them... and they, in the interest of Business, killed them (our toys) as such. What that meant is that the solutions we had created were either too difficult to implement or not cost effective relative to what they produced as a commercial service set ... In other words, those efforts failed to meet the essential real world practicality standard. So in response to having our hands slapped, we as inventors and engineers have shied away from a world where we would be called upon to justify what we are up to. In other words, be held to the same accountability standards that any other organizations (public or private) are held to. We also see there is a way by creating these standards that we can have power in the mortal's world as well. And acceptance as really "special" geeks. That's why a lot of the IETF is operating the way it is now. Or at least that's my take on it. To further this a bit, I also want to say we are at a point I think, where this does not fly anymore. It's too complex to keep the boilerplate out of the way; & the impact is much greater now. Because of these factors it is time the IETF and IESG woke up and smelled the coffee as well as to not only acknowledge but function with these realities in mind. The bottom line is that it's time for the ISOC family of organizations to become culpable for their actions and to put in place a level playing field for all. The current problem the world faces is that an Internet Standard is potentially worth billions of dollars. (see local exchange rates for details on the value in your own currency) and this now is a serious issue. It taints everything that the IETF does and participates in. And so in closing this rant I think its time to acknowledge that we need to evolve a more formal and more user-participatory method of managing the ISOC organizations. If the bodies are not there, then we need to recognize that it's because we have failed in making this something that the average participant could understand and work with, and that's our shortcoming, not the rest of the world's. Todd Glassey - Original Message - From: "james woodyatt" <[EMAIL PROTECTED]> To: "Harald Tveit Alvestrand" <[EMAIL PROTECTED]> Cc: "todd glassey" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, April 16, 2002 11:06 AM Subject: Re: How many standards or protocols... > On Monday, April 15, 2002, at 10:34 PM, Harald Tveit Alvestrand wrote: > > [...] I'd like to hear the IETF community's input on the topic. [...] > > This is a matter of politics, philosophy and economics (PPE). Asking > engineers to comment on such things is nice-- we're so often left out of > such discussions. > > Here's what I think: asking this question is like asking, "how many > units of currency and instruments of payment does the world need?" The > answer depends on your theories of PPE. > > If I could measure the "sovereignty" of the IETF as a political > organization, I'd say it's a function of 1) the value of the networks > defined by the standard protocols it has produced to the present, and 2) > the forecasted increase in value derived from the standards the world > expects it will produ
Re: How many standards or protocols...
> No, the problem with IS-IS is that the spec *IS* 100% open, including > the non-existent parts. that's why so few folk run it. only the vast majority of the largest providers. running code. randy
Re: How many standards or protocols...
On Tue, 16 Apr 2002 17:48:03 EDT, John Stracke <[EMAIL PROTECTED]> said: > >IS-IS as deployed on the Internet is an interesting case. It is clearly > >open and is not proprietary, but as you point out there is no complete > >specification. I don't think we have a term for this combination :-) > > Yes, we do: "proprietary". It's a jargon term for standards development; > looking in a standard English dictionary won't help. It just means "not > open". No, the problem with IS-IS is that the spec *IS* 100% open, including the non-existent parts. As a literary analogy, if Don Knuth were to place his 5-volume set into the public domain, you'd still have a hard time implementing the algorithms in volume 5
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 04:39 , todd glassey wrote: > Ran you hit it on the head - "Your milages varies..." - this is a > standards > organization and not a place where we decide who we like and which of > their > projects we are going to allow to come through us today and not. It is exactly how most standards organisations work. > That's not the way any other GLOBAL standards orgs work. Not so. Counter-examples to that claim include ISO, ITU-T, and IEEE -- each of which make decisions all the time about what proposals and standards they want to work on or don't want to work on. For example, to undertake standards work in IEEE, one must (among other things) get the cognizant committee to approve a Project Authorisation Request (PAR). PARs get denied, approved, and revoked regularly by IEEE throughout each year. > It is however how > all of the privatized reccomendation services work, and the problem > here is > that you have hit the needle on the head. The IETF is not a fair and > equitible playing field by your very commentary. Please don't put words into my mouth. That is not at all what I said. I merely said that you disagreed -- which is your perogative (whether or not one's viewpoint is right, one can state a viewpoint in a free society). Just because you have an opinion that you don't like IETF doesn't make your claims true. I think the IETF is quite fair and equitable -- nota bene: that doesn't mean that each person will like each decision, but neither does each person participating in (IEEE, ITU-T, ISO) like each decision that gets made there. And in each case, the standards organisation has an appeal process to handle situations where one has a legitimate issue about how the process was implemented. I've also participated in IEEE work, particularly POSIX-related matters. It has slightly different practices than IETF, but decisions on what will be undertaken or not undertaken, on what will be in the standard or not, and so forth, occur all the time in IEEE SA. Sometimes I agreed with those decisions, other times not. You would be more credible if you'd put your particular specific detailed issue on the table, rather than being coy about what decision got made that you didn't like. And you'd be more credible if you took any valid basis for appeal through the system -- rather than taking toy potshots from a mailing list -- all IMHO. Ran
Re: How many standards or protocols...
