Things wrong with the IETF

A view from the position of the chair – April 11, 2003

WARNING: This note is NOT an unbiased, objective description of everything that the IETF has problems with or descriptions of how to solve them. It is the personal view from the current occupant of the Chair's chair, and tries to point out the things I see as issues, with emphasis on the things that others haven't raised in the debate. Some of it is obvious to others, others may be less so. Some of them are direct, day-to-day experience; others are "musings on structure". And these are only my personal opinions.

Problem: The IETF runs on personal relationships

The IETF is an intensely personal organization, with even its very structure based around the idea of people as actors, rather than organizations or companies.

This is also reflected in how it gets work done; the nomcom process, the chair selection processes and the WG activities all rely on people's personal trust in each other.

This has proved a very powerful model. But it has a hard time scaling.

A telling comment from the Nomcom chair this year: When people were talking about the IETF leadership in abstract, there were quite a few strongly negative comments. But when talking about the parts of the IETF leadership that they had personal dealings with, the comments were much more positive. Trust doesn't travel along the relationship networks; the fact that you trust someone doesn't mean that you trust everyone that person trusts.

Similarly, the change of guard when an AD is replaced is quite disruptive; we don't keep personnel records, and we don't keep much in the way of written plans or formal documentation. A new AD has to build or bring along his own trust network.

And of course this affects the choosing of WG chairs too; if someone is unknown to the ADs, he is unlikely to be picked as a WG chair unless he's part of the team that brought the idea on board; this particularly limits the choice when asking for "stabilizing", "advising" or "process" chairs to work with an enthusiastic newcomer in a difficult area.

The fact that we trust each other, and are able and willing to act on that trust, is a great strength of the IETF.

The fact that we have so little institutional memory outside of the memories of the people in the process is a weakness.

Some people have suggested adding more technology or support functions (such as more formal minutetaking, more rigid frameworks for the work of WGs) in order to improve our institutional memory. I do not know how much this aids the building of trust networks; it certainly would aid the ability to detect their breakdown.

Problem: Technology "Focus" is Designing for Stagnation

The IETF, I like to quip, currently has a very scalable management structure; it scales all the way up to 700 participants.

One classic response to this is of the form that "The IETF should focus on its core technologies and tell the other 800 people to take their work somewhere else".

This ignores one basic fact: We live in a very changeable industry. And the technologies we used to work on are standardizing fast, while the focus of what "needs to be done" is shifting all over the map.

The IETF is a process that allows a remarkable amount of openness and input. And it has achieved some remarkable successes, and is frequented by a large pool of talented engineers with lots of domain-specific knowledge - some of which is most definitely needed in other parts of our industry.

But if we turn away work with the argument that "our management structure doesn't have room for it", we encourage several negative effects:

I personally believe that if the IETF management were structured in such a way that adding new work items when it makes sense to do them in the IETF was a relatively painless exercise, the IETF would be a more dynamic and flexible organization, where it was easier to get work done.

It might also be a larger one; that is not necessarily a disadvantage - PROVIDED we can make the structure scale well.

Problem: The AD job can't be done well

In the way the IETF and the IESG is currently structured, I personally believe that the job of Area Director is impossible to do satisfactorily. The fact that we still have some people who do a good job of it is a miracle, not something we should depend on for the future.

The demands that come from interacting with working groups, understanding technology, cross-pollinating between groups and coordinating with other areas are simply too much for any human to handle when added on top of the requirement to read (or at least glance at) every single document the IETF produces and have an opinion on them all.

This has three bad effects (at least):

If anything's a solution to this, it has to involve making the job possible to do - which probably involves splitting the functions of the role over several people. Who need to be coordinated, of course - placing greater demand on the time people use in communication, which restricts the time available to do "real work"; one quickly runs across the old adage about it being easier to do 10 people's work than get 10 people working..... what is done in this space needs to be quite, quite carefully designed.

I personally don't mind the IETF chair being a full-time job. But having ADs be able to regard their AD-hood as something they are doing well as a part-time activity would, IMHO, make life better for the IETF.

Problem: The range of knowledge required of the IESG is too large

The IESG is routinely asked to take positions on quite detailed issues ranging from optical fiber light frequencies, proper use of XML, character sets in China, religious debates between proponents of ASN.1 dialects and the strength of cryptoalgorithms.

The knowledge required to speak authoritatively to all of these subjects is huge - and sometimes it seems unlikely that the requisite amount of knowledge can be procured within any set of 13 people. Of course, the IESG depends on the expert input of others - but the IETF, with its personal relationships structure, is not an easy place in which to find sources of unbiased advice - and the process of seeking help from sources outside of the IETF is often even messier, since these have to be calibrated against the particular norms that are appropriate to the IETF's position and role in the world - the interactions between the IETF and such entities as the World Wide Web Consortium or the Unicode Consortium run rife with examples of this.

Problem: The IESG is too big to manage the IETF effectively

I personally believe that the IETF is in urgent need of some operational, tactical planning of its work; making sure there are no things falling between the cracks, that we know where we are going, and that we are working to a shared vision. A lot of the good things the IETF has done has stemmed from a shared vision between the initial participants; the shared vision is still underlying a lot of what we do, but our failure to articulate it is only one of the factors that has diluted it – our failure to do strategic planning is another factor.

Experience from other contexts indicates (to me, at least) that such planning is best done in a relatively small group, which focuses intensively on the task and where every member feels a personal ownership of the result. It's then of course an important next step to show the rest of the community that the plan is in correspondence with what the community wants - but we can't even get that far without having a plan to discuss.

Unfortunately a group of 13 + 5 people is somewhat too large to work such a vision; the number of interrelationships in the group is simply larger than is most effective for this aspect of the IESG's tasks - one reason why we are failing at it. (Others include the facts of overloading and firefighting..... but this is a contributing reason)

Of course, a reformulation of the previous two sections is that "the IESG is too small to get its job done". There's tension here.

So what?

Of course, these are my personal views only. The first step is to figure out if these are concerns that are shared by the IETF community. Then we have to figure out what we can change to make things better.

I've got ideas. But we're a community driven organization. So – community – get out and drive!