IETF mission (RE: pausable explanation for the Document Series)
Eric Rosen
erosen at cisco.com
Fri Jun 6 11:58:01 CEST 2003
Perhaps we need to understand better just what problem we are trying to
solve by revising the categorization of standards.
I'd make two observations:
1. Nobody cares whether the IETF says that a protocol is ready for
deployment or not. Service providers, vendors, enterprises, etc., will
decide this for themselves.
By "nobody", I mean "nobody who is in a position to decide whether to do
any large scale deployments". In the old world of the ITU-T people don't
deploy until the standards process is finished, which leads to (a)
bizarre standards and (b) slow progress. That may have been okay when
telecom providers were monopolies, but it is not okay in the competitive
environment of today.
2. People do care about whether the protocol has a public specification
which is sufficiently detailed so as to enable interoperability among
multiple independent implementations. However, they will not wait (nor
should they) for such a specification before deployment.
Based on these observations, there has arisen a significant constituency in
the IETF (though not seen much on this list) which believes that the only
proper function of the IETF is to publish specifications which are
multi-vendor interoperable. Members of this constituency see no benefit at
all for IESG review. Members of this constituency would also be overjoyed
if all their specs could just get published as "Experimental" or
"Informational", and once the specs get published, they have no interest in
moving them further along in the process.
Most people on this list seem to think that there is a value in having a
category of "standard" which means something more than "multi-vendor
interoperable." But I don't think there is a clear consensus on just what
we want that to mean, and that's one of our big problems.
Some possible considerations are:
- correctly achieves the function which it is intended to achieve
- adequately address scalability and security considerations in the intended
scope of applicability
- adequately (though not excessively) flexible
- not a lot more complicated than it needs to be
- can be reasonably defended against alternatives
- specification is competently and professionally done
- impact on other areas has been addressed
- there exists significant interest in deploying this
etc.
To me, it makes sense to have a standards category which says that the
specification is not merely adequate for interoperability, but also that it
has been judged against these other considerations.
Considerations often cited which I don't agree with:
- must not be intended for uses which violate my personal values
- must not be intended for uses which violate my idea of how the Internet
should be used
- must not be intended for uses which allow Service Providers to add value
- must not violate some alleged philosophical principle articulated 25 years
ago
- must not make it more difficult to write multi-party peer-to-peer
applications
- must have the highest conceivable level of security
- guaranteed bug-free
Based on the considerations I think are important, I don't understand why we
need more than one category of standard, so I would tend to agree with
Brian: "let's scrap it all and have a single level (with recycling in grade
for corrections/updates)."
More information about the Problem-statement
mailing list