Bob Hinden wrote: > Ran, > >> Proprietary is a commonly used term to describe something that >> does >> not have a full, complete, and open specification -- which is the >> current state of IS-IS. Now folks (including me) are trying to fix >> that issue by publishing sundry non-standard RFCs on how the as-deployed >> IS-IS really works (which effort is to be applauded). But the >> bottom-line >> remains that *today* the as-deployed IS-IS and the documented IS-IS >> aren't the same. I wish they were. > > > I am glad to hear this activity is going on. > > Regarding your definition of "proprietary". From Merriam-Webster > Online at http://www.m-w.com/ : > > Main Entry: 1pro·pri·e·tary > Pronunciation: pr&-'prI-&-"ter-E > Function: noun > Inflected Form(s): plural -tar·ies > Date: 15th century > 1 : one that possesses, owns, or holds exclusive right to something; > specifically : PROPRIETOR 1 > 2 : something that is used, produced, or marketed under exclusive legal > right of the inventor or maker; specifically : a drug (as a patent > medicine) that is protected by secrecy, patent, or copyright against > free competition as to name, product, composition, or process of > manufacture > 3 : a business secretly owned by and run as a cover for an intelligence > organization > > This matches my view that proprietary has more to do with ownership than > the availability of open specifications. A protocol can have open > specifications, but still be proprietary. For example prior to Sun > Microsystems giving change control of NFS and RPC to the IETF, NFS and > RPC had open specifications (and there were independent inter-operable > implementations), but were still proprietary. "open" is ambiguous: (A) visible, i.e., documented (PDF and PS qualify) (B) able to be modified (PDF and PS do not qualify) E.g., Adobe's PDF and PostScript are both (A) but not (B). "proprietary" can (as per definition above) apply to either, and thus cannot be used to exclusively denote case (A). Joe
Re: How many standards or protocols...
>IS-IS as deployed on the Internet is an interesting case. It is clearly >open and is not proprietary, but as you point out there is no complete >specification. I don't think we have a term for this combination :-) Yes, we do: "proprietary". It's a jargon term for standards development; looking in a standard English dictionary won't help. It just means "not open". /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Dave Barry for President! He'll Keep Dan Quayle. (OK, it's old)| \===/
Re: How many standards or protocols...
>this is a standards >organization and not a place where we decide who we like and which of their >projects we are going to allow to come through us today and not. > >That's not the way any other GLOBAL standards orgs work. Which globe are you talking about? On this one, that's *exactly* the way standards bodies work. Go to the ITU and propose your pet project; see how far you get. You'll need corporate backing, at the very least. A group that approved any spec proposed to it wouldn't be a standards body at all; it'd be a vanity publishing house. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Dave Barry for President! He'll Keep Dan Quayle. (OK, it's old)| \===/
Re: How many standards or protocols...
Ran, > Proprietary is a commonly used term to describe something that does >not have a full, complete, and open specification -- which is the >current state of IS-IS. Now folks (including me) are trying to fix >that issue by publishing sundry non-standard RFCs on how the as-deployed >IS-IS really works (which effort is to be applauded). But the bottom-line >remains that *today* the as-deployed IS-IS and the documented IS-IS >aren't the same. I wish they were. I am glad to hear this activity is going on. Regarding your definition of "proprietary". From Merriam-Webster Online at http://www.m-w.com/ : Main Entry: 1pro·pri·e·tary Pronunciation: pr&-'prI-&-"ter-E Function: noun Inflected Form(s): plural -tar·ies Date: 15th century 1 : one that possesses, owns, or holds exclusive right to something; specifically : PROPRIETOR 1 2 : something that is used, produced, or marketed under exclusive legal right of the inventor or maker; specifically : a drug (as a patent medicine) that is protected by secrecy, patent, or copyright against free competition as to name, product, composition, or process of manufacture 3 : a business secretly owned by and run as a cover for an intelligence organization This matches my view that proprietary has more to do with ownership than the availability of open specifications. A protocol can have open specifications, but still be proprietary. For example prior to Sun Microsystems giving change control of NFS and RPC to the IETF, NFS and RPC had open specifications (and there were independent inter-operable implementations), but were still proprietary. IS-IS as deployed on the Internet is an interesting case. It is clearly open and is not proprietary, but as you point out there is no complete specification. I don't think we have a term for this combination :-) Regards, Bob
Re: How many standards or protocols...
Ran you jhit it on the head - "Your milages varies..." - this is a standards organization and not a place where we decide who we like and which of their projects we are going to allow to come through us today and not. That's not the way any other GLOBAL standards orgs work. It is however how all of the privatized reccomendation services work, and the problem here is that you have hit the needle on the head. The IETF is not a fair and equitible playing field by your very commentary. Todd - Original Message - From: "RJ Atkinson" <[EMAIL PROTECTED]> To: "todd glassey" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, April 16, 2002 11:24 AM Subject: Re: How many standards or protocols... > > On Tuesday, April 16, 2002, at 01:01 , todd glassey wrote: > > > The problem James is that this is just not the case. What is the case is > > that each WG Chair gets to decide what concensus is for their WG and > > that is > > wrong. > > It is the role of the WG chair(s) to determine rough consensus. If one > disagrees, there is a well-documented appeal process. Consensus > necessarily > is sometimes more rough than other times. > > I'm quite happy with the way it is. And by the way, the IETF doesn't > recognise organisational members, just individuals. And I like that > aspect as well. > > Clearly your mileage varies. > > Ran > >
Re: How many standards or protocols...
> I'd like to hear the IETF community's input on the topic. IMHO: IETF has limited resources, and as such, it cannot investigate every solution that someone might propose for every problem that exists or is thought to exist on the Internet. IETF leadership has to choose where to invest those resources. Such choices are significantly informed by the expressed interests of IETF participants. In short, IETF works on what its participants want to work on. It cannot effectively work on a proposal that has little or no support from its participants. We try to be reasonably open to new proposals from anywhere, as long as there are people to work on them, and we hope that this makes it easy for people with really good ideas to develop/standardize them in the IETF. But there's always a chance that IETF might miss a useful solution to some problem because that solution originates from outside of IETF. There's nothing that IETF can do about that situation. The fact that this situation exists can even be useful for IETF - it can help IETF retain a sense of humility that makes it easier for IETF participants to accurately judge the value of technical contributions. (though of course we do still make mistakes!) Similarly, there will always be people who feel that they've somehow been shafted by IETF. But nothing stops those people from taking their proposals to other standards bodies, from starting their own advocacy groups for those proposals, or from trying to get vendors to implement their propsals without the imprimatur of a standards body. All of these strategies are successfully employed on a regular basis. But neither do such people have the rights to demand support from IETF - that would be tantamount to putting words in the mouths of IETF participants - forcing them to lie about their technical assessments and where their interests are. Folks who think that IETF has screwed them because it didn't support their proposal have the burden of demonstrating both that their proposals are technically sounder than any other proposals that were supported; and that that there was a significant constituency who was willing to do the work on their proposal, in IETF, and under IETF rules. If they can't do that, they are wasting our time and theirs, and they should go elsewhere. Keith
Re: How many standards or protocols...
*>Now the original point was someone else's inaccurate claim that the *> IETF *> let both IS-IS and OSPF bloom, when really the IETF originally chose *> OSPF -- *> and IS-IS made a separate come-back in the deployed world during the *> mid-90s. Yes -- except for historical accuracy, it was the Bad Old Despotic IAB who originally chose OSPF -- in fact, caused an IETF WG to come into existence to design "THE" standard link state routing protocol for the Internet. In those days, of course, OSI and Internet were bitter rivals, so IS-IS was not initially received kindly in the Internet community. I believe Paul Mockapetris chaired a flame-off debate between OSPF and IS-IS advocates as some early Interop. Bob Braden *> *> Cheers, *> *> Ran *> [EMAIL PROTECTED] *>
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 02:43 , Christian Huitema wrote: > Fine, but Randy is also right when he points out that just because a > spec is not an IETF standard does not mean that the spec is proprietary. Christian, As deployed IS-IS is not fully documented *anyplace*. What is actually deployed is not the same as ISO IS-IS, nor is it the same as RFC-1195, nor are those 2 documents (and a few other more recent RFCs) sufficient to create an interoperable IS-IS. Proprietary is a commonly used term to describe something that does not have a full, complete, and open specification -- which is the current state of IS-IS. Now folks (including me) are trying to fix that issue by publishing sundry non-standard RFCs on how the as-deployed IS-IS really works (which effort is to be applauded). But the bottom-line remains that *today* the as-deployed IS-IS and the documented IS-IS aren't the same. I wish they were. Now the original point was someone else's inaccurate claim that the IETF let both IS-IS and OSPF bloom, when really the IETF originally chose OSPF -- and IS-IS made a separate come-back in the deployed world during the mid-90s. Cheers, Ran [EMAIL PROTECTED]
RE: How many standards or protocols...
> Note that none of your pushback contradicted my main claim, > which is that IS-IS is not an *IETF* standard of any sort. Examination > of any accurate rfc-index.txt will confirm this. Fine, but Randy is also right when he points out that just because a spec is not an IETF standard does not mean that the spec is proprietary. Practical network deployments use specs from many sources; the IETF is one of them, but there are many other, e.g. the ITU, the IEEE, the ISO, the W3C, not to mention the frame relay forum and similar organizations. It is in fact a challenge for the IETF to know when to avoid duplicating existing work -- and also when to go on despite existing work... -- Christian Huitema
Re: How many standards or protocols...
> The problem James is that this is just not the case. What is the case is > that each WG Chair gets to decide what concensus is for their WG and that is > wrong. I dont see whats wrong with each wg chairs determine what is the consensus. (Note: I use the word "determine" not "decide"). In fact, that is part of the job description for a wg chair. > The problem with the operations is that the rules change form group > to group and this has serious technical and financial implications for > anyone trying to mount a standards effort as part of a product release or > market development activity. Product release and market development activity are out-of-scope for IETF. If the working group considered them as a factor, then it is up to the *group* to decide. The chairs dont play a role here other then declaring what the rough consensus is, regardless what that decision is. I have a feeling you should be looking at some other industry consortium instead. -James Seng > Todd > > - Original Message - > From: "James Seng" <[EMAIL PROTECTED]> > To: "todd glassey" <[EMAIL PROTECTED]>; "Harald Tveit > Alvestrand" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Tuesday, April 16, 2002 9:20 AM > Subject: Re: How many standards or protocols... > > > > > then who makes that decision? You or the WG Chairs? The AD's??? > > > > The IETF as a community, depending on rough consensus. If the rough > > consensus is that there will be multiple protocols, then then there will > be. > > If not, then not. > > > > Rough also means not everyone will agree with the decision. > > > > > But why is the question? If there are people actively working on the > > effort > > > and they want to continue, why is the management making any decisions as > > to > > > which protocols to push? > > > > There must be sufficient support for the effort and that must be rough > > consensus. People activiely (solo or team) working is not enough. > > > > > The cost of persuits is not borne by the IETF though so what's the > point? > > > Why should the WG constrain any effort over another? This is a curiosity > > of > > > mine, that being why a WG should have squat to say at the management > level > > > about the content of its protocols, only whether they are completed and > > > elevated to the next level or not. This is the core flaw in the IETF's > > > process. The WG Chairs need an arms length from each of the protocol > > efforts > > > and to act as mentors for all the projects that have committed > > participants. > > > They are not the ones to decide what the WG will and will not focus on, > > its > > > membership is. > > > > In an ideal situation, the wg chairs would make decision based on what he > > determined as a rough consensus of the working group. It is typical that a > > handful of people will disagreed with the decision anyway but a loud voice > > doesn't mean you'll get your way. > > > > But if there are sufficient people who disagreed with the decision of the > > chairs, then the chairs have failed to determine the rough consensus. That > > decision will be overturned. > > > > It does not matter what the contributions the working group chairs made, > > what protocol they supports, what they thinks or what they eat last week > *as > > long* as the final decision represent a rough consensus of the group. > > > > If you think the wg chairs should be arms length and "mentoring role", you > > should be looking elsewhere, not IETF. > > > > > As to the actual content and form of the protocols themselves, the > > content > > > and form is up to the contributors and those actively involved in the > > > vetting process. So I would like to pose the question "why then should > any > > > WG Management have anything to say about which protocols are done in > their > > > groups?". > > > > Why not? Does been a wg chairs means he/she have to stop been a > contributor? > > > > > Several have said to me that they need this ability to drive focus into > > the > > > group. The problem is that there is no formal definition as to what that > > > focus is. > > > > Check your working group charter. > > > > > Also it needs to be stated that WG participants are not labor > > > sources for the WG Chair to allocate, they are participants and are all > > > equal before the IESG - or should be at least. > > > > I think that is why the wg chairs are paid big bucks by the IETF ;-) > > > > Big bucks as in a *BIG* zero with all-expenses-on-your-own deal. > > > > > > > > > > I'd like to hear the IETF community's input on the topic. > > > > > > > > Harald > > > > > > Me too!. > > > > I think you should try to keep your disagree with the chairs within your > own > > working group. Also look into RFC2026 on the appealing process. > > > > -James Seng > > > >
Re: How many standards or protocols...
There is also a "speed of convergence" issue: For a new area with little operational experience, one might want to eventually have one solution, but there is no technical way to objectively arrive at a single answer, given the set of participants and knowledge available, as the weight of the engineering trade-offs can't be established objectively. In that case, there are three choices: (1) decide arbitrarily by fiat; given limited information, the choice may well turn out to be wrong and may well add a lot of process overhead if the losing party is sufficiently aggrieved. (2) have a fight to the death in the WG, until one side or the other is exhausted. Again, not necessarily likely to correspond to technical merit, but sure to delay things, meaning that users are deprived of any standard solution, meaning that a proprietary, possibly inferior to both, solution "wins" by default. Given that external parties may well desire such an outcome, it is easy to have them game the system by providing ammunition to both combatants. (3) Let multiple efforts proceed, but establish as much commonality as you can, in terms of data formats, security mechanisms, terminology or whatever else can be agreed upon. During the process of actually working out the details, one or more solutions may find that they are converging naturally or that the differences are a matter of taste. IMPP went roughly through (2) and (3). I'm not claiming that the particular process and