IASA 2.0: Challenges and Opportunities Workshop 1 Tuesday, February 28, 2017 3:00 am | Pacific Standard Time (San Francisco, GMT-08:00) Notes by: Greg Wood WebEx Recording: https://ietf.webex.com/ietf/ldr.php?RCID=ef0761bb5806958ce37a631b20fa2910 1. Introduction (10m) welcome by gonzalo logistical details on slide - its being recorded, notes are being taken introduction to acronyms (on slide) Slide: IASA was established in 2005--now we have running code to check how things are working, how they might be improved Slide: Organization slide: how IASA is set up. A bit complex. Various functions are implemented - IETF Trust also includes the IAD, whoi is NOT a voting IAOC member_ - Does not include subcommittees Slide: Workshop goals note: save solutioneering for a later time Why we are [side discussion about queue control] Jari: here to listen, slides intended to trigger discussions 2. Staff and volunteer resource issues (20m) Slide: Sample list of issues for staff and volunteer resources. - IAD workload, IASA skillset, volunteer enthusiasm/funding Discussion: - not just the IAOC has trouble finding qualified volunteers - IAOC subcommittees: not clear who is involved/serving, not sure what effort is required/expended (transparency) . lack of encouragement of/participation in subcommittees might be a disincentive for IAOC participation - do we conduct exit interviews? - no (no IAD has exited) - also need to understand requirements/ dependencies on contractors and other support structure to really understand how things work- it is complicated and not generally well understood 3. Structural issues between the IETF, the IAOC, ISOC, the IESG, and contractors (15m) Slide: Structural issues between IETF, IAOC, ISOC, IESG and others - lines are not clear - need to include other things: Ombudsteam, ISOC Fellows to the IETF (vs policy fellows), IETF Journal - improvements to accounting have helped, but not yet perfect. - some items (e.g. IETF Journal) are ISOC driven-and funded, but there is a lack of clarity about who is doing what on behalf of whom . suggest staying focused on what the *IETF* is doing - historical note: increasing accounting budget over last 5-6 years to recognize ISOC staff contributions (now closer, but not there yet) . noted that "accuracy* is increasing - difference between accounting and control: control also needs to be aligned with accounting so IETF can decide - an issue of transparency with the IAOC . IASA has lagged progress of groups like IESG . it would be good to recognize it in agenda/meeting . agreement that this is an issue w/in the IAOC . it would be good to have a more clearly documented requirement from the community to avoid misinterpretation . e.g. set the default to be open and publish exception list, such as open meetings .comment: a significant cause is fear-based: need to move to doing the right thing and moving forward . related to the comment about not-IETF activities: how IETF is represented to the outside world (donors, media, other orgs and communities), even if those are currently handled by ISOC (or others) . agreement: do need to make sure there is alignment, but don't need to get into the details of accounting and such - start with the idea that these things (e.g. ietf journal) are not IETF's . from outside, people don't understand the difference between ISOC/IETF- the key point is consistent messaging .some benefit to the Internet for the IETF to be ephemeral (have a lack of clarity about structure), and not so focused on structure (e.g. no members) . understand the point, but there are practical implications (e.g. legal transactions generally go through ISOC), and we've decided to implement in a particular way. . Q: even w/in the current structure, could better clarity be had (and improve things) - more formality is not necessary, but that's the trend w/in this community . e.g. improving the IASA stuff could make things less appealing to some kinds of contributors - the goal is: clarity that institutionalizes that accessibility to all participants (this is tricky) 4. Internal IAOC organizational issues (15m) Slide: membership, overload of individual responsibilities/requirements possible questions: - IAOC subcommittees - IAB chair membership? general issue: to what extent is IAOC an oversight body (this might be managed as a workload issue) - surprised to see how many people are involved in subcommittees - composition of volunteers/staff that might cause confusion about role, and control/accountability issues . i.e. who's really in charge? who is leading the discussions/making decisions, who is supporting those decisions . lack of documentation/explanation about how the committees are chosen - for some teams (e.g., meetings, legal) it is necessary to have staff (e.g., ietf lawyer, site visit and meeting contract negotiation staff) . lists of subcommittees are here: https://iaoc.ietf.org/committees.html . e..g on legal committee: the base membership comes from the IAOC plus the lawyer to then last year we asked for volunteers from the community and added the one persons who stepped up Note: trust and rest of iaoc tasks are separate talents Does the Trust need to be as large as it currently is? . could it be smaller? would it be good for it to be smaller? . not an issue (aside from getting quorum once or twice) . responsibilities of trust are evolving...but it could be changed . composition is also an issue that might be discussed Size+composition should be determined by role of the Trust, which should be part of the IASA 2.0 discussions - currently,the trust does not do all that much so having separate people would have a bunch of people with not much to do 5. Funding issues (20m) Slide: current funding model (meeting fees/sponsorship/ISOC) doesn't match activities - using contractors vs. volunteers raises costs - there's a new draft on funding issues: https://datatracker.ietf.org/doc/draft-arkko-ietf-finance-thoughts/ - costs are going up (more tools, new hotels, etc.), funding is flat, so long-term issue - operating expenses are not covered by meeting fees, so increased pressure on sponsorship, increased ISOC contribution . eg. perhaps meetings are self-standing (fees and sponsorships), and other sponsorships for other activities - another possibility (long-term) is the IETF endowment - long -term sponsorship, such as Global Hosts - given that the ietf is pretty much the major raison d'ĂȘtre of the isoc, what percentage of isoc expense are we? - looking a the posted ISOC 2015 budget - total budget $38M, IETF $9.4M (BALLPARK) - but IETF sees <$3M . maybe clarity is needed on accounting - send Gonzalo email if further details is needed. 6. Parking lot / AOB (10m) How the IAOC get's it's policy instructions from the community - is that clear enough for us all or not? - policy proposals are posted to the community for comment (e.g. the privacy policy or changed to the trust legal provisions) - the IAOC only goes to the community for specific policy questions but does not get general 'please do this' from the community - in many case the "policy from the IETF community" comes through the IESG as voiced by the IETF chair - But there is also lack of clarity about where some of the questions should be asked (e.g. 'how many logos do we want on our badges?" "who drives/has responsibility for some specific functions"0 . the general question: is it a "thin" IAOC that has mostly oversight of IAD or a "thick" IAOC that has administrative responsibilities: . ie. who is driving the bus? We'll continue listening, second workshop, may be a follow-up f2f at IETF 98 -- IASA 2.0: Challenges and Opportunities Workshop 2 Tuesday, February 28, 2017 8:00 am | Pacific Standard Time (San Francisco, GMT-08:00) Notes by: Cindy Morgan WebEx Recording: https://ietf.webex.com/ietf/ldr.php?RCID=ee9f475275e8758dc55d73b11c851d00 1. Introduction (10m) - Meeting is being recorded. There is a Jabber room, and an Etherpad for note-taking. Background: IASA: IETF Administrative Support Activity An organized activity that provides administrative support for the IETF, the IAB and the IESG. IAOC: IETF Administrative Oversight Committee A largely IETF-selected committee that oversees and directs IASA. Accountable to the IETF community. IAD: IETF Administrative Director The sole staff member responsible for carrying out the work of the IASA. An ISOC employee. IETF Trust Acquires, maintains, and licenses intellectual and other property used in connection with the administration of the IETF. Same composition as IAOC, but a separate organization from the IETF. Slide: Org chart - There are pieces of this that may not fit all reality, but this illustrates the large number of pieces moving in this organization. Supported by committees to do some of the more detailed work: finances, meeting logistics, technology management. The IAOC remains responsible for taking decisions. The IAD is at the heart of a lot of the work; touches almost all of the work of the IASA. There are a lot of moving parts; more than there were 11 years ago when the IASA was formed, because back then we didn't have control over the Secretariat and RPC. Slide: Workshop Goals Gain fuller understanding of: - Challenges and missed opportunities in current IASA - What is working well - Likely future needs Save solutioneering for a later time. - Good to capture the issues; the mailing list is there and we can continue to capture. Today is to grasp some of the larger issues. Slide: Agenda - There are slides. We have room in the parking lot if issues come up. Goal is to see what is working well, talk about future goals, and see if there are ways to reduce friction. 