IESG proposed statement on the IETF mission

[Harald Tveit Alvestrand]

--On 16. oktober 2003 14:25 +0200 Brian E Carpenter <brc at zurich.ibm.com> 
wrote:

> (Only to problem-statement. I assume the interested parties are mainly
> here.)
>
> Firstly a general point. I am rather amazed that this draft comes
> from the IESG alone, and not from the IAB+IESG. In fact, I'd like
> an explanation. Since the IAB and the IESG are the two peer committees
> that the IETF puts in place to oversee the architecture and oversee
> the process, I simply don't buy the idea of a draft mission statement
> that comes from only one of them.

Put this down as bad management (ie my fault). The IESG was anxious to get 
this draft in front of the community, so we shipped it publicly just about 
the moment it had a form that the IESG could stand behind.
Nowhere was there an intention of not getting IAB comment and buy-in.

> Secondly, I agree with Melinda: take out the "problem" language. This
> document should contain exclusively positive statements.

Point.

> Thirdly:
>
> Keith Moore wrote:
>
> (and other people wrote similar things)
>
> ...
>>
>> > It is important that this is "For the Internet,"  and does not include
>> > everything that happens to use IP.  IP is being used in a myriad of
>> > real-world applications, such as controlling street lights, but the
>> > IETF does not standardize those applications.
>>
>> I disagree with the sentiment as I understand it.  I don't think it's
>> realistic anymore to take the view that what people run entirely on
>> private networks is their own business and outside of IETF's purview.
>> NATs, private addresses, and DHCP with short lease times have all had
>> devistating effects on the Internet's ability to support applications.
>> Insecure applications can facilitate the breeding of viruses that affect
>> the entire network even if their intended interactions are only between
>> a local client and server.
>
> Furthermore, we have *explicitly* in the past given warnings about the
> risk to users' interests of walled garden approaches. And RFC 3002 made
> a specific recommendation as a result (please read the whole RFC for
> context):
>
>  4.2.1
>
>    It was strongly recommended that independent of the ubiquity of the
>    "walled garden" deployment scenario that protocols and architectural
>    decisions should not target this model.  To continue the success of
>    Internet protocols at operating across a highly diverse and
>    heterogeneous environment the IETF must continue to foster the
>    adoption of an "open model".  IETF protocol design must address
>    seamless, secure, and scalable access.
>
> I would like to see the mission statement endorsing this. Of course the
> IETF will not standardize all *applications* but if we don't standardize
> the IP environment, including at least transport and transport security,
> and whatever is needed in the way of a session level, regardless of
> whether  it is part of the big-I Internet, we will be doing our ultimate
> customers  (ordinary users) an important disservice.

That's a discussion we need to have. I think of the walled garden as being 
"off the Internet", and "open model" applications as being "on the 
Internet", and thus within reach of the proper focus of the IETF.
If what we do works inside walled gardens too - nice, but not something I 
think we should value excessively.

> What we also need in the mission statement is enough boundary-setting that
> we can relatively easily decide what fits into the "Applications" Area
> and whether the Sub-IP Area belonged here in the first place. (I put
> "Applications" in quotes because there isn't much in the Apps area that
> outsiders think of as applications.)

Yes. Suggested text?