Carl Malamud: Internet Talk Radio. Asynchronous times demand asyn­chro­nous radio.

This is Geek of the Week. We’re here with Marshall T. Rose, the­o­rist, imple­menter, and agent provo­ca­teur, as he describes him­self. Marshall, wel­come to Geek of the Week.

Marshall T. Rose: Thank you very much, Carl. 

Malamud: Marshall, you’re known for a vari­ety of things, but rather than start­ing with the sub­tle issues of pro­to­col imple­men­ta­tion let’s shoot a few ducks in a bar­rel. You’re prob­a­bly best known by some at least as the author of ISODE, the ISO devel­op­ment envi­ron­ment. And I guess that makes you the world’s lead­ing OSI imple­menter. Why do you like OSI so much?

Rose: [laughs] Well actu­al­ly I think we’re shoot­ing fish in a bar­rel, not ducks in a bar­rel. But prob­a­bly nei­ther is polit­i­cal­ly cor­rect these days. It’s true that back in 1986 Dwight Cass and I began a research project on imple­ment­ing OSI, pri­mar­i­ly over the OSI upper lay­ers, pri­mar­i­ly over TCP. And you know, that gave us a lot of expe­ri­ence in imple­ment­ing OSI

At the time we start­ed, we were real­ly inter­est­ed to find out if the OSI stuff would work, and there cer­tain­ly appeared to be a lot of promise. Unfortunately, and I think his­to­ry will bear me out on this—or the mar­ket’s already shown us, that OSI per se has gen­er­al­ly been a bad idea. The con­cepts of vendor-independent com­put­er com­mu­ni­ca­tions we all like, but when it comes down to the actu­al details and the way these stan­dards are pro­duced, and the result­ing tech­ni­cal mer­it, it’s cer­tain­ly been less than ster­ling. And you know, now hav­ing imple­ment­ed a lot of OSI stuff in the 80s, in the 90s of course I’m one of the more out­spo­ken crit­ics of OSI. Which I imag­ine must dri­ve the OSI peo­ple bat­ty since I often under­stand the stan­dards bet­ter than they do. 

Malamud: Well, hav­ing actu­al­ly imple­ment­ed the stan­dards can some­times give you that insight.

Rose: Well you know, cer­tain­ly one of the things which is the strength of the of the Internet process is the fact that we inter­twine stan­dard­iza­tion and imple­men­ta­tion expe­ri­ence. And you know, the way the cur­rent stan­dards track works now, going to pro­pose to draft to full, there is an increas­ing bur­den on the part of the pro­po­nents of a spec­i­fi­ca­tion to be able to demon­strate inde­pen­dent imple­men­ta­tion, inter­op­er­a­ble deploy­ment, and so on. So by the time you final­ly reach the ulti­mate goal of hav­ing a full Internet stan­dard, we have excel­lent con­fi­dence in the work­a­bil­i­ty and use­ful­ness of this tech­nol­o­gy. And clear­ly that’s some­thing which has been lack­ing from the OSI process.

Malamud: Well why is that? Why is some­thing so sim­ple as let’s get some code out there and see if it works” miss­ing from such a large-scale process?

Rose: Well, there’s the…there’s the polite answer and then there’s the accu­rate answer. The polite answer of course is that you know, by and large the ISO, the CCITT, the ITU, ANSI, the IEEE, have kin­da been over­tak­en by events. In the past you saw inter­na­tion­al and nation­al stan­dard­iza­tion of very well-defined tech­nolo­gies. For exam­ple, if you were going to build nuts and bolts, what the threads look like, and you know, with the prop­er spac­ing and height and grip and so on. And so you know, this is not rock­et sci­ence. It’s crit­i­cal­ly impor­tant to an engi­neer’s infra­struc­ture to have stan­dard­iza­tion of these things, but it’s not as if we are try­ing to some­how cod­i­fy the laws of physics. 

Now in con­trast, you look at com­put­er com­mu­ni­ca­tions and what do you find? You know, this is extreme­ly com­pli­cat­ed stuff. None of it’s very obvi­ous. A lot of it is depress­ing­ly cut­ting edge. And yet you know, the mar­ket seems to feel that they need a stan­dard­ized prod­uct. And so in come the bod­ies which tra­di­tion­al­ly have done this in the inter­na­tion­al and nation­al are­nas, and they find out that they aren’t stan­dard­iz­ing exist­ing tech­nol­o­gy, which in the past has been exact­ly what they did and why they were suc­cess­ful. No, they are doing research con­cur­rent­ly with stan­dard­iza­tion, but some­how their mod­el for stan­dard­iza­tion nev­er made this par­a­digm shift to includ­ing this implementation. 

You know, it’s kind of like we could have the Congress of the United State pass a law with regards to time trav­el, but let’s face it you know, no one has a time trav­el machine so what’s the point of it? You can’t change phys­i­cal laws by mak­ing admin­is­tra­tive pol­i­cy. Why should you think you can stan­dard­ize com­pli­cat­ed tech­nol­o­gy with­out under­stand­ing it?

Malamud: Well some­one argued that if you try to under­stand it first you end up with a process which is not fair. And many peo­ple point to the ISO process, to the CCITT process, and they say, Well, we real­ly have to make stan­dards that are fair, that take into account all the views.” Do you think that is maybe the rea­son that ISO has been con­tin­u­ing to move along that track?

