My thoughts about the problems of the IETF

Harald Tveit Alvestrand harald at
Fri Apr 11 12:45:27 CEST 2003

Just before the IETF, I got challenged by Dave Crocker and others to share 
with you *my* perspective on "what is wrong with the IETF".

I had reasons for not doing that early on in the life cycle of this group - 
the most important aspect is what the *community* thinks the problems are, 
and handing out a lot of stuff early in the process could have caused the 
debate to focus on aspects that might not have been the essential ones.

But of course I have an opinion. And want to share it.
I also agree with a lot of the analyses that have been brought forward so 
far; the fact that I don't mention them below is not because I disagree, 
but because I am focusing on other things.

Most of my opinions are subject to change without notice. So I'm putting 
this up on a web page:

What's below is the current content. It's only my opinion, biased, 
wrongheaded and badly formulated - it's had very little review by others.

But you might find it interesting.


                   Things wrong with the IETF

   A view from the position of the chair - March 31, 2003

   WARNING: This note is NOT an unbiased, objective
   description of everything that the IETF has problems
   with or descriptions of how to solve them. It is the
   personal view from the current occupant of the Chair's
   chair, and tries to point out the things I see as
   issues, with emphasis on the things that others haven't
   raised in the debate. Some of it is obvious to others,
   others may be less so. Some of them are direct,
   day-to-day experience; others are "musings on
   structure". And these are only my personal opinions.

Problem: The IETF runs on personal relationships

   The IETF is an intensely personal organization, with
   even its very structure based around the idea of people
   as actors, rather than organizations or companies.

   This is also reflected in how it gets work done; the
   nomcom process, the chair selection processes and the
   WG activities all rely on people's personal trust in
   each other.

   This has proved a very powerful model. But it has a
   hard time scaling.

   A telling comment from the Nomcom chair this year: When
   people were talking about the IETF leadership in
   abstract, there were quite a few strongly negative
   comments. But when talking about the parts of the IETF
   leadership that they had personal dealings with, the
   comments were much more positive. Trust doesn't travel
   along the relationship networks; the fact that you
   trust someone doesn't mean that you trust everyone that
   person trusts.

   Similarly, the change of guard when an AD is replaced
   is quite disruptive; we don't keep personnel records,
   and we don't keep much in the way of written plans or
   formal documentation. A new AD has to build or bring
   along his own trust network.

   And of course this affects the choosing of WG chairs
   too; if someone is unknown to the ADs, he is unlikely
   to be picked as a WG chair unless he's part of the team
   that brought the idea on board; this particularly
   limits the choice when asking for "stabilizing",
   "advising" or "process" chairs to work with an
   enthusiastic newcomer in a difficult area.

   The fact that we trust each other, and are able and
   willing to act on that trust, is a great strength of
   the IETF.

   The fact that we have so little institutional memory
   outside of the memories of the people in the process is
   a weakness.

   Some people have suggested adding more technology or
   support functions (such as more formal minutetaking,
   more rigid frameworks for the work of WGs) in order to
   improve our institutional memory. I do not know how
   much this aids the building of trust networks; it
   certainly would aid the ability to detect their

Problem: Technology "Focus" is Designing for Stagnation

   The IETF, I like to quip, currently has a very scalable
   management structure; it scales all the way up to 700

   One classic response to this is of the form that "The
   IETF should focus on its core technologies and tell the
   other 800 people to take their work somewhere else".

   This ignores one basic fact: We live in a very
   changeable industry. And the technologies we used to
   work on are standardizing fast, while the focus of what
   "needs to be done" is shifting all over the map.

   The IETF is a process that allows a remarkable amount
   of openness and input. And it has achieved some
   remarkable successes, and is frequented by a large pool
   of talented engineers with lots of domain-specific
   knowledge - some of which is most definitely needed in
   other parts of our industry.

   But if we turn away work with the argument that "our
   management structure doesn't have room for it", we
   encourage several negative effects:
     * We reduce the cross-pollination between the
       engineers of the IETF and the engineers working on
       the new ideas, in many cases condemning the new
       efforts to repeat our old mistakes once more.
     * We blinker the view of our own engineers in their
       core fields, because they lose touch with what the
       Internet is truly being used for; we then run the
       risk of "fighting the last war" and optimizing
       "our" parts of the Internet for applications that
       just aren't there.
     * We encourage the growth of other standards
       organizations, many with different participation
       models than the one the IETF uses. Sooner or later,
       some of these organizations will no longer have
       support, and will die. The IETF could be one.

   I personally believe that if the IETF management were
   structured in such a way that adding new work items
   when it makes sense to do them in the IETF, the IETF
   would be a more dynamic and flexible organization,
   where it was easier to get work done.

   It might also be a larger one; that is not necessarily
   a disadvantage - PROVIDED we can make the structure
   scale well.

Problem: The AD job can't be done well

   In the way the IETF and the IESG is currently
   structured, I personally believe that the job of Area
   Director is impossible to do satisfactorily. The fact
   that we still have some people who do a good job of it
   is a miracle, not something we should depend on for the

   The demands that come from interacting with working
   groups, understanding technology, cross-pollinating
   between groups and coordinating with other areas are
   simply too much for any human to handle when added on
   top of the requirement to read (or at least glance at)
   every single document the IETF produces and have an
   opinion on them all.

   This has three bad effects (at least):
     * Wear on the IESG: The IESG members become
       overworked. This is bad for their health, humor and
       home life. As well as placing them into conflict
       with their bosses, who occasionally think that they
       have "real jobs" that they should do some work at.
       (strange illusion)
     * Unhappiness in the IETF: The IETF members become
       unhappy. They percieve that IESG members are
       responding slowly, lose touch with their
       technology, and can't be relied on to be proactive
       in fixing problems within the working groups or
       keep communications channels with other groups
     * Recruiting shrinkage: The number of people who can
       even imagine taking on an IESG job goes down. And
       it becomes largely limited to people who work for
       large companies that can afford to feed them while
       they do IESG, and don't regard them as essential to
       get their business done - in other words,
       "standards professionals" are more likely to be put
       forward than "real engineers", or - even more scary
       - the real engineers may start behaving like
       standards professionals.

   If anything's a solution to this, it has to involve
   making the job possible to do - which probably involves
   splitting the functions of the role over several
   people. Who need to be coordinated, of course - placing
   greater demand on the time people use in communication,
   which restricts the time available to do "real work";
   one quickly runs across the old adage about it being
   easier to do 10 people's work than get 10 people
   working..... what is done in this space needs to be
   quite, quite carefully designed.

   I personally don't mind the IETF chair being a
   full-time job. But having ADs be able to regard their
   AD-hood as something they are doing well as a part-time
   activity would, IMHO, make life better for the IETF.

Problem: The range of knowledge required of the IESG is too

   The IESG is routinely asked to take positions on quite
   detailed issues ranging from optical fiber light
   frequencies, proper use of XML, character sets in
   China, religious debates between proponents of ASN.1
   dialects and the strength of cryptoalgorithms.

   The knowledge required to speak authoritatively to all
   of these subjects is huge - and sometimes it seems
   unlikely that the requisite amount of knowledge can be
   procured within any set of 13 people. Of course, the
   IESG depends on the expert input of others - but the
   IETF, with its personal relationships structure, is not
   an easy place in which to find sources of unbiased
   advice - and the process of seeking help from sources
   outside of the IETF is often even messier, since these
   have to be calibrated against the particular norms that
   are appropriate to the IETF's position and role in the
   world - the interactions between the IETF and such
   entities as the World Wide Web Consortium or the
   Unicode Consortium run rife with examples of this.

Problem: The IESG is too big to manage the IETF effectively

   I personally believe that the IETF is in urgent need of
   some operational, tactical planning of its work; making
   sure there are no things falling between the cracks,
   that we know where we are going, and that we are
   working to a shared vision. A lot of the good things
   the IETF has done has stemmed from a shared vision
   between the initial participants; the shared vision is
   still underlying a lot of what we do, but our failure
   to articulate it is only one of the factors that has
   diluted it - our failure to do strategic planning is
   another factor.

   Experience from other contexts indicates (to me, at
   least) that such planning is best done in a relatively
   small group, which focuses intensively on the task and
   where every member feels a personal ownership of the
   result. It's then of course an important next step to
   show the rest of the community that the plan is in
   correspondence with what the community wants - but we
   can't even get that far without having a plan to

   Unfortunately a group of 13 + 5 people is somewhat too
   large to work such a vision; the number of
   interrelationships in the group is simply larger than
   is most effective for this aspect of the IESG's tasks -
   one reason why we are failing at it. (Others include
   the facts of overloading and firefighting..... but this
   is a contributing reason)

   Of course, a reformulation of the previous two sections
   is that "the IESG is too small to get its job done".
   There's tension here.

So what?

   Of course, these are my personal views only. The first
   step is to figure out if these are concerns that are
   shared by the IETF community. Then we have to figure
   out what we can change to make things better.

   I've got ideas. But we're a community driven
   organization. So - community - get out and drive!

More information about the Problem-statement mailing list