duration spend in state (2) and (3) are role models. "Joel M. Halpern" wrote: > > My personal opinions on the matter of "when should we allow multiple > protocols for the same thing" are roughly: > 1) No hard and fast rule will work. This is something the relevant ADs, > and sometimes the whole IESG, must judge. > 2) It is reasonable to allow two (or even more) protocols when they have > clear and distinct areas of applicability. Thus, while I may technically > like a routing solution that applies to intra and inter domain, it is quite > reasonable from a standardization perspective to have two different > protocols for the two spaces. > 3) History is relevant. We frequently get solutions evolving independently > that turn out to have significant overlap. It requires significant care to > determinewhat should be used, when, and how. Often, this will require > allowing more than one standard for a time while we determine what works, > is technically complete, ... > > In general, multiple protocols for the exact same thing are a bad > idea. Translating that into practice is complicated. > > Yours, > Joel M. Halpern
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 01:01 , todd glassey wrote: > The problem James is that this is just not the case. What is the case is > that each WG Chair gets to decide what concensus is for their WG and > that is > wrong. It is the role of the WG chair(s) to determine rough consensus. If one disagrees, there is a well-documented appeal process. Consensus necessarily is sometimes more rough than other times. I'm quite happy with the way it is. And by the way, the IETF doesn't recognise organisational members, just individuals. And I like that aspect as well. Clearly your mileage varies. Ran
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 01:23 , Randy Bush wrote: > puhleeze! is-is worked at scale. ospf did not. heck, when most > large isps were starting (late '80s and early '90s), ospf barely > worked at all. Randy, Your statement is true for at least one vendor's OSPF, but clearly not true for several other vendors' OSPF (e.g. John Moy's). The well-known OSPF issues with the one vendor were with the original coder (name omitted) of their OSPF, not with the OSPF spec. That vendor's implementation also got a fair bit better over time. I got to learn the history (and their motivation) while working at that vendor as a coder. I also worked in network engineering for a very large (multi-continent) ISP that ran OSPF, not IS-IS. It worked fine. I know of other similarly large ISPs that work fine on OSPF. Claims that OSPF doesn't scale are provably false by several existence proofs. > and perhaps one should not accuse a company of a "proprietary" > advantage for implementing a well-known standardized protocol. IS-IS as deployed in the global Internet is not quite what is in the ISO standards nor RFC-1195, sad to say. Over time, the de facto IS-IS specs might get more fully published -- certainly they are more published now than several years ago. But even today, there is a bunch of stuff that's widely deployed yet not in any ISO spec or any RFC. This contrasts rather sharply with the state of OSPF documentation and standardisation. Note that none of your pushback contradicted my main claim, which is that IS-IS is not an *IETF* standard of any sort. Examination of any accurate rfc-index.txt will confirm this. Ran [EMAIL PROTECTED]
Re: How many standards or protocols...
On Monday, April 15, 2002, at 10:34 PM, Harald Tveit Alvestrand wrote: > [...] I'd like to hear the IETF community's input on the topic. [...] This is a matter of politics, philosophy and economics (PPE). Asking engineers to comment on such things is nice-- we're so often left out of such discussions. Here's what I think: asking this question is like asking, "how many units of currency and instruments of payment does the world need?" The answer depends on your theories of PPE. If I could measure the "sovereignty" of the IETF as a political organization, I'd say it's a function of 1) the value of the networks defined by the standard protocols it has produced to the present, and 2) the forecasted increase in value derived from the standards the world expects it will produce in the future. > The obvious (but meaningless) answer is "as many as needed". Please allow me to speculate that what the Chair meant to say was "as many or as few as will serve to optimize the present and future value of the Internet." The more interesting question is whether the IETF process is well suited to finding the right number of standards or protocols for any given purpose. On *that* subject, I will demure to wiser and older hands than myself. For now, anyway. -- j h woodyatt <[EMAIL PROTECTED]>
Re: How many standards or protocols...
>What is the case is >that each WG Chair gets to decide what concensus is for their WG Not really; they can be overruled or replaced. >The problem with the operations is that the rules change form group >to group and this has serious technical and financial implications for >anyone trying to mount a standards effort as part of a product release or >market development activity. Anybody tying a product release schedule to completion of a standard is already taking an unwarranted risk. They're placing their company's future in the hands of outsiders who owe that company nothing. This is the case no matter where the standard is coming from; the IETF's volunteer nature just exaggerates the effect. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Any sufficiently rigged demo is indistinguishable from advanced| |technology.| \===/
Re: How many standards or protocols...
> The IETF picked OSPF. Certain vendors pushed IS-IS onto large ISP > customers, during the mid-90s, in part to give themselves a proprietary > advantage (at the time only 1 or 2 vendors had a solid IS-IS > implementation). puhleeze! is-is worked at scale. ospf did not. heck, when most large isps were starting (late '80s and early '90s), ospf barely worked at all. and perhaps one should not accuse a company of a "proprietary" advantage for implementing a well-known standardized protocol. but it sure is cheering to see that old wars and old warriors are not dead. randy
Re: How many standards or protocols...