Rose: Well cer­tain­ly every dis­as­ter in his­to­ry has been very fair in penal­iz­ing the vic­tims, has­n’t it? No, you know, let’s be hon­est here. What we need to do is we need to pro­duce solu­tions for the mar­ket­place. And you know, hav­ing some kind of a process with…everyone is hap­py and gets apple juice and cook­ies and gets to express their region­al views and so on, may be very fine for inter­na­tion­al rela­tions, but frankly does not go one iota toward pro­duc­ing good technology. 

You know, Marty Schoffstahl of PSI, a per­son I worked for and have a lot of respect for you know, one time he was giv­ing a talk on his thoughts of stan­dard­iza­tion. And he says, You know, I’m real­ly in favor of inter­na­tion­al agree­ments. But I also know that they don’t work all the time.” And so the audi­ence is try­ing to fig­ure out what Marty’s talk­ing about and he says you know, For exam­ple, there were inter­na­tion­al agree­ment in place but we still have some­thing like Polish cav­al­ry going up against the German army at the begin­ning of World War II.” 

And what Marty’s point­ing out there is that there is a big dif­fer­ence between get­ting peo­ple togeth­er to sign a paper and agree that things are going to hap­pen a cer­tain way, and hav­ing some­thing in place which is actu­al­ly going to pro­duce work­able result. And you know, we have to keep in mind here that is an engi­neer­ing task, this is not a polit­i­cal task. And try­ing to solve engi­neer­ing prob­lems using polit­i­cal dis­ci­plines is bound to fail­ure. Because you sim­ply can­not com­pro­mise on what the val­ue of pi, or the grav­i­ta­tion­al con­stant are. I mean, how could a com­mit­tee decide these things? These are like, con­stants. You can’t com­pro­mise a con­stant. What’s the point?

Malamud: You could have pi 1, pi 2.

Rose: Well, and the…

Malamud: And then you can have pi profiles.

Rose: And pi pro­files and then of course we could have var­i­ous nation­al char­ac­ter sets, and…I’m sor­ry that’s anoth­er tar­get we need­n’t go into now. 

Malamud: You know, some peo­ple look at that and they say, Well… That’s being unfair. There are cer­tain things that dif­fer­ent bod­ies do well.” And many peo­ple point to X.400 for exam­ple as one of the suc­cess sto­ries of the OSI process. Now, recent­ly there’s been an alter­na­tive set of stan­dards that have come out of the IETF known as MIME, Multimedia Messaging for the Internet. Could you com­pare those two? Do you think X.400 is going to con­tin­ue to gain steam or lose steam? And is MIME going to do some­thing there?

Rose: Well, you know cer­tain­ly of all the things OSI has pro­duced, one could point to X.400 as being the most suc­cess­ful. On the oth­er hand that’s kind of like say­ing that World War II was the suc­cess­ful con­clu­sion of the Great Depression. And what I mean by that of course is that yeah you know, it’s been adopt­ed more than the rest of this OSI stuff, but it’s still a com­plete dis­as­ter. You know, the tech­nol­o­gy you need to do store-and-forward mail is sur­pris­ing­ly sim­ple. And you know, it’s not rock­et sci­ence. There are some very basic archi­tec­tur­al prin­ci­ples, and you may have to have some bells and whis­tles from time to time, but this isn’t hard stuff. 

What the X.400 peo­ple did is they start­ed with a mod­el which is fair­ly well-regarded, back in the ear­ly 80s. Took some tech­nol­o­gy which had been fair­ly proven. This is the stuff that came out of Xerox with regard to data rep­re­sen­ta­tion on the wire. And they built a mail sys­tem around it. And you know, one could kin­da argue about some of the choic­es they made, but basi­cal­ly it was kind of overkill for what you need­ed. There is just far too much com­pu­ta­tion­al com­plex­i­ty, to solve what is in the­o­ry a very sim­ple problem. 

Now unfor­tu­nate­ly, after the great suc­cess of 84, instead of revis­it­ing it and decid­ing how to make it sim­pler and more ubiq­ui­tous, they go on to the 88 ver­sion and they don’t even both­er to fig­ure out how to stan­dard­ize migra­to­ry or tran­si­tion paths between 84 and 88. It’s kind of like oh, let’s just do this thing in 88 and we’ll for­get about the past whether it was good or bad. 

Now, what the MIME approach does in con­trast, is the MIME says, Let us assume that we have an exist­ing elec­tron­ic mail infra­struc­ture. And now we are going to fig­ure out the min­i­mal­ist set of changes which we can add on top of that so as not to per­turb the exist­ing infra­struc­ture, but still add these fea­tures to indi­vid­ual end­points that want them.” 

So if you look at the MIME spec, you notice there’s some rules which real­ly seem rather obscure. You know, do not do the fol­low­ing thing” And then there’s be a lit­tle note say­ing, The rea­son this rule here is because we found in prac­tice there is some mail soft­ware which behaves poor­ly under the fol­low­ing con­di­tions, and we want to make sure that when you write MIME soft­ware you don’t exer­cise those problems.”

Now you could say, Well, you know, this should­n’t be the point of a…a stan­dard should­n’t have stuff like that in it. We should just assume that every­thing works well and peo­ple are going to faith­ful­ly imple­ment this stuff.” But you know, again, in the real world we see that’s not the case, and the peo­ple who did MIME were very very care­ful to make sure that the stuff they did would fit on top of and not exac­er­bate exist­ing prob­lems. Whereas you com­pare that to X.400, there’s this kind of a blan­ket assump­tion that some­day every­thing will be X.400 and we won’t have to wor­ry about exist­ing mail sys­tems or what the effect we’re going have. 

