Re: [Nsaas] Existing work, other things

Melinda Shore <> Sun, 07 September 2014 19:42 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A97B71A06F1 for <>; Sun, 7 Sep 2014 12:42:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.6
X-Spam-Status: No, score=-0.6 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1JWn4nLZFrpA for <>; Sun, 7 Sep 2014 12:42:22 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c03::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 711801A0502 for <>; Sun, 7 Sep 2014 12:42:22 -0700 (PDT)
Received: by with SMTP id fa1so975246pad.2 for <>; Sun, 07 Sep 2014 12:42:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=XQvlet3ENVSiji6W1U+sZpONW05+bn8LZjvBl/Xh0dQ=; b=fRWWrKFF1naU8ZexM0E3bOZmFC6Fn44Hcn0d/qxOdhyCm45kwH9uGQ7C4qqZXkEOKD b0gfwS+pzT4fSirNQhomv4uh5al+gO3NNW11vZLmdJT2PVcKtK/63YomFoYUWC6pAvaw 8lrNw1hUe01d2q7+QRuCPR3H9FiwIAb8qYY5zq3xBRwyDCXHUSbjmOWKPAfzqCEHiup4 mkCZn3JZS/RDk6QxADjDHM1gjb9irFD7LFBadX75iu4ZiZK4DNJ9O8GRdNIvSwzpG9sK H2tnEbe7OlRrDT8tZCtKpwXNnXYprHG2LtDhSt4mn7DCbz/luIAHWjqpZPDvlQZ6eErL M6sA==
X-Received: by with SMTP id dr6mr41083843pdb.86.1410118942100; Sun, 07 Sep 2014 12:42:22 -0700 (PDT)
Received: from spandex.local ( []) by with ESMTPSA id oa8sm7132945pdb.20.2014. for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 07 Sep 2014 12:42:21 -0700 (PDT)
Message-ID: <>
Date: Sun, 07 Sep 2014 11:42:19 -0800
From: Melinda Shore <>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: DIEGO LOPEZ GARCIA <>, Linda Dunbar <>
References: <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: "" <>
Subject: Re: [Nsaas] Existing work, other things
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*NSaaS: Network Security as a Service mailing list*" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 07 Sep 2014 19:42:23 -0000

Again, there's been work done in the IETF on some of this (for example,
network endpoint assessment (,
tunnel endpoint discovery, ipsp, and so on.  I think my more general
concern is that recently there's been a great deal of work being brought
into the IETF that's not product-driven and doesn't have "organic"
support, and it turns out to chew up a lot of IETF resources and
frustrate the heck out of its proponents.  No technical work comes
out of it and nobody's happy.  Because it's not product-driven there
tends not to be a clear, existing framework to slip it into along
with real-world requirements and expectations for how it might work.
I don't think the problem statement/framework/requirements process
that's developed is working well for the organization, IETF
participants, or the industry, and I think that it might be time to
take lessons learned about process and apply them here.

That is to say, rather than getting mired in the same old unsuccessful
process, it might be a better idea to identify a narrowly-scoped piece
of work that *needs* to be done and focus on that.  Talk to product
people before bringing a proposal in and asking for a BOF.  I tend to
see this effort as going the way of the "cloud" effort, and so on,
but it's early enough that it doesn't have to proceed down that same
path.  Talk to product people *NOW*, and identify why this work belongs
in the IETF.  It should never be the case that the problem you're
trying to solve is how to create an IETF working group, but rather how
to accomplish a specific piece of technical work that improves networks
and networking.

That is to say, talk to people who build products and talk to people
who run networks, see what they need.  Bring your product managers
into the process.