THE CRUCIBLE INTERNET EDITION September, 1989 Volume 1 : Issue 2 (reprint) In this issue: - Explanation of THE CRUCIBLE moderation policy - Corrigendum to THE CRUCIBLE Volume 1, Issue 1 - Letters in response to THE CRUCIBLE Volume 1, Issue 1 - The Changing Nature of Managing the Internet THE CRUCIBLE is a moderated forum for the discussion of Internet issues. Contributions received by the moderator are stripped of all identifying headers and signatures and forwarded to a panel of referees. Materials approved for publication will appear in THE CRUCIBLE without attribution. This policy encourages consideration of ideas solely on their intrinsic merit, free from the influences of authorship, funding sources and organizational affiliations. THE INTERNET CRUCIBLE is an eleemosynary publication of Geoff Goodfellow. Mail contributions to: crucible@fernwood.mpk.ca.us ----------------------------------------------------------------------------- THE INTERNET CRUCIBLE MODERATION POLICY THE CRUCIBLE is a refereed periodical irregularly published on the Internet. All contributions and editorial comments to THE CRUCIBLE are reviewed and published without attribution. Each contribution is refereed by a range of networking experts from academia, research, and industry. As with refereed professional journals, the referees are responsible for ensuring that a contribution is credible. Even though one or more of the referees may not agree with the position taken by the authors of a contribution, the referees may still recommend that the contribution be published. If not, the referees make cogent suggestions as to how the contribution might be improved. Publication without attribution is a time-honored means for advancing positions solely on the basis of their content. Unlike professional journals that exist both to serve the community and contribute to the authors' reputations, THE CRUCIBLE exists solely to serve the community. THE CRUCIBLE moderator, a member of the network community since 1973, feels that the Internet is best served by fostering a forum in which ideas stand solely on their intrinsic merit, not on the standings of the authors advancing the ideas. In addition to providing a neutral forum in which to examine the ideas, publication with refereeing but without attribution provides a means for contributors to express ideas that may be controversial. It is an unfortunate but all too common situation that many organizations (commercial or research) naturally avoid association with controversial positions. Even if an author prepares a contribution on personal time and publishes it without affiliation, the author's employer, funding source, (and parts of the community) will most likely view the contribution as being associated with the author's organization. Thus, many potentially controversial contributions of merit are never submitted. THE CRUCIBLE, by publishing without attribution, prevents prejudice towards contributions on the basis of authors' standings or their affiliations, and encourages contributors to speak freely, without organizational entanglements or jeopardizing funding sources. THE CRUCIBLE relies on a wide cross-section of referees to filter contributions that are not of a meritorious nature. ----------------------------------------------------------------------------- CRUCIBLE Corrigendum The contributors of THE CRUCIBLE Volume 1, Issue 1, "A Critical Analysis of the Internet Management Situation: The Internet Lacks Governance" incorrectly referred to Mr. Robert Braden, IAB Executive Director as "Dr." The contributors regret the error. ----------------------------------------------------------------------------- LETTERS IN RESPONSE TO THE CRUCIBLE VOLUME 1, ISSUE 1 Sir: Who was the author of this article? The only name I noticed was Goodfellow, but he is listed as moderator. I have no objection to the views. Indeed they are sensible. But I do have objections to anonymous editorials. Yours etc., -------------- Sir: Good job. This showed up in my mailbox while I was trying to write something making many of the same points. You outdid me. Yours etc., -------------- Sir: Congratulations on a great article! While I disagree with some specific points you made, the vast majority of what you said is right on target, and badly needed to be said. (As a case in point, I've been unable to reach SRI-NIC.ARPA (aka NIC.DDN.MIL) for a week now, and I can't even get an email response from our beloved regional NSF net.) Yours etc., -------------- Sir: Fascinating article. Too bad the author did not have the guts to sign his/her name. My only nit-pick is to reply to this: > Meanwhile, the outside world goes on about developing economically viable > and efficient networking technology without the benefit of direct > participation on the part of the Internet. With "oh really? What?" Yours etc., [The contributors respond: At the beginning of the article we noted technologies such as PDNs, UUCP and CSNET dial-up networks. While these lack the glamor of IP-style networking on the extended Internet, they nonetheless are economically viable. One might argue that OSI is producing technology roughly comparable to the Internet suite, but there is very little technology transfer in this regard. Considering that OSI is standardized in The Open, we find it difficult to blame the OSI proponents for this lack of cross-over.] -------------- Sir: I dislike intensely receiving a controversial article by email when I cannot tell either who wrote the article, or to whom it was distributed. Yours etc., -------------- Sir: Good article. Many valid points were raised. I, like many others, suffer from the problems pointed out in this article. I see how things could be better and am frustrated when it takes so long for things to improve. It will be interesting to see what kind of responses you receive. Yours etc., -------------- Sir: You stated: > While everyone in the market says they want OSI, anyone > planning on getting any work done today buys