And of course the result of that is that we see now a lot of X.400-to-such-and-such gate­ways, and those gate­ways real­ly don’t work very well because the fea­ture match between X.400 and say the LAN mail sys­tem that they’re gateway-ing to is a very poor match. The map­pings are impre­cise. You know, basi­cal­ly the address­es are just hope­less­ly inde­ci­pher­able. And it’s a big mess.

Malamud: Well there you have it.

Malamud: You’re lis­ten­ing to Geek of the Week. Support for this pro­gram is pro­vid­ed by O’Reilly & Associates, rec­og­nized world­wide for defin­i­tive books on the Internet, Unix, the X Windows System, and oth­er tech­ni­cal topics. 

Additional sup­port for Geek of the Week comes from Sun Microsystems. Sun, the net­work is the computer. 

[Incidental Tourist seg­ment omitted]

This is Carl Malamud, the acci­den­tal ter­ror­ist, for Internet Talk Radio. 

Internet Talk Radio, flame of the Internet. 

Malamud: Let’s turn our atten­tion instead to net­work man­age­ment. You’re one of the lead­ing lights in SNMP, and you recent­ly with three of your col­leagues authored SNMP ver­sion 2. Now, that was not with­out some controversy—In fact one of your crit­ics described SNMP as a dog with fleas” and expressed the hope that it would be a dead dog with fleas. Do we real­ly need a sec­ond ver­sion? Don’t we have good enough net­work man­age­ment soft­ware today?

Rose: Well, I guess there are real­ly a cou­ple of issues there. Let’s have a lit­tle bit of his­tor­i­cal con­text and then I’ll kind of get your ques­tion. SNMP ver­sion 1 was devel­oped basi­cal­ly in 1987 and came out of some work that was done by four engi­neers, one of which was a ven­dor and three of which had kind of like, net­work man­age­ment oper­a­tional respon­si­bil­i­ties. And so it was kind of a very focused…the orig­i­nal tech­nol­o­gy’s are very focused on pri­mar­i­ly mon­i­tor­ing gate­ways. And it became clear that we need­ed to evolve net­work man­age­ment into not only mon­i­tor­ing but con­trol, and not only gate­ways but all kinds of devices. And so SNMP ver­sion one was kind of like the evo­lu­tion from this orig­i­nal tech­nol­o­gy done by these four engi­neers where they had a very crisp, focus on what they want to do to kind of like try­ing to solve or pro­vide a basis for a solu­tion to a larg­er problem. 

Now, SNMP has a num­ber of real­ly get things going for it. However you know, as you imple­ment things and see oth­er peo­ple imple­ment them and man­age real net­works, and you know, just gain expe­ri­ence, you find things that you could’ve done bet­ter… You know, when the same ques­tions keep com­ing up or the same request for fea­tures enhance­men­t’s com­ing up, you begin to think maybe we should­n’t have left that out of the orig­i­nal spec. And so you know, four years after v1 was stan­dard­ized, there was a call for pro­pos­als from the IESG say­ing, We’d like evolve SNMP. And the way we’re going to do this is we’re going to ask inter­est­ed par­ties to sub­mit pro­pos­als which meet the fol­low­ing list of criteria.” 

And there were I don’t know, about half a dozen cri­te­ria, of which two of the most impor­tant were you had to spend a lot of time wor­ry­ing about coex­is­tence with the installed base because net­work man­age­ment on the Internet is a 7 by 24 per­va­sive thing. And also that you could­n’t offer a pro­pri­etary solu­tion. It was some­thing that was going to ulti­mate­ly be stan­dard­ized by a work­ing group at the IETF.

This call came out in March of 1992. Now, sev­er­al months went by and final­ly one pro­pos­al is put forth by myself, Jeff Case, Keith McCloghrie, and Steve Waldbusser. And this was called SMP, or the Simple Management Protocol, and basi­cal­ly this was our proposal. 

There was a meet­ing held at the July 1992 IETF ple­nary, which about 200 peo­ple showed up. We explained what our pro­pos­al was. And there was near unanimous—and I’m not exag­ger­at­ing here, vir­tu­al­ly every­one in the room at the end that meet­ing decid­ed that they want­ed to go for­ward with SNMP v2. They want­ed v2 to be the work on SNMP secu­ri­ty plus this pro­pos­al. And that they want­ed a work­ing group formed and they want­ed this thing tak­en care of by year’s end. The crit­i­cal thing is we do not want to get our­selves involved in more than one tran­si­tion, you know. Not a tran­si­tion from v1 to secu­ri­ty, and then secu­ri­ty to v2; or v1 to SMP, and then SMP to some­thing else. One tran­si­tion, v1 to v2

So a work­ing was formed, and com­ments were solicit­ed. Now, in between the time that there was this meet­ing in July and the work­ing group for­ma­tion, the area direc­tor encour­aged any­one with pro­pos­als to put them forth so they could also be con­sid­ered. Well, three months goes by…no oth­er pro­pos­als show up. 

Malamud: Is that enough time to put a pro­pos­al together?

