The sky didn't fall

(or, what I saw in Dallas)

(Other perspectives on the same event: Ingrid Melve)

You could almost hear the litany as the plane circled Dallas airport in preparation for landing: "SNMPv2 is falling, SNMPv2 is falling"....32 years after the last time Dallas made world news, it seemed that a new disaster loomed over the world of networking.

All efforts to produce a secure management protocol for the Internet had been in vain, the house of IETF was torn by strife and internal unrest, and the Big Bad Business vultures were hovering around the edges, waiting to tear the Internet limb from limb at the first sign of weakness.

Of course, it didn't happen.

Once you get there on the ground, once you walk into that hotel lobby and see the last remnants of the well-tailored and tie-wearing crowd from the last meeting leave, while the lobby is filling with jeans-clad, T-shirt-wearing, chattering, portable-lugging IETFers, the basic reasonableness of the process seems somehow to reassert itself.

Network management is a small (albeit important) area of the IETF, solutions can be found, goals can be redefined, friends can make up - and the business vultures seem strangely friendly as they walk around making reasonable suggestions, participating in discussions and promising to "play the Internet game" according to the rules.

More details on some things that happened (in slightly less flowering language) follow below. As usual, what happened outside the Applications area is things known by hearsay, "corridor impressions" and vaguely remembered mutterings; handle with care!

The Web into conflict

Not really - the main base of the Web is apparently in fine shape, though late as usual; the vital HTTP/1.0 and HTML/2.0 documents are finished, barring a few details on document status.

But friction is showing at the edges; a suggestion for a "style sheet" addendum to the standard engendered little enthusiasm; the proposals for an extension mechanism to allow "vendor extensions" in HTTP/1.1 were greeted with a distinct lack of enthusiasm. The phrase "too much complexity at the core" was heard more than once.

But still - the fact that HTTP extensions for "persistent connections", with their promise to ease the currently horrendous situation seen on busy Web-servers, where one can find 200 simultaneous connections and 800 connections in "shutdown state" at any given instance, are being deployed even as the standards are being written indicates a strong willingness on the part of the community to come to grips with the problems that the extreme success of the Web have engendered.

A suggestion voiced in the Transport area (the traditional home for TCP and similar things) about designing a protocol that is better for "web-like things" than TCP is needs careful nurturing; watch this space.....

A quite different story is that seen in the "Voluntary Access Control" BOF, which was faced on one side by the Web consortium saying that "we have the standard, and we must be in control of it for the time being", and on the other side by the US congress (with the European Commission falling over itself to repeat its mistakes) trying to impose censorship on the Internet without eroding adults' rights to free speech (an act reminescent of trying to shave with a battleaxe, or of advocating nuclear weapons as a solution to street littering).
In this maelstrom of politically motivated posturing, little place seems to be left for the IETF's traditional strong engineering focus and desire to produce "solutions that work".

The result of the discussions was roughly:

The IETF should look at the possibility of writing down the requirements, from a technical viewpoint, that ratings systems or similar functionality would have to satisfy.
The IETF should provide input to the Web consortium on how the PICS effort related to these requirements.

The Mail Must Go On

E-mail is, in many ways, the backbone of the Internet. Without E-mail, the Internet community simply wouldn't exist.

It's somewhat ironic that the documents defining this vital Internet service are rather old, rather vague and rather unsatisfactory in the service they describe.

Some IETF WGs address this:

The DRUMS WG tries to rewrite the standards so that it describes the same protocol, but does so clearly and unambigously.
The RECEIPT WG tries to add another piece of functionality: Standard "I've seen your message" notifications.
The MIXER WG attempts to do properly the task of shipping messages into and out of the X.400 E-mail community
The MIMESGML WG attempts to specify how to carry SGML documents around

All of these proceeded in relative harmony, apart from MIMESGML, where a fundamental disagreement is being resolved in one of the usual IETF fashions: Publish both approaches as Experimental, see which gets industry support, and kill the other (if possible).

A new X.400 mapping is expected in early 1996; RECEIPT and DRUMS also expect to be shipping in 1996, but not before Los Angeles (March).

Other Email-related matters:

A new upgrade of the MIME drafts (clarifications) was published just prior to the meeting. No discussion (apart from hallways), but we hope that the registration function will be sorted out Real Soon Now!
A lunchtime BOF was held on the subject of HTML in E-mail (as in "I want to mail that Web page"). Possibly this will be a working group Real Soon Now; several issues concerning the handling of URLs in E-mail were raised.

When you want to manage these beasts, it might be useful to know that the MADMAN group, which defined SNMP MIBs for handling MTAs and DSAs, has been reactivated to review the documents.