Internet technology. We're getting work done today using OSI technology, on Intel's OpenNET network. It's got superior UNIX file-system semantics to either NFS or RFS. We'd like to go TCP/IP, since it's got more *real* standards, but we certainly don't plan to take a step backwards to do so. So, for us, the situation is the reverse... Yours etc., [The contributors respond: In limited, pilot and laboratory settings, OSI may provide solutions today that Internet technology does not. It has been our experience that this is the exception and not the rule. The OSI file service is called FTAM, not OpenNet. OpenNet, while based on the OSI transport service, is nonetheless a proprietary vendor solution as it has not been standardized in The Open. Presumably one could easily host OpenNet technology on top of TCP, and outside of the increase in performance, robustness, and throughput, you'd never notice the difference! All humor aside, it is important to distinguish between OSI standards and things resting on top of OSI standards. ] -------------- Sir: A friend forwarded Vol 1 No 1 of CRUCIBLE to me recently. I was feeling good about the text all through the preamble, saying to myself that this sounded like a useful contribution to an area that could benefit from "critical analysis" especially since you advertised that it was going to be refereed. However, almost none of the body of this article has merit. It is a rehash of uninformed flaming. Neither the article nor any of the missing refereed commentary shows any indication of knowledge of a great deal of hard work that has been going on for the last three or four years to design, promote and implement an improved national research and education network based on the strengths of the Internet. There is no reference to at least a half dozen major studies of the requirements for deployment of advanced technology in an upgraded research net. Nor even one word about two annual conferences on the need for a national net that were held in Washington in 88 and 89 that have helped develop the NREN plan and the necessary federal legislation to support it. I was particularly annoyed by the pernicious foolishness about competitive alternatives to the Internet. Is whoever is the author of this piece seriously proposing that the nation should fund TWO advanced networks on the theory that the costs will be lower overall after they compete with each other? Or do I have it wrong, and the worthy scholar of your piece doesn't care whether we use world class networking in our allegedly world class national research enterprise but just wants cheap reliable email? If so, we already have it in the form of BITNET which reaches millions of individuals worldwide for pennies a message and is 100% supported by member/user fees. I've spent almost all of my career in academia, some twenty-four years at last count. In that arena, if you have the courage of your convictions, you put your name on them. I don't see any excuse for unsigned articles in CRUCIBLE. This isn't an AIDS hotline we are talking about. I'd like to see CRUCIBLE succeed and have a positive influence on the shaping of public policy for the NREN that will be taking place over the next couple of years. But, candidly, you're off to a bad start. Yours etc., [The contributors respond: It is important to appreciate that the thrust of the contribution had nothing whatsoever to do with the NREN. It was neither a criticism of the NREN, and it was certainly not a covert appeal for funding an alternative to the NREN. The contribution was about the Internet. This is a network which is operational today, which many thousands of people depend on as a normal part of their work environment. While we applaud the hard work, studies, conferences, etc., that demonstrate the commitment to fund and implement the NREN, these are, quite bluntly, immaterial to the argument at hand. There is a notable exception however: if the NREN is to be based on Internet technology, then we hope that the NREN management learns from the lessons of the existing Internet and is sensitive to economic issues in the technology it uses. Recent history in numerous other industries demonstrates that, despite broad agendas and good intentions on the part of government, commercial forces are often vital to producing vibrant, useful services. The simple fact is that economic models work and others, such as the current Internet model, don't work. For example, there have been massive innovations in dial-up modem technology in recent years. This is solely because the users of dial-up modems, by and large, have to pay for the phone calls they make. If dial tone and connect time were free, we'd likely still be using 1200bps today! There is no correspondent accountability in Internet technology, and half-attempts to provide this, such as policy-based routing, are fraught with potentially disastrous performance side-effects. Finally, was this contribution really "a rehash of uninformed flaming"? Can anyone ever recall seeing the Internet structure being taken to task in a public forum? We think not. This is the first time anyone has ever bothered to fire a shot off the bow of the old boy's club that's been non-managing Internet technology for the last few years.] -------------- Sir: One minor quibble with an otherwise fine and level-headed document: This bug flies in the face of the Internet parable "be generous in what you accept and rigorous in what you send". Perhaps you meant to say "rule of thumb", or "proverb"? Yours etc., [The contributors respond: Quite right. We stand corrected.] -------------- Sir: All very well said and well put. I've just come back from a week on the West Coast trying to use the Internet for real work while I was away, and separate problems at BARRNET and JVNC/NEARNET made things literally unusable. By the time I yelled long enough at different people, things were fixed--by Friday, the end of the week. The balkanization of the Internet into regional nets has been like the breakup of AT&T, only worse (because of their isolation from economic pressures and because "service" doesn't matter.) Will there be a BOF on your topics here at INTEROP? Yours etc., [The contributors respond: No BOF is planned, but it would be interesting to have an open forum for a face-to-face meeting between the IAB, NSF regional network directors and an Internet constituency.] ----------------------------------------------------------------------------- The Changing Nature of Managing the Internet: A Paradox in Governance ABSTRACT The development of Internet technology was well-served by a directed agenda sponsored by the US Government. However, today's development of Internet technology is largely stagnant because the technology is providing useful service for many of the research and development communities needs. Although several developmental efforts are underway, seemingly not much progress is being made. The ill-defined distinction between Internet research, engineering, and development has led to additional confusion. The first issue of THE INTERNET CRUCIBLE dealt with Internet technical and accountability failures. This second issue is complementary in that it examines the paradoxes and failures inherent in the current Internet management structure. A new structure for Internet management is proposed. A Brief History of Internet Technical Management As a part of its charter in the 70's, DARPA (then known as ARPA) was responsible for funding high-risk, high-potential payoff research. DARPA's guiding rule was fairly simple: ideas were researched, proven, and then deployed. In order to advance DARPA's ambitious agenda in networking, the government recruited far-sighted individuals with an interest in networking, each with personal research agendas in networking and communications. The DARPA "program managers" then oversaw the technical direction taken by the researchers which produced, among other things, Internet technology. Research efforts in areas of networking continue to be funded and directed by program managers at DARPA and NSF independent of the existing Internet technology base. As Internet technology passed from idea, to research, to deployed technology, there were two side-effects: 1) Internet technology ceased to be high-risk research--it became engineering; and, 2) the networking agenda became less of a priority research item as it became developed, proven, operational technology. Several production internets now exist, providing useful service to their respective communities. Problems with Internet technology today are largely second-order problems, ones which are easily solvable by responsible engineering and modest evolutions in the technology. A cogent argument could be made that any networking "research" being done these days must be substantively distanced from current technology. Using this perhaps controversial definition of "research", topics such as OSI, Message Handling Systems and Directory Service applications, while important to production networks in the short- and medium-term, are "development" and not "research". This leads us to note that the nature of Internet technical direction has changed: it is now one of managing engineering disciplines, not one of managing research. It is not clear that the management structure used to guide the technical direction of Internet technology reflects this change. To be sure, there have been recent changes in the management structure (i.e., the recent IAB reorganization and the creation of the IRTF and IESG), but these changes appear to be superficial only--the old thinking, the old procedures, and most importantly, the old infrastructure, are all still in place. The model, we argue, continues to be based on the notion that Internet technology is still a research project. The Current Internet Management Structure Arguably the top-level management entity is the newly re-organized Internet Activities Board (IAB). The IAB consists of the chairs of two task forces (one responsible for engineering, the other for research), liaisons to other organizations, and administrative personnel. The IAB's current charter consists of managing the RFC and Internet standards process, managing the engineering and research task forces, performing strategic planning for the Internet, and providing liaison to other organizations. The IAB is a "closed" organization--its meetings are not open to the public, and neither agendas nor minutes are openly available. The Internet Engineering Task Force (IETF) of the IAB is chartered to solve short-term engineering problems in Internet technology. It is a open, voluntary organization with over 20 working groups. Unfortunately, the IETF has not been particularly successful in producing short-term solutions (e.g., it has taken the IETF well over a year to not yet produce RFCs for either a Point-To-Point Serial Line IP or Network Management enhancements). New to the IETF is the Internet Engineering Steering Group (IESG) which is tasked to govern the IETF. This too is a closed organization, serving at the pleasure of the chair of the IETF. The Internet Research Task Force (IRTF) is chartered to promote research in networking that will presumably lead to producing the technology the IETF will need. The IRTF also has a steering group, the IRSG. The IRTF consists of several "research groups" which, as of this writing, roughly correspond to the various research task forces found on the IAB prior to re-structuring. The IRTF is a closed organization. It should be noted that although the recent IAB reorganization changed some titles, the personnel and infrastructure are largely unchanged. The same relatively small closed community continues to make decisions. Paradoxes in the Current Internet Management Structure Consider three possible scenarios: Scenario 1: The IAB The IAB, by declaration, determines the direction of Internet technology, primarily through the form of managing the Internet standards process, and thus