The problem James is that this is just not the case. What is the case is that each WG Chair gets to decide what concensus is for their WG and that is wrong. The problem with the operations is that the rules change form group to group and this has serious technical and financial implications for anyone trying to mount a standards effort as part of a product release or market development activity. Todd - Original Message - From: "James Seng" <[EMAIL PROTECTED]> To: "todd glassey" <[EMAIL PROTECTED]>; "Harald Tveit Alvestrand" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, April 16, 2002 9:20 AM Subject: Re: How many standards or protocols... > > then who makes that decision? You or the WG Chairs? The AD's??? > > The IETF as a community, depending on rough consensus. If the rough > consensus is that there will be multiple protocols, then then there will be. > If not, then not. > > Rough also means not everyone will agree with the decision. > > > But why is the question? If there are people actively working on the > effort > > and they want to continue, why is the management making any decisions as > to > > which protocols to push? > > There must be sufficient support for the effort and that must be rough > consensus. People activiely (solo or team) working is not enough. > > > The cost of persuits is not borne by the IETF though so what's the point? > > Why should the WG constrain any effort over another? This is a curiosity > of > > mine, that being why a WG should have squat to say at the management level > > about the content of its protocols, only whether they are completed and > > elevated to the next level or not. This is the core flaw in the IETF's > > process. The WG Chairs need an arms length from each of the protocol > efforts > > and to act as mentors for all the projects that have committed > participants. > > They are not the ones to decide what the WG will and will not focus on, > its > > membership is. > > In an ideal situation, the wg chairs would make decision based on what he > determined as a rough consensus of the working group. It is typical that a > handful of people will disagreed with the decision anyway but a loud voice > doesn't mean you'll get your way. > > But if there are sufficient people who disagreed with the decision of the > chairs, then the chairs have failed to determine the rough consensus. That > decision will be overturned. > > It does not matter what the contributions the working group chairs made, > what protocol they supports, what they thinks or what they eat last week *as > long* as the final decision represent a rough consensus of the group. > > If you think the wg chairs should be arms length and "mentoring role", you > should be looking elsewhere, not IETF. > > > As to the actual content and form of the protocols themselves, the > content > > and form is up to the contributors and those actively involved in the > > vetting process. So I would like to pose the question "why then should any > > WG Management have anything to say about which protocols are done in their > > groups?". > > Why not? Does been a wg chairs means he/she have to stop been a contributor? > > > Several have said to me that they need this ability to drive focus into > the > > group. The problem is that there is no formal definition as to what that > > focus is. > > Check your working group charter. > > > Also it needs to be stated that WG participants are not labor > > sources for the WG Chair to allocate, they are participants and are all > > equal before the IESG - or should be at least. > > I think that is why the wg chairs are paid big bucks by the IETF ;-) > > Big bucks as in a *BIG* zero with all-expenses-on-your-own deal. > > > > > > > I'd like to hear the IETF community's input on the topic. > > > > > > Harald > > > > Me too!. > > I think you should try to keep your disagree with the chairs within your own > working group. Also look into RFC2026 on the appealing process. > > -James Seng >
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 10:46 , todd glassey wrote: >> - In the OSPF vs IS-IS discussions, we decided to pursue two >> approaches. >> Both survive, with little apparent harm to the community. > > And they both offer cricital boundry routhing capabilities - and most > Router > manufacturers support both protocols as far as I can tell. Note well that IS-IS is *not* an IETF standard. It is an ISO standard. The IETF IS-IS WG only generates Informational RFCs which are formally just contributions to the ISO IS-IS standards group. ISO retains change control over the IS-IS protocol standards. The IETF picked OSPF. Certain vendors pushed IS-IS onto large ISP customers, during the mid-90s, in part to give themselves a proprietary advantage (at the time only 1 or 2 vendors had a solid IS-IS implementation). Over time, other vendors desiring to compete in the ISP market segment shipped IS-IS in addition to OSPF. Quality of implementation of IS-IS remains highly variable today, IMHO. > But why is the question? If there are people actively working on the > effort > and they want to continue, why is the management making any decisions > as to > which protocols to push? Interoperability would be one good answer. Having a consistent Internet Architecture is another. Other reasons also exist. > The cost of persuits is not borne by the IETF though so what's the > point? Disagree. Cost of having any WG is actually pretty high for the IETF. It is pretty strongly desirable to minimise the number of active WGs, IMHO, for reasons of the operational load. That said, I think much of the community expects decisions to be made to pick one approach over another approach when the two overlap a great deal. And number me among those who think that there ought not be a hard and fast rule on this topic. Instead, local circumstances should be a major factor in deciding whether to permit competing efforts to exist within the IETF. (Of course vendor consortia could be created to take on stuff the IETF chooses not to take on.) I don't plan to get into an extended dialogue about this, so I plan not to respond to followup postings. Ran [EMAIL PROTECTED]
Re: How many standards or protocols...
> then who makes that decision? You or the WG Chairs? The AD's??? The IETF as a community, depending on rough consensus. If the rough consensus is that there will be multiple protocols, then then there will be. If not, then not. Rough also means not everyone will agree with the decision. > But why is the question? If there are people actively working on the effort > and they want to continue, why is the management making any decisions as to > which protocols to push? There must be sufficient support for the effort and that must be rough consensus. People activiely (solo or team) working is not enough. > The cost of persuits is not borne by the IETF though so what's the point? > Why should the WG constrain any effort over another? This is a curiosity of > mine, that being why a WG should have squat to say at the management level > about the content of its protocols, only whether they are completed and > elevated to the next level or not. This is the core flaw in the IETF's > process. The WG Chairs need an arms length from each of the protocol efforts > and to act as mentors for all the projects that have committed participants. > They are not the ones to decide what the WG will and will not focus on, its > membership is. In an ideal situation, the wg chairs would make decision based on what he determined as a rough consensus of the working group. It is typical that a handful of people will disagreed with the decision anyway but a loud voice doesn't mean you'll get your way. But if there are sufficient people who disagreed with the decision of the chairs, then the chairs have failed to determine the rough consensus. That decision will be overturned. It does not matter what the contributions the working group chairs made, what protocol they supports, what they thinks or what they eat last week *as long* as the final decision represent a rough consensus of the group. If you think the wg chairs should be arms length and "mentoring role", you should be looking elsewhere, not IETF. > As to the actual content and form of the protocols themselves, the content > and form is up to the contributors and those actively involved in the > vetting process. So I would like to pose the question "why then should any > WG Management have anything to say about which protocols are done in their > groups?". Why not? Does been a wg chairs means he/she have to stop been a contributor? > Several have said to me that they need this ability to drive focus into the > group. The problem is that there is no formal definition as to what that > focus is. Check your working group charter. > Also it needs to be stated that WG participants are not labor > sources for the WG Chair to allocate, they are participants and are all > equal before the IESG - or should be at least. I think that is why the wg chairs are paid big bucks by the IETF ;-) Big bucks as in a *BIG* zero with all-expenses-on-your-own deal. > > > > I'd like to hear the IETF community's input on the topic. > > > > Harald > > Me too!. I think you should try to keep your disagree with the chairs within your own working group. Also look into RFC2026 on the appealing process. -James Seng
Re: How many standards or protocols...
- Original Message - From: "Harald Tveit Alvestrand" <[EMAIL PROTECTED]> To: "todd glassey" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, April 15, 2002 10:34 PM Subject: Re: How many standards or protocols... > > > --On 15. april 2002 19:55 -0700 todd glassey > <[EMAIL PROTECTED]> wrote: > > > > > Harald - what is the IETF's policy on this question. > > > > How many of any one protocol will the IETF allow to be push through to > > standard. And the IESG? Is it that there is only one standard for each > > type of protocol or what? > > This is an official resuest, > > Since this is an official request asking for what the IETF will allow, I > think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] > > The obvious (but meaningless) answer is "as many as needed". then who makes that decision? You or the WG Chairs? The AD's??? > > Speaking for myself, I think it would be foolish of the IETF to create a > hard rule about this question - the circumstances may differ a lot. > Consider a few "multiple protocol" scenarios the IETF has faced recently. I agree personally. > > - In the IPNG discussions, we decided to pursue IPv6 only. but if someone wanted to, would you have allowed them to persue a IPv4 variant? > - In the SNMP vs CMOT discussions, we decided to pursue two approaches. > One died, the other remains. Yes - Funny how the commercial industry is about that!. > - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. > Both survive, with little apparent harm to the community. And they both offer cricital boundry routhing capabilities - and most Router manufacturers support both protocols as far as I can tell. > - In the SNMPv2 discussions, we decided to pursue one, then to pursue > multiple and "let the market decide", and then to pursue one again. > - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. > One seems to be winning, but the market has not decided yet. > - In the PGP vs S/MIME discussions, we decided to pursue two, arguing > that they have different fields of applicability. Both survive so > far, but neither has become ubiquitous. > > When we pursue multiple approaches, there is one very hard question - which > is when we take the decision to drop the pursuit of one approach. But why is the question? If there are people actively working on the effort and they want to continue, why is the management making any decisions as to which protocols to push? > Sooner or later the answer is usually obvious. But the cost of pursuit is > substantial; > it would often be advantageous to concentrate on one as soon > as one is clearly superior to the others. The cost of persuits is not borne by the IETF though so what's the point? Why should the WG constrain any effort over another? This is a curiosity of mine, that being why a WG should have squat to say at the management level about the content of its protocols, only whether they are completed and elevated to the next level or not. This is the core flaw in the IETF's process. The WG Chairs need an arms length from each of the protocol efforts and to act as mentors for all the projects that have committed participants. They are not the ones to decide what the WG will and will not focus on, its membership is. As to the actual content and form of the protocols themselves, the content and form is up to the contributors and those actively involved in the vetting process. So I would like to pose the question "why then should any WG Management have anything to say about which protocols are done in their groups?". Several have said to me that they need this ability to drive focus into the group. The problem is that there is no formal definition as to what that focus is. Also it needs to be stated that WG participants are not labor sources for the WG Chair to allocate, they are participants and are all equal before the IESG - or should be at least. > > I'd like to hear the IETF community's input on the topic. > > Harald Me too!. > > PS: The mail being responded to was addressed to the chair of the IETF in > his IETF role, and is thus a "contribution" under the terms of the NOTE > WELL statement you've all seen. Thanks Harald for the immediate response. Todd Glassey >
Re: How many standards or protocols...
My personal opinions on the matter of "when should we allow multiple protocols for the same thing" are roughly: 1) No hard and fast rule will work. This is something the relevant ADs, and sometimes the whole IESG, must judge. 2) It is reasonable to allow two (or even more) protocols when they have clear and distinct areas of applicability. Thus, while I may technically like a routing solution that applies to intra and inter domain, it is quite reasonable from a standardization perspective to have two different protocols for the two spaces. 3) History is relevant. We frequently get solutions evolving independently that turn out to have significant overlap. It requires significant care to determinewhat should be used, when, and how. Often, this will require allowing more than one standard for a time while we determine what works, is technically complete, ... In general, multiple protocols for the exact same thing are a bad idea. Translating that into practice is complicated. Yours, Joel M. Halpern At 07:34 AM 4/16/2002 +0200, Harald Tveit Alvestrand wrote: >--On 15. april 2002 19:55 -0700 todd glassey ><[EMAIL PROTECTED]> wrote: > >> >>Harald - what is the IETF's policy on this question. >> >>How many of any one protocol will the IETF allow to be push through to >>standard. And the IESG? Is it that there is only one standard for each >>type of protocol or what? >>This is an official resuest, > >Since this is an official request asking for what the IETF will allow, I >think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] > >The obvious (but meaningless) answer is "as many as needed". > >Speaking for myself, I think it would be foolish of the IETF to create a >hard rule about this question - the circumstances may differ a lot. >Consider a few "multiple protocol" scenarios the IETF has faced recently. > >- In the IPNG discussions, we decided to pursue IPv6 only. >- In the SNMP vs CMOT discussions, we decided to pursue two approaches. > One died, the other remains. >- In the OSPF vs IS-IS discussions, we decided to pursue two approaches. > Both survive, with little apparent harm to the community. >- In the SNMPv2 discussions, we decided to pursue one, then to pursue > multiple and "let the market decide", and then to pursue one again. >- In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. > One seems to be winning, but the market has not decided yet. >- In the PGP vs S/MIME discussions, we decided to pursue two, arguing > that they have different fields of applicability. Both survive so > far, but neither has become ubiquitous. > >When we pursue multiple approaches, there is one very hard question - >which is when we take the decision to drop the pursuit of one approach. >Sooner or later the answer is usually obvious. But the cost of pursuit is >substantial; it would often be advantageous to concentrate on one as soon >as one is clearly superior to the others. > >I'd like to hear the IETF community's input on the topic. > >Harald > >PS: The mail being responded to was addressed to the chair of the IETF in >his IETF role, and is thus a "contribution" under the terms of the NOTE >WELL statement you've all seen.
Re: How many standards or protocols...
We'd be very foolish to have a "policy" on this. It all depends on the particular case, and sometimes it's better to let Darwinian selection make the choice. Sometimes (as for IPvN) it is clearly required to make a choice in advance. This is not an official answer. Brian Harald Tveit Alvestrand wrote: > > --On 15. april 2002 19:55 -0700 todd glassey > <[EMAIL PROTECTED]> wrote: > > > > > Harald - what is the IETF's policy on this question. > > > > How many of any one protocol will the IETF allow to be push through to > > standard. And the IESG? Is it that there is only one standard for each > > type of protocol or what? > > This is an official resuest, > > Since this is an official request asking for what the IETF will allow, I > think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] > > The obvious (but meaningless) answer is "as many as needed". > > Speaking for myself, I think it would be foolish of the IETF to create a > hard rule about this question - the circumstances may differ a lot. > Consider a few "multiple protocol" scenarios the IETF has faced recently. > > - In the IPNG discussions, we decided to pursue IPv6 only. > - In the SNMP vs CMOT discussions, we decided to pursue two approaches. > One died, the other remains. > - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. > Both survive, with little apparent harm to the community. > - In the SNMPv2 discussions, we decided to pursue one, then to pursue > multiple and "let the market decide", and then to pursue one again. > - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. > One seems to be winning, but the market has not decided yet. > - In the PGP vs S/MIME discussions, we decided to pursue two, arguing > that they have different fields of applicability. Both survive so > far, but neither has become ubiquitous. > > When we pursue multiple approaches, there is one very hard question - which > is when we take the decision to drop the pursuit of one approach. > Sooner or later the answer is usually obvious. But the cost of pursuit is > substantial; it would often be advantageous to concentrate on one as soon > as one is clearly superior to the others. > > I'd like to hear the IETF community's input on the topic. > > Harald > > PS: The mail being responded to was addressed to the chair of the IETF in > his IETF role, and is thus a "contribution" under the terms of the NOTE > WELL statement you've all seen.
Re: How many standards or protocols...
--On 15. april 2002 19:55 -0700 todd glassey <[EMAIL PROTECTED]> wrote: > > Harald - what is the IETF's policy on this question. > > How many of any one protocol will the IETF allow to be push through to > standard. And the IESG? Is it that there is only one standard for each > type of protocol or what? > This is an official resuest, Since this is an official request asking for what the IETF will allow, I think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] The obvious (but meaningless) answer is "as many as needed". Speaking for myself, I think it would be foolish of the IETF to create a hard rule about this question - the circumstances may differ a lot. Consider a few "multiple protocol" scenarios the IETF has faced recently. - In the IPNG discussions, we decided to pursue IPv6 only. - In the SNMP vs CMOT discussions, we decided to pursue two approaches. One died, the other remains. - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. Both survive, with little apparent harm to the community. - In the SNMPv2 discussions, we decided to pursue one, then to pursue multiple and "let the market decide", and then to pursue one again. - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. One seems to be winning, but the market has not decided yet. - In the PGP vs S/MIME discussions, we decided to pursue two, arguing that they have different fields of applicability. Both survive so far, but neither has become ubiquitous. When we pursue multiple approaches, there is one very hard question - which is when we take the decision to drop the pursuit of one approach. Sooner or later the answer is usually obvious. But the cost of pursuit is substantial; it would often be advantageous to concentrate on one as soon as one is clearly superior to the others. I'd like to hear the IETF community's input on the topic. Harald PS: The mail being responded to was addressed to the chair of the IETF in his IETF role, and is thus a "contribution" under the terms of the NOTE WELL statement you've all seen.