Carl Malamud: Internet Talk Radio. Asynchronous times demand asyn­chro­nous radio.

This is Geek of the Week. We’re here with Marshall T. Rose, the­o­rist, imple­menter, and agent provo­ca­teur, as he describes him­self. Marshall, wel­come to Geek of the Week.

Marshall T. Rose: Thank you very much, Carl.

Malamud: Marshall, you’re known for a vari­ety of things, but rather than start­ing with the sub­tle issues of pro­to­col imple­men­ta­tion let’s shoot a few ducks in a bar­rel. You’re prob­a­bly best known by some at least as the author of ISODE, the ISO devel­op­ment envi­ron­ment. And I guess that makes you the world’s lead­ing OSI imple­menter. Why do you like OSI so much?

Rose: [laughs] Well actu­al­ly I think we’re shoot­ing fish in a bar­rel, not ducks in a bar­rel. But prob­a­bly nei­ther is polit­i­cal­ly cor­rect these days. It’s true that back in 1986 Dwight Cass and I began a research project on imple­ment­ing OSI, pri­mar­i­ly over the OSI upper lay­ers, pri­mar­i­ly over TCP. And you know, that gave us a lot of expe­ri­ence in imple­ment­ing OSI.

At the time we start­ed, we were real­ly inter­est­ed to find out if the OSI stuff would work, and there cer­tain­ly appeared to be a lot of promise. Unfortunately, and I think his­to­ry will bear me out on this—or the market’s already shown us, that OSI per se has gen­er­al­ly been a bad idea. The con­cepts of vendor-independent com­put­er com­mu­ni­ca­tions we all like, but when it comes down to the actu­al details and the way these stan­dards are pro­duced, and the result­ing tech­ni­cal mer­it, it’s cer­tain­ly been less than ster­ling. And you know, now hav­ing imple­ment­ed a lot of OSI stuff in the 80s, in the 90s of course I’m one of the more out­spo­ken crit­ics of OSI. Which I imag­ine must dri­ve the OSI peo­ple bat­ty since I often under­stand the stan­dards bet­ter than they do.

Malamud: Well, hav­ing actu­al­ly imple­ment­ed the stan­dards can some­times give you that insight.

Rose: Well you know, cer­tain­ly one of the things which is the strength of the of the Internet process is the fact that we inter­twine stan­dard­iza­tion and imple­men­ta­tion expe­ri­ence. And you know, the way the cur­rent stan­dards track works now, going to pro­pose to draft to full, there is an increas­ing bur­den on the part of the pro­po­nents of a spec­i­fi­ca­tion to be able to demon­strate inde­pen­dent imple­men­ta­tion, inter­op­er­a­ble deploy­ment, and so on. So by the time you final­ly reach the ulti­mate goal of hav­ing a full Internet stan­dard, we have excel­lent con­fi­dence in the work­a­bil­i­ty and use­ful­ness of this tech­nol­o­gy. And clear­ly that’s some­thing which has been lack­ing from the OSI process.

Malamud: Well why is that? Why is some­thing so sim­ple as let’s get some code out there and see if it works” miss­ing from such a large-scale process?

Rose: Well, there’s the…there’s the polite answer and then there’s the accu­rate answer. The polite answer of course is that you know, by and large the ISO, the CCITT, the ITU, ANSI, the IEEE, have kin­da been over­tak­en by events. In the past you saw inter­na­tion­al and nation­al stan­dard­iza­tion of very well-defined tech­nolo­gies. For exam­ple, if you were going to build nuts and bolts, what the threads look like, and you know, with the prop­er spac­ing and height and grip and so on. And so you know, this is not rock­et sci­ence. It’s crit­i­cal­ly impor­tant to an engineer’s infra­struc­ture to have stan­dard­iza­tion of these things, but it’s not as if we are try­ing to some­how cod­i­fy the laws of physics.

Now in con­trast, you look at com­put­er com­mu­ni­ca­tions and what do you find? You know, this is extreme­ly com­pli­cat­ed stuff. None of it’s very obvi­ous. A lot of it is depress­ing­ly cut­ting edge. And yet you know, the mar­ket seems to feel that they need a stan­dard­ized prod­uct. And so in come the bod­ies which tra­di­tion­al­ly have done this in the inter­na­tion­al and nation­al are­nas, and they find out that they aren’t stan­dard­iz­ing exist­ing tech­nol­o­gy, which in the past has been exact­ly what they did and why they were suc­cess­ful. No, they are doing research con­cur­rent­ly with stan­dard­iza­tion, but some­how their mod­el for stan­dard­iza­tion nev­er made this par­a­digm shift to includ­ing this imple­men­ta­tion.

You know, it’s kind of like we could have the Congress of the United State pass a law with regards to time trav­el, but let’s face it you know, no one has a time trav­el machine so what’s the point of it? You can’t change phys­i­cal laws by mak­ing admin­is­tra­tive pol­i­cy. Why should you think you can stan­dard­ized com­pli­cat­ed tech­nol­o­gy with­out under­stand­ing it?

Malamud: Well some­one argued that if you try to under­stand it first you end up with a process which is not fair. And many peo­ple point to the ISO process, to the CCITT process, and they say, Well, we real­ly have to make stan­dards that are fair, that take into account all the views.” Do you think that is maybe the rea­son that ISO has been con­tin­u­ing to move along that track?