has a wide impact on uses and development of Internet technology in government, academia and industry, along with significant commercial impact. However, the IAB is, as noted earlier, a closed organization. Further, there is no disclosure of interests among the IAB membership. For the sake of argument, suppose one or more members of the IAB were employees of a commercial concern. Further, suppose that these commercial concerns were directly tied to Internet technology. For example, one of of these concerns might be a vendor of Internet technology, or another might be a supplier to such vendors. As such, the actions of these IAB members, who are also commercial employees, must be under careful scrutiny. Let us carry this hypothetical scenario a bit further: suppose the IAB were considering elevating a new protocol to some official standing. If parts of the vendor community (and in particular one of the commercial concerns sponsoring an IAB member) stood to benefit competitively or fiscally from such a decision, then this situation might well place the interests of those IAB members at cross-purposes with the interests of the Internet community as a whole, and the U.S. Government in particular. At the very least, the IAB membership and presumably the sponsors of that membership, have access to "inside information" which has significant commercial impact. To impress upon the reader that this is not a theoretical observation, it must be emphasized that this scenario is drawn on fact--it is disturbingly parallel to an actual incident which recently occurred. It is not, however, the purpose of this contribution to prejudge the motives of the individuals involved. Rather, we note that appearance of interests is at cross-purposes, regardless of the intent. Scenario 2: The IESG The newly-formed IESG, by declaration, develops technology for use in the Internet. The same hypothetical argument can be used here: the members of the IESG are each responsible for a particular area of Internet technology, e.g., network management. Again, if the person filling this role is employed by a commercial concern, then interests may be at cross-purposes. In particular, since theoretically the IESG deals with technology at a less mature stage, entire engineering approaches might be unduly advanced or hindered depending on potential market advantage or threat. Fortunately, the IETF is an open organization, as such interests at cross-purposes can be more readily identified. However, since the IETF takes its direction from the IESG, the engineering aspect of Internet technology remains subject to being directed by IESG members who could be at cross-purposes with the interests of the Internet community. Scenario 3: The IRSG The IRSG, by declaration, advances research into Internet technology. For the sake of argument, suppose that the IRSG proposes that particular areas of research be funded. Since the IRSG is a closed by- invitation-only organization, its membership is likely to appear to be acting in a self-interested fashion, since they receive early information about areas which might be funded, and are in a substantially advantaged position to write proposals for that funding. Although the IRSG might appear to be acting as an advisory board, an outsider might make the argument that the IRSG both directs the government in funding direction, and then makes proposals to take advantage of the advice given. Consider the effort to produce a White Pages service for the Internet (a service that, among other things, is used to obtain mailbox and other information about users in the network). In February of 1989 the Federal Research Internet Coordinating Committee (FRICC), an informal group of government program managers who fund portions of the Internet, tasked an ad hoc committee to produce a plan for a White Pages service in the Internet. Although the meeting was held in February, RFC1107, a report describing the outcome of the meeting was delayed until July. The reason was that the organization tasked with writing the report might also receive funds as a result of the report being implemented. A compromise of conscience was finally reached by significantly "watering down" the report so that it contained no concrete proposals, instead making a reference that "strong funding and encouragement" was needed. (Footnote: this post-meeting editing is not as sinister as it might seem--the meeting called was "politically" correct in the sense that it invited over 30 attendees each with a differing agenda. In essence, the two-day meeting rapidly devolved into scantily-clad turf wars rather than practical technical discussion.) In general, all the scenarios arise from a simple premise: people who give advice to the government should not profit from giving that advice unless the collection of those people is operating under a "balanced conflict of interest". It must be emphasized that the purpose of this contribution is NOT to suggest that the current structure is corrupt or unduly self-interested. Rather, our purpose is to demonstrate that the current structure is fraught with peril--unintentional effects, smacking of impropriety, may result from careless action or inaction. Further, it should be noted that we live in a world of "retroactive ethics"--actions are not judged by standards of ethics which existed when the actions took place, rather any action is judged by whatever standards of ethics are currently in place. Recent history indicates that any appearance of impropriety is effectively proof of that impropriety. Recommendations The early DARPA-sponsored work in networking, by separating program manager from researcher, was able to avoid these dilemmas. Unfortunately, Internet technology and the Internet are now larger than any single organization. What then, can be done to avoid this problem and still further Internet technology? This contribution suggests that Internet technology has matured to the point where it is time to provide management and