12 March 2008 IAOC/IESG Plenary IAOC/IESG Plenary Agenda 1. Welcome by Russ Housley 2. Host Presentation by John Schanz, Exec Vice Pres., National Engineering & Technical Operations, Comcast 3. NOC Report by Morgan Sacket 4. IETF Chair Report (Russ Housley) 5. IAOC Chair Report (Kurtis Lindqvist) 6. IAD Report (Ray Pelletier) 7. NomCom Chair Report (Lakshminath Dondeti) Sam Hartman congratulates Lakshminath for his report. Excellent work! Should be a new standard for future nomcom chairs. 8. NomCom Dispute Resolution (Scott Bradner) 9. Thanks to Outgoing IESG and IAOC Members Fred Baker: This is an opportunity to thank some people: - Sam was Security AD for 3 years - Kurtis was chair IAOC for last 2 years Each of them was presented a plaque by ISOC in recognition of their contribution to the IETF. 10. Introduce New IESG and IAOC Members Pasi Eronen is the new security AD Ole Jacobsen is the new IAOC member The outgoing AD and IAOC members hand over their dots to the new ones. 11. IAOC Q&A (IAOC on stage) Bill Fenner: found the cookies horrifyingly large. Begging the IAOC to change that, because he has not enough self control to stop eating in the middle ... And he is not good at sharing either ;-))))))))) Bill wants to make sure the community knows what the way forward is in planning the IETF web site and other tools to go forward. The IAOC is the body where the money decisions are made. Kurtis: doesn't know. But the IAOC will look at all the funding and costs of all the projects. In the past there were projects that were funded by the IAOC. The discussion is going on. Bill believes there is a better solution needed than what we have right now. Kurtis: The IETF is heavily based on volunteer work. Volunteer effort is limited and not always reliable, due to lack of time. John Klensin: Regarding the secretariat transition, while I'm extremely pleased by the efficiency with which AMS and the support/advisory team recovered from problems, I'd like to be sure that: (1) We do enough analysis of what happened that we are much better prepared for any future transition, not just in terms of quality of software and operations, but in terms of transitional procedures, understanding what things need to be done and what is important, etc. And (2) We continue to work to be sure that IETF is setting a proper example for the community by following the kinds of good practices we recommend to others. As examples, we should certainly be willing to show people that the domain name system is more than two levels deep when additional levels can communicate useful information. We should make sure that any digital certificates associated with privacy or financial transactions belong to the IETF (or IASA) and not to third parties and that they are high-assurance certificates, not just indications that someone has a domain name and Whois record. And we should be careful about click-through links from web pages that lead into non-IETF domains, especially when potentially-sensitive data are involved. Kurtis: wants to discuss security related issues together with the IAD. He wants to have infrastructure in place to address unforeseen events. Russ: there are lessons learned and we are figuring out the architecture and documenting it. Kurtis: believes we have undergone a fairly smooth transition Eric Rescorla: suggests to consider stop meeting in the USA, because of visa issues. We need to get work done, and people just cannot get into the country. Kurtis: aware of that and we have been helping people in the past, Please contact Ray Pelletier if you have visa problems. Philip Hallam-Baker: suggests to add 802.1x to the IPv6 experiment next time Dave Crocker: agrees with Erik. Canada is a nice place with nice facilities. Reflecting on venue and city experience etc. He likes Philly, hotel is just right for the IETF. Thinks this is a nice city for a future meeting. People agree Spencer Dawkins: knows from more than 10 people who failed to get a visa to go to Philadelphia. IETF is providing multiple entry invitation letters, but that doesn't help with the authorities Joel: There are visa issues with a number of countries, incl. FR, CA, JP and US. It is going to be challenging anywhere for a number of people. There will always be people who will not be able to attend. To accommodate them we need to hold the meeting in a diversity of places and to recognise despite best efforts that there are people that will not be able to enter some countries. Rob Bonica: no matter where we meet there will be people having problems to get there. Best thing we can do is to make it easier to participate remotely. Spencer: this will also affect people's eligibility for the NomCom (you have to have attended the last three out of the last five IETF meetings) Jonne Soininen: One thing we are restricted by are the host offers. But yes, we are looking at that issue and yes, it seems there are places that make it more difficult to get to and maybe diversity is the right answer. Michael Richardson: through various reasons he was personally affected by the nomcom eligibility rules. Maybe we need to make a difference between becoming eligible the first time and staying eligible. Harald: We seem arguing in the absence of hard data. Would like to see name of country and numbers of people who reported that they got their visa refused. That would make it easier to discuss this. Kurtis: Ray has data from people who reported they could not get a visa. Dave Crocker: agrees, but there seems to the be the notion that the US is getting out of bound. Another point: Choosing a host can constrain a lot things (venue, schedule etc.) Moving from a host to a sponsor model might reduce that problem. Jonne: We are looking at what the best way to finance the meeting is. Big guy in green t-shirt (?): Agrees with Harald: wants to know how many people are affected by this. Believes we have decent data (see the countries pie chart Russ showed in his report). Can we not analyse this? Maybe take the host country out of the analysis, because they ususally provide the most participants. The nomcom is a lottery pick anyway. He doesn't believe the 3 out of 5 meeting rule disenfranchises anyone really. 