Rose: Well cer­tain­ly every dis­as­ter in his­to­ry has been very fair in penal­iz­ing the vic­tims, hasn’t it? No, you know, let’s be hon­est here. What we need to do is we need to pro­duce solu­tions for the mar­ket­place. And you know, hav­ing some kind of a process with…everyone is hap­py and gets apple juice and cook­ies and gets to express their region­al views and so on, may be very fine for inter­na­tion­al rela­tions, but frankly does not go one iota toward pro­duc­ing good tech­nol­o­gy.

You know, Marty Schoffstahl of PSI, a per­son I worked for and have a lot of respect for you know, one time he was giv­ing a talk on his thoughts of stan­dard­iza­tion. And he says, You know, I’m real­ly in favor of inter­na­tion­al agree­ments. But I also know that they don’t work all the time.” And so the audi­ence is try­ing to fig­ure out what Marty’s talk­ing about and he says you know, For exam­ple, there were inter­na­tion­al agree­ment in place but we still have some­thing like Polish cav­al­ry going up against the German army at the begin­ning of World War II.”

And what Marty’s point­ing out there is that there is a big dif­fer­ence between get­ting peo­ple togeth­er to sign a paper and agree that things are going to hap­pen a cer­tain way, and hav­ing some­thing in place which is actu­al­ly going to pro­duce work­able result. And you know, we have to keep in mind here that is an engi­neer­ing task, this is not a polit­i­cal task. And try­ing to solve engi­neer­ing prob­lems using polit­i­cal dis­ci­plines is bound to fail­ure. Because you sim­ply can­not com­pro­mise on what the val­ue of pi, or the grav­i­ta­tion­al con­stant are. I mean, how could a com­mit­tee decide these things? These are like, con­stants. You can’t com­pro­mise a con­stant. What’s the point?

Malamud: You could have pi 1, pi 2.

Rose: Well, and the…

Malamud: And then you can have pi pro­files.

Rose: And pi pro­files and then of course we could have var­i­ous nation­al char­ac­ter sets, and…I’m sor­ry that’s anoth­er tar­get we needn’t go into now.

Malamud: You know, some peo­ple look at that and they say, Well… That’s being unfair. There are cer­tain things that dif­fer­ent bod­ies do well.” And many peo­ple point to X.400 for exam­ple as one of the suc­cess sto­ries of the OSI process. Now, recent­ly there’s been an alter­na­tive set of stan­dards that have come out of the IETF known as MIME, Multimedia Messaging for the Internet. Could you com­pare those two? Do you think X.400 is going to con­tin­ue to gain steam or lose steam? And is MIME going to do some­thing there?

Rose: Well, you know cer­tain­ly of all the things OSI has pro­duced, one could point to X.400 as being the most suc­cess­ful. On the oth­er hand that’s kind of like say­ing that World War II was the suc­cess­ful con­clu­sion of the Great Depression. And what I mean by that of course is that yeah you know, it’s been adopt­ed more than the rest of this OSI stuff, but it’s still a com­plete dis­as­ter. You know, the tech­nol­o­gy you need to do store-and-forward mail is sur­pris­ing­ly sim­ple. And you know, it’s not rock­et sci­ence. There are some very basic archi­tec­tur­al prin­ci­ples, and you may have to have some bells and whis­tles from time to time, but this isn’t hard stuff.

What the X.400 peo­ple did is they start­ed with a mod­el which is fair­ly well-regarded, back in the ear­ly 80s. Took some tech­nol­o­gy which had been fair­ly proven. This is the stuff that came out of Xerox with regard to data rep­re­sen­ta­tion on the wire. And they built a mail sys­tem around it. And you know, one could kin­da argue about some of the choic­es they made, but basi­cal­ly it was kind of overkill for what you need­ed. There is just far too much com­pu­ta­tion­al com­plex­i­ty, to solve what is in the­o­ry a very sim­ple prob­lem.

Now unfor­tu­nate­ly, after the great suc­cess of 84, instead of revis­it­ing it and decid­ing how to make it sim­pler and more ubiq­ui­tous, they go on to the 88 ver­sion and they don’t even both­er to fig­ure out how to stan­dard­ize migra­to­ry or tran­si­tion paths between 84 and 88. It’s kind of like oh, let’s just do this thing in 88 and we’ll for­get about the past whether it was good or bad.

Now, what the MIME approach does in con­trast, is the MIME says, Let us assume that we have an exist­ing elec­tron­ic mail infra­struc­ture. And now we are going to fig­ure out the min­i­mal­ist set of changes which we can add on top of that so as not to per­turb the exist­ing infra­struc­ture, but still add these fea­tures to indi­vid­ual end­points that want them.”

So if you look at the MIME spec, you notice there’s some rules which real­ly seem rather obscure. You know, do not do the fol­low­ing thing” And then there’s be a lit­tle note say­ing, The rea­son this rule here is because we found in prac­tice there is some mail soft­ware which behaves poor­ly under the fol­low­ing con­di­tions, and we want to make sure that when you write MIME soft­ware you don’t exer­cise those prob­lems.”

Now you could say, Well, you know, this shouldn’t be the point of a…a stan­dard shouldn’t have stuff like that in it. We should just assume that every­thing works well and peo­ple are going to faith­ful­ly imple­ment this stuff.” But you know, again, in the real world we see that’s not the case, and the peo­ple who did MIME were very very care­ful to make sure that the stuff they did would fit on top of and not exac­er­bate exist­ing prob­lems. Whereas you com­pare that to X.400, there’s this kind of a blan­ket assump­tion that some­day every­thing will be X.400 and we won’t have to wor­ry about exist­ing mail sys­tems or what the effect we’re going have.

And of course the result of that is that we see now a lot of X.400-to-such-and-such gate­ways, and those gate­ways real­ly don’t work very well because the fea­ture match between X.400 and say the LAN mail sys­tem that they’re gateway-ing to is a very poor match. The map­pings are impre­cise. You know, basi­cal­ly the address­es are just hope­less­ly inde­ci­pher­able. And it’s a big mess.

Malamud: Well there you have it.


Malamud: You’re lis­ten­ing to Geek of the Week. Support for this pro­gram is pro­vid­ed by O’Reilly & Associates, rec­og­nized world­wide for defin­i­tive books on the Internet, Unix, the X Windows System, and oth­er tech­ni­cal top­ics.

Additional sup­port for Geek of the Week comes from Sun Microsystems. Sun, the net­work is the com­put­er.


[Incidental Tourist seg­ment omit­ted]

This is Carl Malamud, the acci­den­tal ter­ror­ist, for Internet Talk Radio.

Internet Talk Radio, flame of the Internet.


Malamud: Let’s turn our atten­tion instead to net­work man­age­ment. You’re one of the lead­ing lights in SNMP, and you recent­ly with three of your col­leagues authored SNMP ver­sion 2. Now, that was not with­out some controversy—In fact one of your crit­ics described SNMP as a dog with fleas” and expressed the hope that it would be a dead dog with fleas. Do we real­ly need a sec­ond ver­sion? Don’t we have good enough net­work man­age­ment soft­ware today?

Rose: Well, I guess there are real­ly a cou­ple of issues there. Let’s have a lit­tle bit of his­tor­i­cal con­text and then I’ll kind of get your ques­tion. SNMP ver­sion 1 was devel­oped basi­cal­ly in 1987 and came out of some work that was done by four engi­neers, one of which was a ven­dor and three of which had kind of like, net­work man­age­ment oper­a­tional respon­si­bil­i­ties. And so it was kind of a very focused…the orig­i­nal technology’s are very focused on pri­mar­i­ly mon­i­tor­ing gate­ways. And it became clear that we need­ed to evolve net­work man­age­ment into not only mon­i­tor­ing but con­trol, and not only gate­ways but all kinds of devices. And so SNMP ver­sion one was kind of like the evo­lu­tion from this orig­i­nal tech­nol­o­gy done by these four engi­neers where they had a very crisp, focus on what they want to do to kind of like try­ing to solve or pro­vide a basis for a solu­tion to a larg­er prob­lem.

Now, SNMP has a num­ber of real­ly get things going for it. However you know, as you imple­ment things and see oth­er peo­ple imple­ment them and man­age real net­works, and you know, just gain expe­ri­ence, you find things that you could’ve done bet­ter… You know, when the same ques­tions keep com­ing up or the same request for fea­tures enhancement’s com­ing up, you begin to think maybe we shouldn’t have left that out of the orig­i­nal spec. And so you know, four years after v1 was stan­dard­ized, there was a call for pro­pos­als from the IESG say­ing, We’d like evolve SNMP. And the way we’re going to do this is we’re going to ask inter­est­ed par­ties to sub­mit pro­pos­als which meet the fol­low­ing list of cri­te­ria.”

And there were I don’t know, about half a dozen cri­te­ria, of which two of the most impor­tant were you had to spend a lot of time wor­ry­ing about coex­is­tence with the installed base because net­work man­age­ment on the Internet is a 7 by 24 per­va­sive thing. And also that you couldn’t offer a pro­pri­etary solu­tion. It was some­thing that was going to ulti­mate­ly be stan­dard­ized by a work­ing group at the IETF.

This call came out in March of 1992. Now, sev­er­al months went by and final­ly one pro­pos­al is put forth by myself, Jeff Case, Keith McCloghrie, and Steve Waldbusser. And this was called SMP, or the Simple Management Protocol, and basi­cal­ly this was our pro­pos­al.

There was a meet­ing held at the July 1992 IETF ple­nary, which about 200 peo­ple showed up. We explained what our pro­pos­al was. And there was near unanimous—and I’m not exag­ger­at­ing here, vir­tu­al­ly every­one in the room at the end that meet­ing decid­ed that they want­ed to go for­ward with SNMP v2. They want­ed v2 to be the work on SNMP secu­ri­ty plus this pro­pos­al. And that they want­ed a work­ing group formed and they want­ed this thing tak­en care of by year’s end. The crit­i­cal thing is we do not want to get our­selves involved in more than one tran­si­tion, you know. Not a tran­si­tion from v1 to secu­ri­ty, and then secu­ri­ty to v2; or v1 to SMP, and then SMP to some­thing else. One tran­si­tion, v1 to v2.

So a work­ing was formed, and com­ments were solicit­ed. Now, in between the time that there was this meet­ing in July and the work­ing group for­ma­tion, the area direc­tor encour­aged any­one with pro­pos­als to put them forth so they could also be con­sid­ered. Well, three months goes by…no oth­er pro­pos­als show up.

Malamud: Is that enough time to put a pro­pos­al togeth­er?

Rose: Well you know, the orig­i­nal call came out in March. Now, one would imag­ine that if some­one real­ly cared about this, one could put a pro­pos­al togeth­er in a six-month peri­od; so basi­cal­ly going from March to September. The fact that there weren’t any pro­pos­als tells me either A, peo­ple thought that the exist­ing pro­pos­al was good enough; B, they didn’t care about; or C, they just didn’t want to do the work. And you know, I guess the only kind of peo­ple I would com­plain about are the ones who fall into C, where they don’t want to do the work to put the pro­pos­al togeth­er.

So the work­ing group meets. And you know, there are a lot of dis­cus­sion, and I’ll tell you quite frankly the qual­i­ty of the doc­u­ments has improved as a result of the work­ing group exam­in­ing and revis­ing the doc­u­ments.

The prob­lem of course is that for every real good improve­ment we had, there were many sug­ges­tions and argu­ments about things which basi­cal­ly were either tech­ni­cal­ly out of scope of the SNMP v2 char­ter, or unfor­tu­nate­ly were kind of like issues which real­ly hadn’t been thought out all that well.

And this is an area where I kin­da get a black eye because I am famous for my lack of tol­er­ance of non­sense. And what I mean by that is that you know, peo­ple ask­ing ques­tions I can deal with. When some­one brings up an issue which had been dis­cussed and hand­i­ly dis­missed in the past, they’d bet­ter have some new points when they bring up that issue because I real­ly do not like rehash­ing the same argu­ments over and over again. It’s kind of like, if you’re stand­ing on the deck of the Titanic and you see the ice­berg, you have two choic­es: you jump off the port side of the ship, or the star­board side of the ship. You don’t stand there in the mid­dle of the bow plane decid­ing which foot you want to lead off with when you jump, it’s time to jump. And once you’ve jumped, you can’t say, Oh no, I’m jump­ing in the wrong direc­tion,” you have to go over­board.

And so, when an issue has been thor­ough­ly dis­cussed, as sev­er­al of these had in the past, to have them be brought up again in the course of this, with­out any new facts being brought to light you know, just absolute­ly infu­ri­ates me. And so I tend to lose my tem­per and let peo­ple know what I think of them and then that makes Marshall the ogre of the Internet, for which all I can say is well you know, you know what caus­es me to be an ogre; per­haps you should try not to exhib­it that behav­ior which basi­cal­ly caus­es that kind of a result.

Malamud: But isn’t that the job of a work­ing group, to make sure these issues are prop­er­ly hashed out?

Rose: Well you know, you’d think that, wouldn’t you? But you know, on the oth­er hand how many times do you have to hash out the same issue? I don’t have any prob­lems with some­one say­ing, We’ve dis­cussed Topic A the past, and there’ve been argu­ments in both direc­tions. But here is some­thing new which we haven’t con­sid­ered. We real­ly need to reopen A.”

The prob­lem is that nev­er hap­pened. What hap­pens is, I want to talk about Topic A again. Here’s my pro­pos­al.” And instead of going through and mak­ing sure that the old argu­ments have been dealt with, that any new infor­ma­tion has been brought, it’s kin­da like there’s zero mem­o­ry on the part of the work­ing group. That this thing has nev­er been dis­cussed in the past and there­fore it’s fair game, when in point of fact the two or three top­ics which got to this lev­el which we call tar baby sta­tus,” are things which have lit­er­al­ly been dis­cussed for the last four years, every six months, and every six months they go down in flames.

Malamud: What’s an exam­ple of one of those issues?

Rose: Well, the typ­i­cal exam­ple is is the argu­ment as to whether row cre­ation, or more prop­er­ly row manip­u­la­tion in SNMP is an arti­fact of pro­to­col oper­a­tion or MIB design. Now, that’s a very com­pli­cat­ed way of express­ing the fol­low­ing con­cept: A lot of times you have man­age­ment infor­ma­tion of which there are mul­ti­ple instances, so like, mul­ti­ple rows in the rout­ing table, each con­sists of a rout­ing entry. One of the things you have to do in SNMP is have the abil­i­ty to iden­ti­fy a par­tic­u­lar row, and then per­haps you want to cre­ate a new rout­ing entry, or you want to mod­i­fy an exist­ing one, or you want to delete it. Well, mod­i­fy­ing things which are already exist­ing is a fair­ly straight­for­ward thing. Also with delet­ing them.

The ques­tion comes about, how do you go about cre­at­ing a new row, say in the rout­ing table or some­thing like this, and do it in such a way that you don’t col­lide with oth­er man­agers which also might be con­trol­ling the router, and make sure that you have all the infor­ma­tion in that entry in the rout­ing table before the router starts to use it. Because you may not be able to fit all of the infor­ma­tion you need in one pack­et, in just one trans­ac­tion to make it hap­pen. You may have to do a lit­tle nego­ti­a­tion over the cre­ation.

And so there’s always been kind of this ques­tion, or at least this ques­tion comes up every six months is, Well, do you have a spe­cial pro­to­col oper­a­tion called cre­ate row,’ or when you design the rout­ing table do you define the seman­tics of how row cre­ation occurs?” And you know, you can argue it either way. The prob­lem is that if you look at all of the con­flict­ing require­ments you have, you find out that the pro­to­col solu­tion sim­ply will not work. There are just some cas­es it can’t solve, where­as the solu­tion by MIB design or defin­ing the seman­tics of the rout­ing table can meet all of those require­ments although at times it may be a lit­tle ugly or a lit­tle hairy. But at least you can solve the prob­lem. And again, in a lot of cas­es you’d have to go for a 100% solu­tion.