guidance from a wide-cross section of users and providers. That is, while the seminal contributions of researchers made Internet technology possible, a different paradigm is necessary to manage today's Internet technology, which has effectively become an engineering and maintenance problem. This contribution suggests the formation of an Internet Policy Forum (IPF) appointed by the Federal Coordinating Council on Science, Engineering and Technology (FCCSET). The FCCSET is a formal body of the Federal Government chartered with getting the various agencies with large investments in information technology to coordinate with each other. The IPF charter, under the auspices of the FCCSET, would be to represent the users of Internet technology from all segments of society. Although the structure of the IPF would be largely similar to the current IAB, there are three fundamental differences: - the IPF would meet openly, with published agendas and minutes, - the membership of the IPF would primarily be representatives from the various communities which *use* Internet technology (e.g., some representatives would be from the Internet regional networks); and, - funding for the IPF membership would be solely from the sponsors of each member; as such, interests, and in particular research and commercial interests, of each member would be fully disclosed. It should be noted that each of these tenets circumvents weaknesses in the current IAB structure: - because the IPF would meet openly, it would be open to scrutiny >from a large, vibrant community. Under this model, the IPF would avoid any appearance of being "an old boy's club". - because the IPF membership would be drawn from the user and vendor communities, the members would be motivated towards solving problems in Internet technology. Some members of the IPF might be "industry experts" in Internet technology, others might be from the regional network management, and so on. A weakness in the current IAB structure is that the majority of its members are sponsored by a small group of concerns; if members are inclined to think about only those things they are funded to think about, then it is important to draw from a larger collection of concerns. IPF members would be, by definition, accountable for and responsible to, the users of the network. In contrast, it can be persuasively argued that the IAB membership is, by and large, not responsible to, nor do they provide representation for *any* operational community. Unlike the IAB, the IPF membership would have a stake in the continued success of Internet technology. - because the IPF membership would be required to fully disclose their interests, it would be possible to achieve a "balanced conflict of interest". Since it is naive to think that interests at cross-purposes do not exist, it is important to foster an environment in which such things are entirely above board. It should be noted that all professionals, be they sponsored directly by the U.S. Government, by government-sponsored research organizations, by academia, or by commercial concerns, all have self-interests. All such interests must be openly declared. The IPF itself would consist of two kinds of members: voting members who would set policy, and non-voting members who would provide liaison to other accredited organizations. The IPF would be responsible for managing the RFC process and the voting membership would be responsible for advancing standards in Internet technology. Unlike the IAB, there would be no task forces or steering groups under the IPF. However, one IPF position would be that of "Internet Technical Director". This position would be responsible for coordinating "development" of Internet technology. "Research" efforts in networking technology would be independent of the IPF. The existing IETF would be restructured to report to the Technical Manager under the name of "Internet Technical Directorate". Like the IETF, the ITD would be an open organization, although there would be no IESG. It should be noted that the coupling of IPF and ITD is different than the IAB/IETF relationship. In particular, the membership of both the IPF and the ITD would come from the same wide range of sponsors. As such, the ITD membership would be responsible for producing workable technology for the IPF, and the IPF would be responsible for providing effective direction to the ITD. This is entirely unlike the current IAB/IETF relationship in which there is little, if any, relationship between the membership of the two bodies. Realistically, the IETF has little accountability to the IAB, as evidenced by the lack of IETF progress in producing technical solutions to short-term problems over the last few years. Similarly, the IAB has little credibility with the IETF membership at large given the lack of IAB direction, and the somewhat inconsistent policy actions of the IAB (e.g., network management protocol standardization). Conclusions In retrospect, it should be noted that Internet technology and management have been relatively stagnant over the last three years. In particular, the Internet Management structure has been ineffective at solving problems. The first issue of THE INTERNET CRUCIBLE analyzed many of the technical and economic failures in this regard. While there are many possible causes for this stasis, it does seem likely that the continued orientation towards concentrating power in a small, inbred, cloistered community has been a significant factor in this regard. The recent re-organization of the IAB is little more than repackaging--no fundamental change in direction or motivation has occurred. This issue of THE INTERNET CRUCIBLE has argued that the existing management structure is the cause for many of the problems currently being seen on the Internet today. But, we have also seen how Internet technology has matured in the market and is providing useful service. It is now time to engage a broad community to openly guide Internet technology in its stable phase. -------