here follows some of my impressions from last week's BOF meeting:
1) The IETF is becoming more structured and formal in its approach to
making standards. This has both pro's and con's. It will increase the
quality of the standards, but it will also slow down the process
considerably. Making a complete set of RFCs for IPP in 6 months seems to
be rather futile, following the latest IETF rules.
2) It seems that the IETF Application Area Directors are rather negatively
oriented towards both HTTP and LDAP, things that we planned to include in
our solution. Is this a case of "not invented here" (both originated
outside the IETF), or is it a question of quality control for new standards?
3) On the other hand, the Area Directors and everybody else, seem to be in
love with MIME (even if it means stretching the use of MIME into areas for
which it was not originally designed). We cannot go wrong if we use MIME.
4) The route to get approval for our IPP project seems to be concentrating
on describing our application specific data (such as operations and
attributes) in MIME format and describe generic use and attributes for
directory services, but to forget about mapping it to HTTP and LDAP for
now. It was suggested that doing things in sequence would be better than
trying to do mappings to "transports" at the same time.
5) If we were to accept all the proposals made, it seems that our objective
of having working prototypes out within 6 months are doomed. However, we
have several alternatives on how to proceed. We could accept the reduced
scope from IETF, but could keep up the work on the other subjects in the
PWG, for later introduction in the IETF. Or we could consider getting the
W3C organization interested in working on the HTTP mapping. We could also
consider the proposal to design a new dedicated protocol to run directly on
top of TCP (which would take us out of the discussion about whether HTTP is
good or bad). Let us try to get quick agreements on which way to go, so
that we do not slow down the progress of our project in particular in our
prototype teams.
6) We had 80 people attending our BOF session and I counted about 2/3 of
those being actively interested in getting IPP off the ground. Whatever we
do, we should not let the IETF bureaucracy slow us down in doing real work.
7) Our concept of using HTTP to avoid Firewalls seem to be flawed. I spoke
to several security specialists about it and they called us naive. They
pointed out that any firewall provider worth its salt would use IPP as a
good excuse to sell their customers a new version of their firewall -
whichever way we do it.
my 2 cents...
Carl-Uno