So this top­ic came up in November. And you know, I just absolute­ly hit the roof. Because this top­ic has lit­er­al­ly been dis­cussed on a six-month repeat­ing sched­ule since 1988. And unfor­tu­nate­ly the peo­ple who put forth the pro­pos­al did not put forth a pro­pos­al that had been entire­ly thought through, did not deal with the argu­ments which had been brought up in the past time and time again. And so basi­cal­ly it’s kin­da like, Oh well, here, we wrote this up. Put it in the stan­dard.” And I’m sor­ry, wait, did you real­ize there are all these prob­lems and like, you can’t solve it using the approach you’re using? Do you real­ize we’ve dis­cussed all this stuff in the past? Why are you doing this now? And so then there’s this huge fight, and instead of han­dling it in the absolute most diplo­mat­ic way, some­times I regret­tably just explain to peo­ple that their think­ing isn’t entire­ly as clear as it ought to be.


Malamud: This is Geek of the Week, fea­tur­ing inter­views with promi­nent mem­bers of the tech­ni­cal com­mu­ni­ty. Geek of the week is brought to you by Sun Microsystems and by O’Reilly & Associates.

[Book Bite seg­ment omit­ted]

Internet Talk Radio, town crier to the glob­al vil­lage.


Malamud: You and three of your col­leagues went off and invent­ed SNMP ver­sion 2. And you did it in a back­room. You didn’t do it in pub­lic. You didn’t do it in a work­ing group. And that was kind of unfair, because you had a head start over every­body else. And that you were rush­ing the process to much. Do you think we need to slow that process down, or involve more peo­ple in the design of these things?

Rose: Well to begin with, keep in mind that the four of us did exact­ly what we were asked to do by the IESG. Which was to go off, form a design team and do this.

Malamud: Well you had already start­ed when that call for pro­pos­als came out, hadn’t you?

Rose: Well, I could argue that I had start­ed back in 1988 when had fin­ished SNMP ver­sion 1 as chair of that work­ing group and was mak­ing my list of things to fix or things I couldn’t get in ver­sion 1 that I want­ed in ver­sion 2. So I mean, in a sense if you’re say­ing you had already start­ed,” sure, and I would imag­ine any­one involved with ver­sion 1 had already start­ed the day after ver­sion 1 got stan­dard­ized.

But you know, let’s keep in mind here that the a call for pro­pos­als went out, any­one was per­fect­ly free to form their own design team and do this. But the only peo­ple who basi­cal­ly com­mit­ted every free sec­onds of their time, from March until July, were the four of us and we did the work.

Now, is that unfair? You know, there are a lot of peo­ple who kin­da com­plained that Marshall, or maybe Marshall and Jeff Case kin­da have a stran­gle­hold on net­work man­age­ment, that we’re prof­i­teers, or rob­ber barons or some­thing like that. And I must admit I do like being com­pared to a rob­ber baron. There’s a lot of kind of old 19th cen­tu­ry romance asso­ci­at­ed with peo­ple who owned rail­roads con­trolled mil­lions of lives.

Malamud: Although you’re build­ing one, not own­ing one but that’s okay.

Rose: Yeah. Regrettably it’s also not a very fac­tu­al descrip­tion of me. Except of course I do kin­da fit the phys­i­cal car­i­ca­ture but we won’t got into that for now. But I have to learn smoke cig­ars of course, and appre­ci­ate fine brandies.

Be that as it may, you know, the only rea­son that Jeff and I exert so much con­trol in the world of SNMP is that Jeff and I, and also Keith and Steve, we sim­ply put in more hours than any­one else. This is an entire­ly demo­c­ra­t­ic process. Someone wants to com­pete head to head with Marshall Rose or Jeff Case or Keith McCloghrie or Steve Waldbusser, here’s how you do it. You sim­ply match us in qual­i­ty and quan­ti­ty of hours. You do that and you’ll be on an equal foot­ing with us. But unless you’re will­ing to make the invest­ment of time and oth­er resources you know, you should expect to lose argu­ments.

And a lot of these things in the work­ing group, you know, peo­ple brought up pro­pos­al which we had thought of our­selves, and done an analy­sis of, and then fig­ured out one rea­son or anoth­er why it wouldn’t work. And then they’re sur­prised why we’re against it and why we have all these argu­ments tailor-made as to why their pro­posed will fail. Well gee guys, we thought of that six months ago and decid­ed we couldn’t make it hap­pen. So in a sense this is real­ly kind of an [?] thing.

Now, you know I should point out of course that the four of us do have an advan­tage because we do spend all this work. And that’s our choice, and cer­tain­ly peo­ple can com­pete with us. Similar you know, Jeff Case in addi­tion to being at the University of Tennessee at Knoxville, he is also pres­i­dent of SNMP research, and he sells SNMP prod­ucts for prof­it. You know, I have a book called The Simple Book, which is about SNMP. And I’m cur­rent­ly work­ing on the sec­ond edi­tion. And cer­tain­ly it’s very much in my finan­cial inter­est to have this SNMP v2 stuff fin­ished so I can get the book on the shelves and make anoth­er killing.

On the oth­er hand I’ll also point out that there are eas­i­ly two dozen ven­dors par­tic­i­pat­ing in the SNMP v2 effort who basi­cal­ly have not done a lick of work in the work­ing group towards adding to the qual­i­ty of the SNMP v2 pro­pos­al. And yet because they’re going to make a ton of mon­ey when they sell SNMP v2 prod­ucts. And they’re of course inter­est­ed in hav­ing this stuff come out as fast as it can as well.

But no. I mean you know, sure of course I have an inter­est in this stuff. And in fact I’ll go so far as to say that the peo­ple in the process I dis­trust the most are the ones who don’t have any appar­ent inter­est. Because what’s it for them whether this stuff is good or bad, whether this stuff gets advanced in a time­ly fash­ion or not? Those are the peo­ple I real­ly wor­ry about, you know.

Malamud: What if they rep­re­sent anoth­er seg­ment, anoth­er group, anoth­er coun­try, anoth­er pro­to­col, reli­gion? Shouldn’t they be in that, or do you think you should just deploy the tech­nol­o­gy as quick­ly as pos­si­ble?

Rose: Well I don’t know. I mean, you know, there’s… You can only stan­dard­ize and be suc­cess­ful on tech­nol­o­gy which works and peo­ple will­ing to build prod­ucts to. Certainly we have tried to meet as many of the industry’s require­ments as we can in pro­duc­ing SNMP v2. And there are some require­ments where basi­cal­ly we just had to say, Sorry, you can’t have that.” And in cas­es like that, basi­cal­ly it comes down to adding that par­tic­u­lar fea­ture would have a detri­men­tal effect on the over­all oper­a­tion of the sys­tem. And this is an engi­neer­ing trade-off and you have to decide whether you want to make things run, or whether you want to make sure that every­one has their apple juice and cook­ies at the end of the day. And I’m sor­ry you know, we’re here to make the trains run, we’re not here to hand out apple juice and cook­ies.

Malamud: Well I can think of anoth­er instance where a sim­i­lar deci­sion was faced by the IAB. And they were look­ing at the rout­ing and address­ing cri­sis, and they said, We’ve got a train to run,” and they decid­ed at least on a direc­tion for IP ver­sion 7. And the com­mu­ni­ty didn’t react near­ly as favor­able. What is the dif­fer­ence between push­ing SNMP v2 out because it needs to be done, and push­ing let’s say a con­nec­tion­less net­work ser­vice out as IPv7?

Rose: Well, the thing to keep in mind is that the SNMP v2 effort did not get it push until the July meet­ing of the IETF in Cambridge when there was— You know, one of the meet­ings, the ple­nary where over 200 peo­ple showed up, heard the the pro­pos­al, and then as a body they said, Do this. Do this now. Make it hap­pen. Let go.”

Now, from my per­spec­tive, when you have 200 peo­ple will­ing to show up at an IETF meet­ing and sit in the same room and lis­ten for three hours to a pro­pos­al, and then after some ques­tions and answers basi­cal­ly have vir­tu­al­ly every­one in the room point to exact­ly the same goal, that a man­date.

In the case of the IPv7 thing, the prob­lem we have is that every­one agrees there’s a prob­lem. We dis­agree as to the extent of the prob­lem, whether it is a clear dan­ger or a present dan­ger. And we cer­tain­ly dis­agree on what the solu­tions are. So there is no clear man­date. And so for the IAB or any­body to say, Okay, this is what we’re going to do,” with­out hav­ing that man­date they cer­tain­ly open them­selves up to just being in a tremen­dous pres­sure cook­er. And that’s where they found them­selves.

Malamud: Now, the result of that pres­sure cook­er was an effort called POISED, which exam­ined how we gov­ern our­selves in the IETF.

Rose: Mm hm.

Malamud: What what’s your feel­ing on what’s hap­pened with the POISED efforts? You were one of the authors of the com­pro­mise pro­pos­al at the IETF where it was decid­ed to have a ran­dom selec­tion com­mit­tee and then a change in the roles of the IAB and IESG. Have we fixed things? Are we ready to set­tle down and get back to work?

Rose: Well the POISED… The out­come of POISED was to try and intro­duce a lev­el of account­abil­i­ty into the selec­tion process, and basi­cal­ly an advice and con­sent kin­da role between the rank and file and the man­age­ment struc­ture. And what we came out of that basi­cal­ly, a pool of vol­un­teers ran­dom­ly select­ed to make rec­om­men­da­tions which then the man­age­ment struc­ture can approve or deny prob­a­bly is the best com­pro­mise that [?] work. And I think in the long term it’s prob­lem going to serve us very well.

I think what we’re going to end up see­ing is more…more new blood com­ing into the sys­tem at a time when we real­ly start to need it. You know, one of the prob­lems we had with the old sys­tem is kind of being self-selecting. While the qual­i­ty of the indi­vid­u­als was good, we just didn’t have a way of groom­ing our junior peo­ple into becom­ing senior peo­ple. And what my hope is now is that we’re going to start get­ting some of the peo­ple who are work­ing group chairs are going to start becom­ing area direc­tors. People who are area direc­tors are either going to move on to the IAB or per­haps into some oth­er posi­tion. And new work­ing group chairs will come in.

So we’ll kind of like, start to build up more of a col­lec­tion of peo­ple who have Internet man­age­ment expe­ri­ence. And I think we have to start doing this because a lot of the peo­ple we have now in the senior posi­tions are, you know, for bet­ter or worse near­ing retire­ment, and they just don’t quite have the ener­gy that they used to.

And you know, fur­ther­more you have to keep in mind that as we’re ever expand­ing and grow­ing we have new con­stituen­cies. We need to pro­vide an out­let so those new con­stituen­cies feel that they have ade­quate rep­re­sen­ta­tion and so on, and that their views are known.

