Core Problems/First Principles (was: Options for IETF administrative restructuring)

Margaret Wasserman <margaret@thingmagic.com> Sat, 04 September 2004 02:27 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA02242; Fri, 3 Sep 2004 22:27:31 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1C3QJo-0006fM-1Q; Fri, 03 Sep 2004 22:30:23 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1C3QEt-0003Wa-IP; Fri, 03 Sep 2004 22:25:15 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1C3QDg-0003K1-7g for ietf@megatron.ietf.org; Fri, 03 Sep 2004 22:24:00 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA02045 for <ietf@ietf.org>; Fri, 3 Sep 2004 22:23:57 -0400 (EDT)
Received: from mail.thingmagic.com ([207.31.248.245] helo=thingmagic.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1C3QGP-0006aU-0b for ietf@ietf.org; Fri, 03 Sep 2004 22:26:49 -0400
Received: from [68.64.253.86] (account margaret HELO [192.168.1.103]) by thingmagic.com (CommuniGate Pro SMTP 4.1.8) with ESMTP-TLS id 152323 for ietf@ietf.org; Fri, 03 Sep 2004 22:19:47 -0400
Mime-Version: 1.0
X-Sender: margaret@mail.thingmagic.com
Message-Id: <p0602042bbd5eb9fbdfaa@[192.168.1.103]>
Date: Fri, 03 Sep 2004 22:23:42 -0400
To: ietf@ietf.org
From: Margaret Wasserman <margaret@thingmagic.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 202a3ece0492a8c7e7c8672d5214398f
Subject: Core Problems/First Principles (was: Options for IETF administrative restructuring)
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 2bf730a014b318fd3efd65b39b48818c

Hi All,

Like most people who have been involved in these discussions over the 
past couple of years, I have my own personal views on the core 
problems facing the IETF's administrative support functions and what 
we should do to resolve them.

As we have worked through these issues, it has become clear to me 
that there are some significant problems with the organizational 
structure of the IETF's administrative support functions and with the 
current IETF funding model.

In my opinion, the current IETF administrative support function (the 
IETF Secretariat as provided by CNRI/Foretec) is poorly-defined, 
insufficiently accountable to the community, and insufficiently 
transparent.  In particular:

(1) The current relationship between the IETF and CNRI/Foretec is 
unclear and poorly-defined.

This lack of clarity results in inefficient and often ineffective 
communication between the IETF leadership and those responsible for 
the IETF's administrative support functions.  It also blurs important 
issues such as ownership of IETF data, tools and other intellectual 
property.

The roles and responsibilities of the IETF's administrative support 
organization should be well-defined in BCPs, and all relationships 
with outside service providers should be defined in publicly 
available contracts or MOUs.

(2) Our current administrative support functions are insufficiently 
accountable to the IETF community.

The community should have more say in how these functions are 
prioritized, funded and provided.  The IETF community (through its 
chosen leadership) should have the ability to contract for 
administrative services that are not currently provided by 
CNRI/Foretec.  We should also have the ability to seek competitive 
bids for current services in order to obtain better or more 
cost-effective service.

IMO, the IETF's administrative support functions should be overseen 
by a community-appointed board that is directly accountable to the 
IETF community, similar to the IAB or the IESG.  This board should be 
responsible for understanding the IETF's administrative needs and 
working with any IETF administrative support employee(s) and other 
service providers to meet those needs.  The use of the word "board" 
in this paragraph is not meant to imply that this should be a 
corporate board -- in fact, my preferred model would be an 
organizational board that is run under the auspices of ISOC, just 
like the IAB is today.

(3) The IETF community has insufficient visibility and control over 
our finances.

Revenue that is generated through IETF attendance fees, meeting 
sponsorship and related donations goes directly to CNRI and is used 
at CNRI/Foretec's discretion to fund the IETF Secretariat functions. 
I have a great deal of confidence in the honesty, integrity and good 
will of Bob Kahn and the other people involved in the CNRI/Foretec 
Secretariat function, but the result is that the IETF community is 
offered no real say in how these funds are spent, and the ownership 
of any real or intellectual property that is purchased or developed 
with these funds (such as the IETF mail systems, the I-D Tracker, our 
mailing list archives, our I-D archives) is unclear, at least to me.

There is also a significant flaw in this funding model, as the amount 
of IETF work (new I-Ds, RFCs published, active WGs) has continued to 
increase even though meeting attendance has fallen in recent years. 
Many of the performance/reliability issues that the community has 
experienced with the IETF Secretariat may be the result of inadequate 
staff and funding.  To be fair to CNRI/Foretec, they have suggested 
other possibilities to raise additional funds for the IETF 
Secretariat service, such as running exhibits in conjunction with 
IETF meetings, but the IETF Chair has (wisely, IMO) refused to 
consider those options.  And, any options that involve direct 
donations to the IETF Secretariat (such as additional sponsorship 
fees that have been paid by some sponsors) may directly undercut ISOC 
fund raising efforts, in effect choosing taxable income over tax-free 
income.

In addition to a lack of transparency, our current funding model 
results in having two separate budget pools -- the meeting fees and 
sponsorship revenues that fund the IETF Secretariat, and ISOC monies 
(from direct fundraising or PIR surpluses) that fund the RFC Editor, 
the IAB, the IETF's liability insurance and a discretionary fund for 
the IETF chair.  Having these funds in two different pools limits the 
ability of the IETF community to do some things that I think we 
should do, such as investing in IT infrastructure improvements or 
developing unified tools for use throughout the IETF standards 
process (for I-Ds and RFC editor documents).

So, it is my personal belief that we need a single, not-for-profit 
(hopefully tax-exempt) organization that collects all of the IETF 
donations and revenues and distributes those funds in accordance with 
community-controlled priorities.

Some people have suggested that we should form a new corporation to 
replace CNRI (Scenario C), to avoid a possible future in which the 
goals of the IETF and ISOC are no longer aligned.  Personally, I 
consider the possibility that the IETF and ISOC might part ways to be 
a very minor risk, especially given the extent to which ISOC's 
efforts are currently focused on the IETF.

I also think that there are three more relevant and substantially 
more serious risks that should be very carefully considered before we 
decide to form a new corporation:

(1) Any new organization that we create will need to have a corporate 
board and a corporate charter.  It will have relationships with many 
other parties and may eventually have organizational members or 
corporate donors (at least for meeting sponsorships and 
donations-in-kind).  So, it may be no less likely that a new 
organization will eventually fall out of alignment with the IETF.

(2) Forming a new organization to replace CNRI while keeping the 
current relationship with ISOC intact perpetuates some of the funding 
problems we have today.  Corporate donors would still have to choose 
between making donations to ISOC and making direct donations 
(including sponsorships or donations-in-kind) to the IETF 
administrative function.  We would still have two separately 
administered budget pools and we still wouldn't have one organization 
that is responsible for prioritizing and managing the IETF's budget.

(3) There are significant costs and risks associated with setting up 
a new organization.  It has taken years to stabilize the ISOC 
governance model and achieve financial stability.  It can also take 
many months to establish tax-exempt status for a new organization 
(PIR took about 1-1/2 years) and it is not a no-brainer that an IETF 
administrative support organization could achieve tax exempt status. 
It is substantially more expensive to hire a CEO (and related 
administrative, financial and legal support services) for a new 
organization than it would be to hire a director-level employee 
inside an existing corporation such as ISOC.  Also, there is 
insufficient information to be certain that an IETF administrative 
support organization could be financially stable on its own -- we are 
told that CNRI/Foretec consistently loses money providing these 
services today.

Because of all of these issues, I would personally prefer to see an 
administrative support organization that consists of an 
organizational board that is organized under the ISOC corporate 
umbrella (just like the IAB is today).  I believe that this is a 
model that has worked well for the IETF for many years, and it could 
continue to work well for many years into the future.

I don't really know if I have a preference for Scenario A or for 
Scenario B in Carl's draft, as the difference between those two 
choices somewhat eludes me. I don't believe that anyone could 
rationally propose that we enter into a relationship with ISOC to 
provide our administrative support services without formalizing that 
agreement in BCPs and/or MOUs as appropriate.  And, regardless of how 
the relationship with ISOC is originally constituted, I am sure that 
it will evolve over time to serve the needs of an evolving IETF 
community.

I also feel very strongly that our administrative support functions 
should be overseen by a community-selected board, not by the 
corporate board of ISOC or any other corporation.  That possibility 
doesn't seem to be explored in Carl's draft, but I think it is a 
vital part of any solution.

So, as usual, I am out on a limb voting for a choice that no one has 
offered me yet...  At least I'm predictable that way.  :-)

Margaret

[Disclaimer:  In the interest of full disclosure, I would like to 
point out that I am currently serving as an Internet AD on the IESG 
and as an IETF-selected member of the ISOC Board of Trustees.  I've 
been involved in the IETF for approximately 8 years and in ISOC for 
about 1-1/2 years.  While I do consider ISOC to be a worthwhile 
organization in its own right,  I also consider my ISOC Board of 
Trustee services to be one of the ways that I serve the IETF 
community.]


_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf