Of VPNs and peer-to-peer SIP: IETF chair speaks out

Some of the Internet’s greatest technical minds will gather next week in San Diego to debate how best to plug security holes and design new services for the Internet. More than 1,200 network engineers are expected to attend the Internet Engineering Task Force’s 67th meeting. Network World Senior Editor Carolyn Duffy Marsan interviewed IETF chairman Brian Carpenter, a distinguished engineer with IBM, about the standards-body’s latest efforts. Here are excerpts from their conversation.

How is the IETF doing in terms of attracting attendees to its meetings?

We had very large attendance at the peak of the telecom boom and have settled now to what seems to be a stable level of between 1,200 and 1,300. I think it’s a healthy number. We have 700 to 800 people who are long-time participants, and other people joining for specific activities. We should have around the same number in San Diego.

How would you describe the activity level in the IETF compared to previous years?

I don’t see much change. We still have more than 100 active working groups. In July, August and September, we issued 99 RFCs, which means we’re issuing around 400 documents a year. I think that’s a reasonable amount of productivity for standards writing.

What are the hot-button topics on the agenda for San Diego?

Probably the most interesting new thing is peer-to-peer Session Initiation Protocol. SIP was originally designed as a session protocol, and it assumes there is some sort of SIP service provider. Skype came along, and people started asking, why can’t we do SIP in peer-to-peer mode? That’s generating a lot of interest. The idea is to charter a working group in that area.

A working group just got chartered called NEA, for Network Endpoint Assessment. It deals with the security issues of how you determine when a system appears on the network if it’s got the appropriate security configurations. The idea is to define a protocol for information exchange about the security posture of a system or network.

But there are controversial issues about trusting the information. What if someone configures a laptop with clever software so it is successful for clearance but is riddled with Trojan horses? It’s like: Would you buy a used car from this man? It was quite a complicated discussion to get the working group chartered.

What are the most significant milestones that IETF working groups reached this year?

The IPv6 working group has decided that its work is done and it doesn’t need face-to-face meetings. It’s still doing a little bit of finishing off of its documents. The U.S. government is making IPv6 a major procurement requirement, so clearly there are some signs of maturity in that area.

The other thing I would say is a milestone is the Lightweight Directory Access Protocol working groups have all closed. LDAP is a pretty important protocol in a lot of environments. They’ve produced Version 3 and extension documents. They’ve wrapped things up and gone home. That’s a milestone and a success story.

What are the most active areas in the IETF right now?

The whole business of tunneling and VPNs is a fairly hot topic in the IETF, but the work is spread out over a bunch of working groups. It’s simply a fact that service providers are carrying a lot of tunneled VPN traffic for corporate customers. We have working groups for Level 1, Level 2 and Level 3 VPNs. We have Pseudowire Emulation, which emulates wire protocols over an IP network. We have another group called Softwire that is looking at tunneling in a mixed IPv6 and IPv4 environment.

What technical work going on in the IETF right now are you most excited about?

I’m still an IPv6 weenie. I can’t spend much time on technical work, but that’s where I’ve been spending my efforts. I think we have no choice but to deploy IPv6. I’m also really pleased to see the way SIP has gone. It wasn’t at all clear in the beginning that it was going to be important.

It seems like there’s a lot of interest in the marketplace in video over the Internet, with YouTube, for example.

The reason they can do video is the IETF has been developing protocols for real-time streaming for years. When I was on assignment in the States in the 1990s, we were working on video over the Internet. What’s happened is that the basic technology has gotten mature enough so people realize there is a business model to support it.

There seems to be a lot more energy around Internet content. Do you sense another Internet boom coming?Dutch Tulip situation. I hope people understand how stupid they were in terms of grossly inflated stock values. But I think we’ll see solid growth. I’d rather see solid growth than another boom.

I don’t think we’re ever going to have another

What is the most interesting work on the horizon for the IETF?

We held a [leadership] workshop two weeks ago in Amsterdam where we talked about routing and addressing. One of the conclusions from that workshop, which we will talk about in the plenary meeting in San Diego, is we still have a lot of scaling ahead in routing and addressing. There’s still work to be done.

When people first started talking about the scaling problem, there were fewer than 20,000 entries in the WAN routing tables. Now there are above 200,000 entries. So in 10 to 15 years, it’s gone up by a factor of 10. It can’t go on indefinitely. I’m talking about upgrading the Border Gateway Protocol. No one is panicking, but this is a problem as long as the Internet continues to grow. We need more discussions to figure out the right way to address it.

Eighteen months ago, when you took over as IETF chair, you said your primary goal was to refocus the efforts of the Internet Engineering Steering Group on strategic issues rather than processing documents. Have you accomplished that goal?

Partially. With this drumbeat of 400 or so documents a year, it’s very hard to step back from that. All the area directors are conscious that they need to step back from reading drafts to do more steering, but I can’t say I’ve achieved that goal completely

You also said you wanted to improve the IETF’s relationships with other standards bodies, including the International Telecommunication Union, Third Generation Partnership Project and the Open Mobile Alliance. How have those relationships improved?3GPP and 3GPP2. We’ve been putting a lot more effort in with ITU, and I think things are going well. The ITU is pretty friendly towards the IETF. With OMA, we’ve established a liaison, and we have a liaison with the IEEE’s 802 working groups. This stuff isn’t rocket science, but we’ve been working a little bit harder on it.

I’ve gotten very positive feedback on

The IETF took responsibility for its own administrative and financial functions from the Corporation for National Research Initiatives in 2005. How is that process working?

We subcontracted the IETF Secretariat to NeuStar Secretariat Services, a NeuStar subsidiary, on Dec. 15, 2005. That’s going pretty well. We’ve gone through the process of doing an RFP for the RFC Editor, which has been hosted at [the University of Southern California] for many years. We’re very close to announcing the result of that exercise. The new contract will cut in on the first of January.

The reason all of this has happened is we hired an administrative director, Ray Pelletier, in 2005. He’s the guy who has been driving most of this. We’ve also created the IETF Trust to hold the intellectual property that we have. The trust was operational on Dec. 15, 2005.

I’d characterize our administrative and financial position as very healthy. We’re benefiting from the contributions made by the Internet Society. We’re benefiting from contributions made by meeting sponsors. Compared to a couple of years ago, we have a pretty good understanding of our situation. I think we’re doing well.

We are in the process of negotiating a service level agreement with [the Internet Assigned Numbers Authority] so there is a bit more predictability and measurability in their workload. Until now, that’s been working on the basis of a memorandum of understanding that is relatively general. I hope that will be negotiated soon.

We’re pretty much done with our administrative restructuring, and we think it’s been pretty successful.

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies