Log in

No account? Create an account

Previous Entry | Next Entry

The IETF struggles to remain relevant

I read an article yesterday by Marcus Ranum, who did a lot of early firewall work at TIS during my last few months there. (I never worked with him, but I did interact with him a bit when I first started at Digital in 1995. Our group inherited the firewall he and some others had originally developed.) In the article he is critical of the IETF, stating that the RFC (Request for Comments) process is obsolete and that the IETF takes too long to develop standards.

There has actually been a long debate on the IETF discussion list on this subject. Lots of reasons for the IETF's inability to generate timely standards have been given, such as a lack of qualified volunteers and work/personal time conflicts of WG (working group) members and chairs. Complaints about the IETF have spread to other lists, such as the IRTF End-to-End research group, where topics such as congestion avoidance (my favorite) is discussed. Some of the debates have become quite personal and vicious.

It makes me sad to see this sort of thing happening because there are still quite a few people I knew who are still active in the IETF who were active back in the late 1980s and early 1990s when I was more involved in computer networking. However I think there is a lot of truth to what people are saying about the IETF because it isn't able to move quickly enough to keep up with the demand for certain types of solutions, so smaller groups (some associated with open-source projects, others with commercial vendors) implement solutions that are not always compliant with IETF principles. A very sore spot has been NAT (network address translation), which allows hosts behind a firewall or some other type of device to use private address space (non-publicly routed) to communicate with hosts in public address space. An often-voiced opinion among some members is that it breaks the end-to-end principle. However, it was needed because the next version of the Internet Protocol (IPv6) wasn't ready yet, and it wasn't possible for some organizations to get enough public IP addresses.

In all fairness, I think most IETF people try to do a good job and stick to the principles they believe in (rough consensus and working code, robustness of protocols, etc.). However, I think things happen too quickly now, and the IETF is not in a good position to keep up with the demand for new protocols, etc.

My BP is up again, possibly due to hard work during piano practice, but also stress over job search.


( 2 comments — Leave a comment )
Jun. 23rd, 2005 03:41 pm (UTC)
More recently, I was heavily involved with the MARID WG, which was tasked with finding a protocol that domain owners can use to authorize certain IPs as valid senders of their email, and disavow others who should not be sending their mail. (Basically what SPF is trying to do)

My impression of the IETF process is echoed by something I heard someone else say: the IETF process is great, except it is highly vulnerable to a denial of service attack. In other words, people who didn't agree with the group's "rough consensus" were able to raise endless questions and steer the conversation back to topics that we all thought had already been decided, and the chair (co-chairs in this case) were chronically unable to rein in the mavericks that wanted to steer things in another direction. It's hard to get your way in the face of consensus not in favor, but it's remarkably easy to scuttle the entire process.

My recommendation for anyone involved with any working group is to remind the chair persons early and often that they are responsible for keeping the group focused and on-track, and that they should treat off-topic and out-of-scope threads appropriately - as the drain of resources that they are - and do so quickly.
Jun. 23rd, 2005 10:09 pm (UTC)
I haven't had much time to follow IETF WGs lately. The ones I was following a few months ago are mostly in the Transport Area. Traffic on the lists is generally moderate, and the WGs seem focused. I would imagine something like MARID to be highly contentious and subject to DoS attacks.

( 2 comments — Leave a comment )

Latest Month

July 2018

Page Summary

Powered by LiveJournal.com
Designed by Tiffany Chow