12. IESG Q&A (IESG and Scott Bradner on stage) Randy Gellens: written a number of drafts that became STD track RFCs as individual submission. Two ADs said the IESG has a new policy in looking with a higher bar at STD track individual submissions. He is especially concerned that two independent implementations are required. Russ: that is certainly not a hard a rule. Randy Gellens: It is more of a general comment. It is certainly fair enough to have a good review in place. Lisa Dusseault: She also sheparded and authored individual submissions. And yes, we seem to use a higher bar and that bar is not specified anywhere. Randy: suggests to set up separate mailing list, so the discussion doesn't have to be on the ietf list Ross Callon: suggests the responsible ADs document what review has already took place before a document goes to the IESG. John Klensin: observation: if the IESG moves more in the direction that they have more trust in WG documents than in individual docs, then it must be ensured that the WG review is adequate (and at the moment that is not always the case). Please do not get into a situation that a WG review is worth more unless this review is really adequate. Regarding RFC 3777: Do we have a hypothesis that by forming a new WG and fixing the document we will get it right and complete this time? Scott: believes the document might actually be too complete. Being an optimist he believes it is worth trying to get the document right. Sam Hartman: is it a problem not to get to perfection? John: We don't review enough what is there which results in more patches. That makes documents too complex and inconsistent. Suggests that a new WG would look at the entire document and come up with a new shorter document instead of adding just another patch. Scott: agrees with that. The document does not contain a philosophy behind the existence of the confirming body instead of just check points. John: yes, agrees, clear principles should be stated in the new document. Ted Hardie: what looks to me like a pattern: has seen increasing number of cases in which IESG appears to move away from interoperability and move more into individual choices. Understands each and every rational. However, he is concerned with the trend indicated by the overall pattern. He talked to many of the IESG members about those individual decisions. It looks like the IESG is loosing sight of what its role is supposed to be. It doesn't let the community take part in the decisions. The IESG does not seem to trust the community to make the right decisions. The community doesn't get involved early enough. This is an early warning that this looks like you are loosing track in involving the community and that it looks like you are individually judging the output of that community. This will frustrate people and move activity out of the IETF. Cullen Jennings: takes this very seriously. Would like to get input from Ted and the community. Is referring to one particular issue: there is a difference between a conflict of interest where sponsor and employer has IPR as an IESG member as opposed to being a document author. Ted: happy to take that offline. This was not the main point. We cannot trust an IESG that makes decisions based on their own judgement without regard to the WG consensus. Sam: ultimately it has to be the community's output (with some small exceptions in case of major crisis). But the role of the IESG is to ask the community: are you sure about this, is this consensus, did you talk to other parts of the community etc. And then the AD must be convinced that yes, there is informed consensus. The IESG is really frightened of conflicts of interest. He tried to bring this topic up in the IESG, but the reactions were so strong that he did not feel comfortable with having this discussion. The IETF needs to discuss what conflict of interest means to the IETF. Spencer: thanks Sam for his work as Security AD. There was a BoF chaired by Pete Resnick which was very concerned about touching RFC 2026 at all. He would like to encourage the IESG to use mechanisms like process experiments, process amendments and to be more flexible at that. Bill Fenner: there is a problem for which I am partially responsible: getting the community aware of problems we have with the RFC errata process. Shall we set up a discussion group? Russ: the IESG has been figuring out it's own position. We expect to share our thoughts on this topic with the community in the next few weeks. Harald Alvestrand: thinks that Scott made the wrong decision. The nomcom should not have revealed the information. One cannot fix this problem by reopening the nomcom document. He also thinks the IAB was wrong to require this information to go into 2003. Suggests for next nomcom to make privacy expectations clear. Leslie Daigle: disagrees with some of what Harald was said. Olafur Gudmundsson: came across a problem that is caused by our success: shouldn't documents that are marked as obsolete be taken off the standards track? Russ: sometimes. There are a lot of implementations out there and some people are still using and referencing older versions (for instance IKEv1 and IKEv2) Olafur: the dnsop WG is also guilty in having many docs in proposed standard. He showed a slide that illustrates that: http://www.ietf.org/proceedings/08mar/slides/plenaryw-13.pdf Bernard Aboba: regarding the nomcom dispute: It is good that it was decided to get an arbiter. It was good to use that dispute resolution process. We seem to be trying to fix things by making more rules, but that doesn't seem to make things better. Maybe we should make a lot of the process documents historic ;-) Danny McPherson: believes that Scott got it right. Thinks that RFC 3777 is ambiguous regarding the confirming body and that it is not defined clearly. Randy Gellen: doesn't believe Ted was suggesting that the IESG would just rubber stamp. The IESG serves a valuable function in making sure that new protocols don't break the Internet. But yes, the perception is that the process is too arbitrary. We fixed the problem that the process was too long. But now we have the problem that people feel it is too risky to bring work to the IETF because things sometimes get held up for unclear reasons. Sam: if you want it done right, yes, bring work to the IETF. But never let the IETF be on your critical path when shipping products. And that is a feature of the organisation. Chris Newman: discussing this is an important part of the process Pasi Eronen: sometimes authors misinterpret the ADs comments. Maybe we need to write a draft on good practices for authors on how to read IESG review and how they should reply to it. Lars Eggert: a direct dialogue after a DISCUSS comment is often helpful Russ: this discussion has recently started on the IETF list. Looking forward for the continuation. 13. IPv4 Outage Experiment Real-time Results (Leslie Daigle) Lorenzo Coletti: so, we are using NAT in v6 now? Shall we fix this? Russ: there was a discussion in v6ops to make requirements for NAT-PT-2 Gregory Lebovitz: thanks those people who set up v6 on the google server Lorenzo: the IPv6 Internet is still broken. Please all operators, help us to fix that. Morgan Sackett: collected some stats during the experiment. Pushed a decent amount of traffic out to other IPv6 hosts. The number of reachable addresses: we talked to 754 different IP addresses Stuart Cheshire: at the begining of the developments of IPv6 he thought one of the big benefits was that it would make things simpler in the network and took away complexity. Now we seem to be wiggling away from that. He does not like to be dependent on DHCP server (and that was not the case at the beginning on IPv6). Mark Andrews: we need IPv6 glue in the DNS, otherwise it makes it very inefficient. |