Rose: Well you know, the orig­i­nal call came out in March. Now, one would imag­ine that if some­one real­ly cared about this, one could put a pro­pos­al togeth­er in a six-month peri­od; so basi­cal­ly going from March to September. The fact that there weren’t any pro­pos­als tells me either A, peo­ple thought that the exist­ing pro­pos­al was good enough; B, they did­n’t care about; or C, they just did­n’t want to do the work. And you know, I guess the only kind of peo­ple I would com­plain about are the ones who fall into C, where they don’t want to do the work to put the pro­pos­al together. 

So the work­ing group meets. And you know, there are a lot of dis­cus­sion, and I’ll tell you quite frankly the qual­i­ty of the doc­u­ments has improved as a result of the work­ing group exam­in­ing and revis­ing the documents. 

The prob­lem of course is that for every real good improve­ment we had, there were many sug­ges­tions and argu­ments about things which basi­cal­ly were either tech­ni­cal­ly out of scope of the SNMP v2 char­ter, or unfor­tu­nate­ly were kind of like issues which real­ly had­n’t been thought out all that well. 

And this is an area where I kin­da get a black eye because I am famous for my lack of tol­er­ance of non­sense. And what I mean by that is that you know, peo­ple ask­ing ques­tions I can deal with. When some­one brings up an issue which had been dis­cussed and hand­i­ly dis­missed in the past, they’d bet­ter have some new points when they bring up that issue because I real­ly do not like rehash­ing the same argu­ments over and over again. It’s kind of like, if you’re stand­ing on the deck of the Titanic and you see the ice­berg, you have two choic­es: you jump off the port side of the ship, or the star­board side of the ship. You don’t stand there in the mid­dle of the bow plane decid­ing which foot you want to lead off with when you jump, it’s time to jump. And once you’ve jumped, you can’t say, Oh no, I’m jump­ing in the wrong direc­tion,” you have to go overboard. 

And so, when an issue has been thor­ough­ly dis­cussed, as sev­er­al of these had in the past, to have them be brought up again in the course of this, with­out any new facts being brought to light you know, just absolute­ly infu­ri­ates me. And so I tend to lose my tem­per and let peo­ple know what I think of them and then that makes Marshall the ogre of the Internet, for which all I can say is well you know, you know what caus­es me to be an ogre; per­haps you should try not to exhib­it that behav­ior which basi­cal­ly caus­es that kind of a result.

Malamud: But isn’t that the job of a work­ing group, to make sure these issues are prop­er­ly hashed out?

Rose: Well you know, you’d think that, would­n’t you? But you know, on the oth­er hand how many times do you have to hash out the same issue? I don’t have any prob­lems with some­one say­ing, We’ve dis­cussed Topic A the past, and there’ve been argu­ments in both direc­tions. But here is some­thing new which we haven’t con­sid­ered. We real­ly need to reopen A.”

The prob­lem is that nev­er hap­pened. What hap­pens is, I want to talk about Topic A again. Here’s my pro­pos­al.” And instead of going through and mak­ing sure that the old argu­ments have been dealt with, that any new infor­ma­tion has been brought, it’s kin­da like there’s zero mem­o­ry on the part of the work­ing group. That this thing has nev­er been dis­cussed in the past and there­fore it’s fair game, when in point of fact the two or three top­ics which got to this lev­el which we call tar baby sta­tus,” are things which have lit­er­al­ly been dis­cussed for the last four years, every six months, and every six months they go down in flames.

Malamud: What’s an exam­ple of one of those issues?

Rose: Well, the typ­i­cal exam­ple is is the argu­ment as to whether row cre­ation, or more prop­er­ly row manip­u­la­tion in SNMP is an arti­fact of pro­to­col oper­a­tion or MIB design. Now, that’s a very com­pli­cat­ed way of express­ing the fol­low­ing con­cept: A lot of times you have man­age­ment infor­ma­tion of which there are mul­ti­ple instances, so like, mul­ti­ple rows in the rout­ing table, each con­sists of a rout­ing entry. One of the things you have to do in SNMP is have the abil­i­ty to iden­ti­fy a par­tic­u­lar row, and then per­haps you want to cre­ate a new rout­ing entry, or you want to mod­i­fy an exist­ing one, or you want to delete it. Well, mod­i­fy­ing things which are already exist­ing is a fair­ly straight­for­ward thing. Also with delet­ing them. 

The ques­tion comes about, how do you go about cre­at­ing a new row, say in the rout­ing table or some­thing like this, and do it in such a way that you don’t col­lide with oth­er man­agers which also might be con­trol­ling the router, and make sure that you have all the infor­ma­tion in that entry in the rout­ing table before the router starts to use it. Because you may not be able to fit all of the infor­ma­tion you need in one pack­et, in just one trans­ac­tion to make it hap­pen. You may have to do a lit­tle nego­ti­a­tion over the creation. 

And so there’s always been kind of this ques­tion, or at least this ques­tion comes up every six months is, Well, do you have a spe­cial pro­to­col oper­a­tion called cre­ate row,’ or when you design the rout­ing table do you define the seman­tics of how row cre­ation occurs?” And you know, you can argue it either way. The prob­lem is that if you look at all of the con­flict­ing require­ments you have, you find out that the pro­to­col solu­tion sim­ply will not work. There are just some cas­es it can’t solve, where­as the solu­tion by MIB design or defin­ing the seman­tics of the rout­ing table can meet all of those require­ments although at times it may be a lit­tle ugly or a lit­tle hairy. But at least you can solve the prob­lem. And again, in a lot of cas­es you’d have to go for a 100% solution. 