No less than THREE other management groups are immediately relevant:

ApplMIB, being concerned with defining a MIB for use with any and all "applications" (whatever that is)
AgentX, which wants to define how to run multiple "agents" at one network host - and find them - which has been a problem with the deployment of the MADMAN MIBs
EntityMIB, which wants to standardize ways to find out which MIBs a given agent can support.

Given my limited understanding of management, I should say no more....

Find Me If You Can

Of course, the Directory Problem wasn't solved this time around either.
We still don't have the protocol that lets us take three random facts and from them deduce the structure of the universe - or even what Joe Smith had for lunch last tuesday.

We ARE, however, trying to get a handle on what the Directory Problem actually is; the IDS WG is trying to come up with a set of "requirements documents", which may at some point in the future allow us to say with some confidence that "this problem will NOT be solved by the Internet Directory". Then we MIGHT be able to build one!

Other promises include:

The FIND group, which had its first meeting, thinks that it can make an indexing protocol that allows you to find out which servers, using any protocol, it makes sense to ask in order to find someone or something
The ASID group thinks that LDAP, the Lightweight Directory Access protocol, is turning into The Access Protocol for X.500, but hasn't quite figured out what the next version should contain
The IDS group reports some success in getting the Ph/CCSO protocol documented, so that it is possible to write standards-track gateway specs on bringing these widely deployed site databases into the future Internet integrated service.

All in all, the goal of an Internet Directory looks to be growing closer by the day - but we still have no real idea how close the day is.....

IPv6 and all that

IPv6 is a success story. There are still a few pieces of the puzzle missing (some stuff on autoconfiguration), but already there exist multiple implementations, all interoperating over V6-in-V4 tunnels, for many of the most popular Unix platforms. No Linux or Window implementations yet, though!

Security is implemented in several of the test implementations; this has of course hit the usual hassle of export rules ("by some mischance, it seems that someone forgot to limit access to the xxx directory, so if you are outside the US, close your ears while I write down this URL....."). Key management isn't ready yet (for either V4 or V6); it looks as if two approaches will be standardized - Photuris and SKIP.

Network MisManagement

Now that the dust seems mostly to have started heading in the direction called "down" by most participants, it might be possible to say something about where we are.

The IESG decided that the request from the SNMPv2 working group to standardize a protocol without working security as "the Internet management protocol", because they were unable to agree on one, was simply not going to fly.

On the other hand, the "core" of the management operation itself is well known and stable; there's no pressing need for 128-bit counters, whole-table operations or other exotic changes to the "SNMP core".

So - the IESG has promised to consider the "SNMP core" as candidates for Draft Standard, while the "intro document" that describes how to run SNMPv2 with community strings (just like SNMPv1 - "passwords in the clear") is an experimental protocol - we think that it misses some basic functionality we need.

There are signs that the personal relationships in the SNMP group may be healing too; at least one participant was sighted carrying an olive branch. But it takes two to make peace, and I don't know more....it was a long and bitter discussion, and the end is not in sight yet; we still don't have a secure management protocol.

(Certain people thought that the general problem of access control in operating systems across all kinds of devices might be a mouthful for any group that went to bat with it, and the solution might involve changing the problem description until it's workable. We'll see what the result is....)

What the dog didn't hear in the night

(random rumours that might have no relationship with anything at all....)

Microsoft announced that it would promote a Visual Basic-based scripting language as an Internet standard, even submitting it to the IETF for standardization....
In the great tradition of covering bets, Microsoft also announced that it had licensed Sun's Java scripting language....
Unconfirmed rumours about the inclusion of the Internet phone program Iphone in the Win95 "fixup" would probably lead to a tenfold increase in Internet bandwidth requirements....
When one company in Sillicon Valley laid off people, Cisco opened a recruiting booth in the driveway, under the slogan "We have 2000 open positions"....
Reported sighting of a single customer who has succeeded in configuring the deprecated "party" approach for SNMPv2 security have been partly confirmed by the company, which was not named...no second sighting has been reported of this rare beast....
Apparently @Home, the Internet startup in California, has been granted a monopoly on using the Turner cable networks for IP-to-the-home, giving it instant wiring to 20% of all US households.....
The split in Public Key Partners is providing the interesting spectacle of RSA Inc's lawyers arguing that public key cryptography is not patentable, while the other guy's lawyers argue that the RSA patent is so much empty air....as they say: "it couldn't happen to a nicer guy"......
Out-of-work Internet engineers are becoming scarcer than successful SNMPv2 party MIBs as the Internet heats up....

This is the end of the rumour mill, and also the end of the document - I hope you enjoyed it so far, and that you won't make million-dollar investments based on what I say without further corroboration.

Enjoy your Internet surf - the waves crash, but the sky stays up.....

Harald.T.Alvestrand@uninett.no

Last modified: Mon Jan 8 13:25:41 1996