Some of the Internet’s greatest technical minds will gather next week in San Diego to debate how best to plug security holes and design new services for the Internet. More than 1,200 network engineers are expected to attend the Internet Engineering Task Force’s 67th meeting. Network World Senior Editor Carolyn Duffy Marsan interviewed IETF chairman Brian Carpenter, a distinguished engineer with IBM, about the standards-body’s latest efforts. Here are excerpts from their conversation.

How is the IETF doing in terms of attracting attendees to its meetings?
We had very large attendance at the peak of the telecom boom and have settled now to what seems to be a stable level of between 1,200 and 1,300. I think it’s a healthy number. We have 700 to 800 people who are long-time participants, and other people joining for specific activities. We should have around the same number in San Diego.

How would you describe the activity level in the IETF compared to previous years?
I don’t see much change. We still have more than 100 active working groups. In July, August and September, we issued 99 RFCs, which means we’re issuing around 400 documents a year. I think that’s a reasonable amount of productivity for standards writing.

What are the hot-button topics on the agenda for San Diego?
Probably the most interesting new thing is peer-to-peer Session Initiation Protocol. SIP was originally designed as a session protocol, and it assumes there is some sort of SIP service provider. Skype came along, and people started asking, why can’t we do SIP in peer-to-peer mode? That’s generating a lot of interest. The idea is to charter a working group in that area.

A working group just got chartered called NEA, for Network Endpoint Assessment. It deals with the security issues of how you determine when a system appears on the network if it’s got the appropriate security configurations. The idea is to define a protocol for information exchange about the security posture of a system or network.

But there are controversial issues about trusting the information. What if someone configures a laptop with clever software so it is successful for clearance but is riddled with Trojan horses? It’s like: Would you buy a used car from this man? It was quite a complicated discussion to get the working group chartered.