So this top­ic came up in November. And you know, I just absolute­ly hit the roof. Because this top­ic has lit­er­al­ly been dis­cussed on a six-month repeat­ing sched­ule since 1988. And unfor­tu­nate­ly the peo­ple who put forth the pro­pos­al did not put forth a pro­pos­al that had been entire­ly thought through, did not deal with the argu­ments which had been brought up in the past time and time again. And so basi­cal­ly it’s kin­da like, Oh well, here, we wrote this up. Put it in the stan­dard.” And I’m sor­ry, wait, did you real­ize there are all these prob­lems and like, you can’t solve it using the approach you’re using? Do you real­ize we’ve dis­cussed all this stuff in the past? Why are you doing this now? And so then there’s this huge fight, and instead of han­dling it in the absolute most diplo­mat­ic way, some­times I regret­tably just explain to peo­ple that their think­ing isn’t entire­ly as clear as it ought to be. 

Malamud: This is Geek of the Week, fea­tur­ing inter­views with promi­nent mem­bers of the tech­ni­cal com­mu­ni­ty. Geek of the week is brought to you by Sun Microsystems and by O’Reilly & Associates. 

[Book Bite seg­ment omitted]

Internet Talk Radio, town crier to the glob­al village. 

Malamud: You and three of your col­leagues went off and invent­ed SNMP ver­sion 2. And you did it in a back­room. You did­n’t do it in pub­lic. You did­n’t do it in a work­ing group. And that was kind of unfair, because you had a head start over every­body else. And that you were rush­ing the process to much. Do you think we need to slow that process down, or involve more peo­ple in the design of these things?

Rose: Well to begin with, keep in mind that the four of us did exact­ly what we were asked to do by the IESG. Which was to go off, form a design team and do this.

Malamud: Well you had already start­ed when that call for pro­pos­als came out, had­n’t you?

Rose: Well, I could argue that I had start­ed back in 1988 when had fin­ished SNMP ver­sion 1 as chair of that work­ing group and was mak­ing my list of things to fix or things I could­n’t get in ver­sion 1 that I want­ed in ver­sion 2. So I mean, in a sense if you’re say­ing you had already start­ed,” sure, and I would imag­ine any­one involved with ver­sion 1 had already start­ed the day after ver­sion 1 got standardized. 

But you know, let’s keep in mind here that the a call for pro­pos­als went out, any­one was per­fect­ly free to form their own design team and do this. But the only peo­ple who basi­cal­ly com­mit­ted every free sec­onds of their time, from March until July, were the four of us and we did the work. 

Now, is that unfair? You know, there are a lot of peo­ple who kin­da com­plained that Marshall, or maybe Marshall and Jeff Case kin­da have a stran­gle­hold on net­work man­age­ment, that we’re prof­i­teers, or rob­ber barons or some­thing like that. And I must admit I do like being com­pared to a rob­ber baron. There’s a lot of kind of old 19th cen­tu­ry romance asso­ci­at­ed with peo­ple who owned rail­roads con­trolled mil­lions of lives.

Malamud: Although you’re build­ing one, not own­ing one but that’s okay.

Rose: Yeah. Regrettably it’s also not a very fac­tu­al descrip­tion of me. Except of course I do kin­da fit the phys­i­cal car­i­ca­ture but we won’t got into that for now. But I have to learn smoke cig­ars of course, and appre­ci­ate fine brandies. 

Be that as it may, you know, the only rea­son that Jeff and I exert so much con­trol in the world of SNMP is that Jeff and I, and also Keith and Steve, we sim­ply put in more hours than any­one else. This is an entire­ly demo­c­ra­t­ic process. Someone wants to com­pete head to head with Marshall Rose or Jeff Case or Keith McCloghrie or Steve Waldbusser, here’s how you do it. You sim­ply match us in qual­i­ty and quan­ti­ty of hours. You do that and you’ll be on an equal foot­ing with us. But unless you’re will­ing to make the invest­ment of time and oth­er resources you know, you should expect to lose arguments. 

And a lot of these things in the work­ing group, you know, peo­ple brought up pro­pos­al which we had thought of our­selves, and done an analy­sis of, and then fig­ured out one rea­son or anoth­er why it would­n’t work. And then they’re sur­prised why we’re against it and why we have all these argu­ments tailor-made as to why their pro­posed will fail. Well gee guys, we thought of that six months ago and decid­ed we could­n’t make it hap­pen. So in a sense this is real­ly kind of an [?] thing. 

Now, you know I should point out of course that the four of us do have an advan­tage because we do spend all this work. And that’s our choice, and cer­tain­ly peo­ple can com­pete with us. Similar you know, Jeff Case in addi­tion to being at the University of Tennessee at Knoxville, he is also pres­i­dent of SNMP research, and he sells SNMP prod­ucts for prof­it. You know, I have a book called The Simple Book, which is about SNMP. And I’m cur­rent­ly work­ing on the sec­ond edi­tion. And cer­tain­ly it’s very much in my finan­cial inter­est to have this SNMP v2 stuff fin­ished so I can get the book on the shelves and make anoth­er killing.

On the oth­er hand I’ll also point out that there are eas­i­ly two dozen ven­dors par­tic­i­pat­ing in the SNMP v2 effort who basi­cal­ly have not done a lick of work in the work­ing group towards adding to the qual­i­ty of the SNMP v2 pro­pos­al. And yet because they’re going to make a ton of mon­ey when they sell SNMP v2 prod­ucts. And they’re of course inter­est­ed in hav­ing this stuff come out as fast as it can as well. 

But no. I mean you know, sure of course I have an inter­est in this stuff. And in fact I’ll go so far as to say that the peo­ple in the process I dis­trust the most are the ones who don’t have any appar­ent inter­est. Because what’s it for them whether this stuff is good or bad, whether this stuff gets advanced in a time­ly fash­ion or not? Those are the peo­ple I real­ly wor­ry about, you know.

Malamud: What if they rep­re­sent anoth­er seg­ment, anoth­er group, anoth­er coun­try, anoth­er pro­to­col, reli­gion? Shouldn’t they be in that, or do you think you should just deploy the tech­nol­o­gy as quick­ly as possible? 

Rose: Well I don’t know. I mean, you know, there’s… You can only stan­dard­ize and be suc­cess­ful on tech­nol­o­gy which works and peo­ple will­ing to build prod­ucts to. Certainly we have tried to meet as many of the indus­try’s require­ments as we can in pro­duc­ing SNMP v2. And there are some require­ments where basi­cal­ly we just had to say, Sorry, you can’t have that.” And in cas­es like that, basi­cal­ly it comes down to adding that par­tic­u­lar fea­ture would have a detri­men­tal effect on the over­all oper­a­tion of the sys­tem. And this is an engi­neer­ing trade-off and you have to decide whether you want to make things run, or whether you want to make sure that every­one has their apple juice and cook­ies at the end of the day. And I’m sor­ry you know, we’re here to make the trains run, we’re not here to hand out apple juice and cookies. 

Malamud: Well I can think of anoth­er instance where a sim­i­lar deci­sion was faced by the IAB. And they were look­ing at the rout­ing and address­ing cri­sis, and they said, We’ve got a train to run,” and they decid­ed at least on a direc­tion for IP ver­sion 7. And the com­mu­ni­ty did­n’t react near­ly as favor­able. What is the dif­fer­ence between push­ing SNMP v2 out because it needs to be done, and push­ing let’s say a con­nec­tion­less net­work ser­vice out as IPv7?

Rose: Well, the thing to keep in mind is that the SNMP v2 effort did not get it push until the July meet­ing of the IETF in Cambridge when there was— You know, one of the meet­ings, the ple­nary where over 200 peo­ple showed up, heard the the pro­pos­al, and then as a body they said, Do this. Do this now. Make it hap­pen. Let go.”

Now, from my per­spec­tive, when you have 200 peo­ple will­ing to show up at an IETF meet­ing and sit in the same room and lis­ten for three hours to a pro­pos­al, and then after some ques­tions and answers basi­cal­ly have vir­tu­al­ly every­one in the room point to exact­ly the same goal, that a mandate. 

In the case of the IPv7 thing, the prob­lem we have is that every­one agrees there’s a prob­lem. We dis­agree as to the extent of the prob­lem, whether it is a clear dan­ger or a present dan­ger. And we cer­tain­ly dis­agree on what the solu­tions are. So there is no clear man­date. And so for the IAB or any­body to say, Okay, this is what we’re going to do,” with­out hav­ing that man­date they cer­tain­ly open them­selves up to just being in a tremen­dous pres­sure cook­er. And that’s where they found themselves. 

Malamud: Now, the result of that pres­sure cook­er was an effort called POISED, which exam­ined how we gov­ern our­selves in the IETF

Rose: Mm hm.

Malamud: What what’s your feel­ing on what’s hap­pened with the POISED efforts? You were one of the authors of the com­pro­mise pro­pos­al at the IETF where it was decid­ed to have a ran­dom selec­tion com­mit­tee and then a change in the roles of the IAB and IESG. Have we fixed things? Are we ready to set­tle down and get back to work?

Rose: Well the POISED… The out­come of POISED was to try and intro­duce a lev­el of account­abil­i­ty into the selec­tion process, and basi­cal­ly an advice and con­sent kin­da role between the rank and file and the man­age­ment struc­ture. And what we came out of that basi­cal­ly, a pool of vol­un­teers ran­dom­ly select­ed to make rec­om­men­da­tions which then the man­age­ment struc­ture can approve or deny prob­a­bly is the best com­pro­mise that [?] work. And I think in the long term it’s prob­lem going to serve us very well. 

I think what we’re going to end up see­ing is more…more new blood com­ing into the sys­tem at a time when we real­ly start to need it. You know, one of the prob­lems we had with the old sys­tem is kind of being self-selecting. While the qual­i­ty of the indi­vid­u­als was good, we just did­n’t have a way of groom­ing our junior peo­ple into becom­ing senior peo­ple. And what my hope is now is that we’re going to start get­ting some of the peo­ple who are work­ing group chairs are going to start becom­ing area direc­tors. People who are area direc­tors are either going to move on to the IAB or per­haps into some oth­er posi­tion. And new work­ing group chairs will come in. 

So we’ll kind of like, start to build up more of a col­lec­tion of peo­ple who have Internet man­age­ment expe­ri­ence. And I think we have to start doing this because a lot of the peo­ple we have now in the senior posi­tions are, you know, for bet­ter or worse near­ing retire­ment, and they just don’t quite have the ener­gy that they used to.

And you know, fur­ther­more you have to keep in mind that as we’re ever expand­ing and grow­ing we have new con­stituen­cies. We need to pro­vide an out­let so those new con­stituen­cies feel that they have ade­quate rep­re­sen­ta­tion and so on, and that their views are known. 

Now hav­ing said all that, there are some things that we absolute­ly must avoid. The thing which which we must avoid is any con­cept of par­tic­i­pa­tion via affil­i­a­tion. That is, Oh, I’m the rep­re­sen­ta­tive from Company XYX.” Or, I rep­re­sent the Scandinavian por­tion of the Internet,” or some­thing like that.

Malamud: But these are the peo­ple that are often pay­ing to send these peo­ple to the com­mit­tees. And so IBM pays IBM employ­ees. Shouldn’t IBM as a cor­po­ra­tion have a voice?

Rose: No, absolute­ly not. In fact I’d argue that no cor­po­ra­tion, nor any orga­ni­za­tion, have a voice as a part of of their cor­po­rate enti­ty or iden­ti­ty. No, that’s just wrong. I mean, if you do that you will imme­di­ate­ly find your­self devolv­ing into the ISO/ANSI/OIW way of doing things, which would just be absolute dis­as­ter. Companies which send peo­ple to the IETF do so because they have a finan­cial rea­son for hav­ing peo­ple there. Sometimes they have peo­ple there for edu­ca­tion pur­pos­es. Sometimes they have peo­ple there to push an agen­da. Sometimes they have peo­ple there because they view it as a mat­ter com­mu­ni­ty ser­vice. And cer­tain­ly it’s this lat­ter aspect which I would like to encour­age. I would like to encour­age peo­ple to kind of view their par­tic­i­pa­tion in the IETF as a mat­ter com­mu­ni­ty ser­vice. You know, the fact that you should­n’t view being on the IESG or the IAB as a reward, you should rather review it as two years of com­mu­ni­ty ser­vice, not unlike many coun­tries which require all able-bodied adults to serve in the mil­i­tary from time to time as a reservist or on stand­by or some­thing like that. We need to view these man­age­ment posi­tions the same way, and we cer­tain­ly should­n’t view it as well—you know, I’m from cor­po­ra­tion XYZ.

Malamud: Don’t touch that mouse. Internet Talk Radio will be right back.

Our acronym du jour is P2C2E. And, if you know that one, how about the ever-popular M2C2D

Internet Talk Radio. All mate­r­i­al con­tained in this file is copy­right 1993 by Internet Talk Radio. You may copy these files con­tained and change the encod­ing for­mat, but may not alter the con­tent or resell the pro­grams. You can send us mail to mail@​radio.​com.

Our acronym of the day is the famous P2C2E, a process to com­pli­cat­ed to explain. This gem comes from Salman Rushdie’s clas­sic fairy tale Haroun and the Sea of Stories. P2C2Es of course run on M2C2Ds, machines too com­pli­cat­ed to describe. 

Malamud: So you think any­one ought to be able to just attend the IETF, just walk in off the street.

Rose: Well, tra­di­tion­al­ly the rank and file has been the strength of the IETF. If you look for exam­ple in the area of resource dis­cov­ery, you will find that over the last two years there have been six sep­a­rate efforts start­ed across the globe look­ing at dif­fer­ent aspects of resource dis­cov­ery, and none of these came out of any grand direc­tive from on high that we need to do work in this area. Rather there just hap­pened to—you know, there hap­pened to be peo­ple in com­mu­ni­ties who observed there was a need and decid­ed to have to apply a lit­tle elbow grease to that and and came up with some good results. And so you know, cer­tain­ly that’s always been the strength of the IETF and we need to pre­serve that.

Malamud: I’m hear­ing two things here. One is we want to encour­age new blood to come in. And the oth­er is it’s hard to get work done because of so many peo­ple in some of these work­ing group meet­ings. Are these two con­flict­ing goals here? Is there a way to solve those?

Rose: Well, it’s cer­tain­ly quite a conun­drum. On the oth­er hand, if you look at the SNMP v1 expe­ri­ence, it was fair­ly hard to get things done but we all real­ized there is just such a press­ing need, back in 87 and 88, that we pulled togeth­er and put aside dif­fer­ences and made it hap­pen. There’s one sto­ry I real­ly like to tell which kin­da goes back to this ven­dor thing, so humor me for a moment. 

We were dis­cussing some­thing in one of the SNMP com­mit­tees, and a per­son there who hap­pens to work for ven­dor says, You know, if you include this fea­ture, can’t I can imple­ment that on my box. The box is just not built in such a way that I can get at that infor­ma­tion. But this would be a very use­ful, per­haps even crit­i­cal thing to have for man­ag­ing box­es like this. So I think we should keep this in even though I’m going to take a hit on it per­son­al­ly in the com­pa­ny for let­ting this happen.”

Now here’s an exam­ple of a guy who, even though he knows that as his bet­ter com­pa­ny is not going to do it par­tic­u­lar­ly well on this point, he still under­stands that the com­mu­ni­ty will be great­ly enhanced by hav­ing this in the stan­dard. And so you know, the ven­dor hat, if it was ever there comes off, and the guy says, Well you know, I’m gonna be tak­en to the wood­shed over this, but let’s do it.”

And you know, this kind of exchange hap­pened per­haps a dozen times over the course of that work­ing group meet­ing. Because peo­ple real­ly had a sense of com­mu­ni­ty spir­it. And so as we grow, we need to some­how make sure that peo­ple appre­ci­ate that there is this greater sense of community.

Now, some­times this just does­n’t hap­pen. After SNMP was stan­dard­ized, there was a work­ing group that was formed to devel­op some def­i­n­i­tions of some addi­tion­al man­age­ment objects. And Craig Partridge had the great mis­for­tune of being select­ed as chair. And he did his best to try and get the group to come to con­sen­sus. And over the course of a year, he sim­ply could not get that group to get any kind of con­sen­sus posi­tion at all. 

And you know, Craig’s a good guy. He’s bright. He’s inno­v­a­tive. He’s very well mean­ing. And he just sim­ply could not get results. It was just polit­i­cal­ly unten­able. And you know, final­ly he had to give up and they had to take some oth­er approach towards get­ting these def­i­n­i­tions out. And you know, this was a real­ly unfor­tu­nate thing where they were unable in that work­ing group to have that sense of com­mu­ni­ty come together. 

Now, since that time we’ve we’ve tried to fix the par­tic­u­lar prob­lems which Craig encoun­tered and we’ve had mixed suc­cess, but it is just a con­stant prob­lem, is we serve a larg­er com­mu­ni­ty, there are diverse inter­ests, and yet not every­one else is will­ing to real­ize that their own fief­dom in the Internet is not the only fief­dom there and it’s not the whole Internet, and that they have to give some. 

Malamud: Speaking of com­mu­ni­ty, we’re begin­ning to look at a tru­ly glob­al Internet. The con­tri­bu­tions from out­side the US have long been very sig­nif­i­cant, and one can argue are some of the most vital work going on in the Internet. How is the IETF going to steal from, or the Internet standards-making process if you will, scale from a US-centric process into a tru­ly glob­al one?

Rose: Well, that’s… that’s hard. I think that what we need… One of the things which we’ve done fair­ly well and at and which we need to keep work­ing at is mak­ing sure that the vast major­i­ty of all IETF com­mu­ni­ca­tions occur via elec­tron­ic mail—

Malamud: That’s a nov­el thought.

Rose: Novel though, yes. Well, it hap­pens most today. —rather than these in-person meet­ings. And although these in-person meet­ings are nec­es­sary and often essen­tial per­haps for ham­mer­ing out some things, we real­ly have to rely on elec­tron­ic mail and we’ve been doing that fair­ly well.

But then there’s also you know, anoth­er aspect is we need to get more peo­ple from out­side the US into the man­age­ment struc­ture. And I’m not say­ing this like in terms of quo­tas or any­thing else. I’m just say­ing that we need to make it eas­i­er for peo­ple out­side the US to become work­ing group chairs. We need to make it eas­i­er for them to par­tic­i­pate in oth­er ways than just being kind of this elec­tron­ic [wisp?] which sends mes­sages out and receives them. Because we have had a lot of valu­able con­tri­bu­tions, even in the ear­ly Internet. You know, there was a num­ber of Europeans and Australians who con­tributed quite heav­i­ly, and we need to keep build­ing on that.

Malamud: How do you do that? Do you have IETF meet­ings over­seas? Or do you not have IETF meet­ings? Do we just let the Internet Society han­dle every­thing at their INET conference? 

Rose: Well I always kin­da viewed the Internet Society as more of a pro­mo­tion­al orga­ni­za­tion than a tech­ni­cal or a stan­dards orga­ni­za­tion. Maybe that’s just my per­cep­tion, I don’t know. I think that we are going to per­haps try to get more more things going con­cur­rent­ly in the US and in Europe and the Pacific Rim. For exam­ple, the video over IP stuff has come a long ways in the last few years. And per­haps we might get to the point where we can hold con­cur­rent ple­nar­ies both in the United States and in Europe, or in the United States and the Pacific Rim.

And if we do it right you know, we could prob­a­bly arrange to have as much over­lap, say maybe four or five hours in the day… Oh you know, what the heck we’re Internet peo­ple. We’re twenty-four hour peo­ple any­way, you know, so we might have a lot of over­lap dur­ing the day where the peo­ple in one time zone start kin­da late after lunch and the peo­ple the oth­er time zone start ear­ly. And you know, we’ll just give them mas­sive caf­feine injec­tions as they walk in the door. So we could per­haps do more of that in that fashion.

Malamud: You’re sug­gest­ing a Pan-Atlantic IETF or a Pan-Pacific IETF.

Rose: Yes. In a nut­shell that’s what I would be sug­gest­ing. And you know, I think that there are some work­ing groups which have a fair­ly high lev­el of inter­na­tion­al par­tic­i­pa­tion, for which that would work. And there are going to be oth­er work­ing groups which are fairly…for one rea­son or oth­er are only of inter­est to US peo­ple, or only of inter­est to peo­ple in Europe, and those could be held basi­cal­ly not online. 

But again, we always have to fall back on elec­tron­ic mail as the way of doing things.

Malamud: So actu­al­ly using the tech­nol­o­gy that we’re building. 

Rose: What a nov­el concept.

Malamud: There you have it. We’ve been talk­ing to Marshall Rose, and this is Geek of the Week. Thanks a lot, Marshall. 

This has been Geek of the Week, brought to you by Sun Microsystems. And by O’reilly & Associates. To pur­chase an audio­cas­sette or audio CD of this pro­gram, send elec­tron­ic mail to radio@​ora.​com.

Internet Talk Radio. Same-day ser­vice in a nanosec­ond world.

Further Reference

Episode archive page