Now hav­ing said all that, there are some things that we absolute­ly must avoid. The thing which which we must avoid is any con­cept of par­tic­i­pa­tion via affil­i­a­tion. That is, Oh, I’m the rep­re­sen­ta­tive from Company XYX.” Or, I rep­re­sent the Scandinavian por­tion of the Internet,” or some­thing like that.

Malamud: But these are the peo­ple that are often pay­ing to send these peo­ple to the com­mit­tees. And so IBM pays IBM employ­ees. Shouldn’t IBM as a cor­po­ra­tion have a voice?

Rose: No, absolute­ly not. In fact I’d argue that no cor­po­ra­tion, nor any orga­ni­za­tion, have a voice as a part of of their cor­po­rate enti­ty or iden­ti­ty. No, that’s just wrong. I mean, if you do that you will imme­di­ate­ly find your­self devolv­ing into the ISO/ANSI/OIW way of doing things, which would just be absolute dis­as­ter. Companies which send peo­ple to the IETF do so because they have a finan­cial rea­son for hav­ing peo­ple there. Sometimes they have peo­ple there for edu­ca­tion pur­pos­es. Sometimes they have peo­ple there to push an agen­da. Sometimes they have peo­ple there because they view it as a mat­ter com­mu­ni­ty ser­vice. And cer­tain­ly it’s this lat­ter aspect which I would like to encour­age. I would like to encour­age peo­ple to kind of view their par­tic­i­pa­tion in the IETF as a mat­ter com­mu­ni­ty ser­vice. You know, the fact that you shouldn’t view being on the IESG or the IAB as a reward, you should rather review it as two years of com­mu­ni­ty ser­vice, not unlike many coun­tries which require all able-bodied adults to serve in the mil­i­tary from time to time as a reservist or on stand­by or some­thing like that. We need to view these man­age­ment posi­tions the same way, and we cer­tain­ly shouldn’t view it as well—you know, I’m from cor­po­ra­tion XYZ.

Malamud: Don’t touch that mouse. Internet Talk Radio will be right back.


Our acronym du jour is P2C2E. And, if you know that one, how about the ever-popular M2C2D?

Internet Talk Radio. All mate­r­i­al con­tained in this file is copy­right 1993 by Internet Talk Radio. You may copy these files con­tained and change the encod­ing for­mat, but may not alter the con­tent or resell the pro­grams. You can send us mail to mail@​radio.​com.

Our acronym of the day is the famous P2C2E, a process to com­pli­cat­ed to explain. This gem comes from Salman Rushdie’s clas­sic fairy tale Haroun and the Sea of Stories. P2C2Es of course run on M2C2Ds, machines too com­pli­cat­ed to describe.


Malamud: So you think any­one ought to be able to just attend the IETF, just walk in off the street.

Rose: Well, tra­di­tion­al­ly the rank and file has been the strength of the IETF. If you look for exam­ple in the area of resource dis­cov­ery, you will find that over the last two years there have been six sep­a­rate efforts start­ed across the globe look­ing at dif­fer­ent aspects of resource dis­cov­ery, and none of these came out of any grand direc­tive from on high that we need to do work in this area. Rather there just hap­pened to—you know, there hap­pened to be peo­ple in com­mu­ni­ties who observed there was a need and decid­ed to have to apply a lit­tle elbow grease to that and and came up with some good results. And so you know, cer­tain­ly that’s always been the strength of the IETF and we need to pre­serve that.

Malamud: I’m hear­ing two things here. One is we want to encour­age new blood to come in. And the oth­er is it’s hard to get work done because of so many peo­ple in some of these work­ing group meet­ings. Are these two con­flict­ing goals here? Is there a way to solve those?

Rose: Well, it’s cer­tain­ly quite a conun­drum. On the oth­er hand, if you look at the SNMP v1 expe­ri­ence, it was fair­ly hard to get things done but we all real­ized there is just such a press­ing need, back in 87 and 88, that we pulled togeth­er and put aside dif­fer­ences and made it hap­pen. There’s one sto­ry I real­ly like to tell which kin­da goes back to this ven­dor thing, so humor me for a moment.

We were dis­cussing some­thing in one of the SNMP com­mit­tees, and a per­son there who hap­pens to work for ven­dor says, You know, if you include this fea­ture, can’t I can imple­ment that on my box. The box is just not built in such a way that I can get at that infor­ma­tion. But this would be a very use­ful, per­haps even crit­i­cal thing to have for man­ag­ing box­es like this. So I think we should keep this in even though I’m going to take a hit on it per­son­al­ly in the com­pa­ny for let­ting this hap­pen.”

Now here’s an exam­ple of a guy who, even though he knows that as his bet­ter com­pa­ny is not going to do it par­tic­u­lar­ly well on this point, he still under­stands that the com­mu­ni­ty will be great­ly enhanced by hav­ing this in the stan­dard. And so you know, the ven­dor hat, if it was ever there comes off, and the guy says, Well you know, I’m gonna be tak­en to the wood­shed over this, but let’s do it.”

And you know, this kind of exchange hap­pened per­haps a dozen times over the course of that work­ing group meet­ing. Because peo­ple real­ly had a sense of com­mu­ni­ty spir­it. And so as we grow, we need to some­how make sure that peo­ple appre­ci­ate that there is this greater sense of com­mu­ni­ty.

Now, some­times this just doesn’t hap­pen. After SNMP was stan­dard­ized, there was a work­ing group that was formed to devel­op some def­i­n­i­tions of some addi­tion­al man­age­ment objects. And Craig Partridge had the great mis­for­tune of being select­ed as chair. And he did his best to try and get the group to come to con­sen­sus. And over the course of a year, he sim­ply could not get that group to get any kind of con­sen­sus posi­tion at all.

And you know, Craig’s a good guy. He’s bright. He’s inno­v­a­tive. He’s very well mean­ing. And he just sim­ply could not get results. It was just polit­i­cal­ly unten­able. And you know, final­ly he had to give up and they had to take some oth­er approach towards get­ting these def­i­n­i­tions out. And you know, this was a real­ly unfor­tu­nate thing where they were unable in that work­ing group to have that sense of com­mu­ni­ty come togeth­er.

Now, since that time we’ve we’ve tried to fix the par­tic­u­lar prob­lems which Craig encoun­tered and we’ve had mixed suc­cess, but it is just a con­stant prob­lem, is we serve a larg­er com­mu­ni­ty, there are diverse inter­ests, and yet not every­one else is will­ing to real­ize that their own fief­dom in the Internet is not the only fief­dom there and it’s not the whole Internet, and that they have to give some.

Malamud: Speaking of com­mu­ni­ty, we’re begin­ning to look at a tru­ly glob­al Internet. The con­tri­bu­tions from out­side the US have long been very sig­nif­i­cant, and one can argue are some of the most vital work going on in the Internet. How is the IETF going to steal from, or the Internet standards-making process if you will, scale from a US-centric process into a tru­ly glob­al one?

Rose: Well, that’s… that’s hard. I think that what we need… One of the things which we’ve done fair­ly well and at and which we need to keep work­ing at is mak­ing sure that the vast major­i­ty of all IETF com­mu­ni­ca­tions occur via elec­tron­ic mail—

Malamud: That’s a nov­el thought.

Rose: Novel though, yes. Well, it hap­pens most today. —rather than these in-person meet­ings. And although these in-person meet­ings are nec­es­sary and often essen­tial per­haps for ham­mer­ing out some things, we real­ly have to rely on elec­tron­ic mail and we’ve been doing that fair­ly well.

But then there’s also you know, anoth­er aspect is we need to get more peo­ple from out­side the US into the man­age­ment struc­ture. And I’m not say­ing this like in terms of quo­tas or any­thing else. I’m just say­ing that we need to make it eas­i­er for peo­ple out­side the US to become work­ing group chairs. We need to make it eas­i­er for them to par­tic­i­pate in oth­er ways than just being kind of this elec­tron­ic [wisp?] which sends mes­sages out and receives them. Because we have had a lot of valu­able con­tri­bu­tions, even in the ear­ly Internet. You know, there was a num­ber of Europeans and Australians who con­tributed quite heav­i­ly, and we need to keep build­ing on that.

Malamud: How do you do that? Do you have IETF meet­ings over­seas? Or do you not have IETF meet­ings? Do we just let the Internet Society han­dle every­thing at their INET con­fer­ence?

Rose: Well I always kin­da viewed the Internet Society as more of a pro­mo­tion­al orga­ni­za­tion than a tech­ni­cal or a stan­dards orga­ni­za­tion. Maybe that’s just my per­cep­tion, I don’t know. I think that we are going to per­haps try to get more more things going con­cur­rent­ly in the US and in Europe and the Pacific Rim. For exam­ple, the video over IP stuff has come a long ways in the last few years. And per­haps we might get to the point where we can hold con­cur­rent ple­nar­ies both in the United States and in Europe, or in the United States and the Pacific Rim.

And if we do it right you know, we could prob­a­bly arrange to have as much over­lap, say maybe four or five hours in the day… Oh you know, what the heck we’re Internet peo­ple. We’re twenty-four hour peo­ple any­way, you know, so we might have a lot of over­lap dur­ing the day where the peo­ple in one time zone start kin­da late after lunch and the peo­ple the oth­er time zone start ear­ly. And you know, we’ll just give them mas­sive caf­feine injec­tions as they walk in the door. So we could per­haps do more of that in that fash­ion.

Malamud: You’re sug­gest­ing a Pan-Atlantic IETF or a Pan-Pacific IETF.

Rose: Yes. In a nut­shell that’s what I would be sug­gest­ing. And you know, I think that there are some work­ing groups which have a fair­ly high lev­el of inter­na­tion­al par­tic­i­pa­tion, for which that would work. And there are going to be oth­er work­ing groups which are fairly…for one rea­son or oth­er are only of inter­est to US peo­ple, or only of inter­est to peo­ple in Europe, and those could be held basi­cal­ly not online.

But again, we always have to fall back on elec­tron­ic mail as the way of doing things.

Malamud: So actu­al­ly using the tech­nol­o­gy that we’re build­ing.

Rose: What a nov­el con­cept.

Malamud: There you have it. We’ve been talk­ing to Marshall Rose, and this is Geek of the Week. Thanks a lot, Marshall.


This has been Geek of the Week, brought to you by Sun Microsystems. And by O’reilly & Associates. To pur­chase an audio­cas­sette or audio CD of this pro­gram, send elec­tron­ic mail to radio@​ora.​com.


Internet Talk Radio. Same-day ser­vice in a nanosec­ond world.


Help Support Open Transcripts

If you found this useful or interesting, please consider supporting the project monthly at Patreon or once via Square Cash, or even just sharing the link. Thanks.