2. Staff and volunteer resource issues (10m) Slide: Staff and volunteer resource issues - IAD workload is (much) more than a full-time job, but we have one staff person allocated to it. - IASA tasks touch on a wider variety of topics and require more different kinds of expertise than 10 years ago (visa issues, local social/political/health issues, new modes of fundraising, etc.), but the job descriptions and skill sets of staff and volunteers do not always match these needs. This is one of the reasons we have subcommittees - Very few community members have the time, support, and interest to stand for the IAOC (or even participate in administrative discussions, unless something goes astray), and many who do are self-funding their work. -- Comment on slides: Draw a sharper distinction between volunteering for IAOC and for things like tools, as shows on structural slide earlier. - Part of the point of having subcommittees is to draw in expertise in a particular area, without burdening them with the overall task of IAOC responsibilty. The point there is that elaborating what kind of expertise is needed can be a bit of a challenge. There is a general challenge in elaborating what skills are needed for any of the areas of work here. --The function of the committees seems to go pretty well, but sometimes there is a lack of clarity about scope and authority in relation to the IAOC. What kind of decision is being made. A recommendation that is subject to pretty easy reversal by the IAOC. This sometimes provides an undercurrent of doubt when discussions take place. 3. Transparency (10m) Slide: Transparency - IAOC has typically been perceived to operate less transparently than what is the norm for IETF processes and other IETF leadership bodies. - Lack of transparency has some roots in concerns about confidentiality of contract terms and business relationships, and fear of community reaction to administrative decisions. - Requirements from the community about IAOC transparency expectations are not clear. -- I think the IAOC could do better in telling the community what it does and how it makes decisions. Now that we're limiting time in the plenary, the community doesn't get to see the IAOC very much so they don't see them or understand what they do. -- I agree that this is a big topic and needs to be addressed. On the previous call there was a discussion about how much people actually know about the subcommittees. And the fundamental transparency of what we tell the community is evolving a bit. I think the trouble here is that the devil is in the details. It's details about what the contracts are and getting clarity on what is going on with that. Hotel contracts aren't shown, and there have been some arguments about that. Understanding what we need to improve and where we can improve. - Mention of IAOC time in plenary--counter-experience says people don't want over-exposure to the very boring details. They're boring until they're not and everyone is surprised. I'm not sure that time in plenary is the way to get people to know what the IAOC does. What are other thoughts on how to better encourage more of the IETF community to understand the IAOC and role of the IASA? -- Not suggesting that the way to fix it is more plenary time, but there is a whole range of things that could be better. Info sessions, etc. But the lack of something tends to cause problems. I think it needs to be better; that would help getting to know and have people put their names forward. I've heard stories of NomCom not knowing what they're looking for. -- I think what this calls for is more than one activity that would provide insight into the community, into what the IAOC is going to do, as opposed to what it has just done. Telegraphing for a few years may improve the level of education. -- I think that would help those transparency requirements without running afoul of the contracts. -- It seems there are 2 potential sources of fear: making a decision you know the community won't like, and having a situation where there is a Last Call and all of the previous conversations the IAOC has had are rehashed. From Jabber: I could know this, but I don't. The ADs for most areas hold office hours at some point during meeting weeks, to allow people to corner us and raise concerns, and ask for guidance. Does the IAOC do anything like that during meeting weeks? I'm sympathetic to Bob's point that the community doesn't have a lot of visibility (and that solving that problem shouldn't require plenary time) ... -- Does it translate into more people wanting to participate in the IAOC? Is that framed properly? Make sure the information is available in email and on the website, but that's not going to inspire people who don't care about administrative issues to volunteer. Expecting to rely on volunteers for this large volume of work is unreasonable. If people can spend time on the technical work, that would be a success. There are multiple different sources, and we can change the expectations. -- Recognizing we're trying to describe the problem, but I think the suggestion about signaling what the IAOC is planning to do, like a Last Call, is worthy. But other things simply don't permit it. But doing that when it is possible seems like a very good idea. Having the IAOC document the basis for a decision, rather than the mere fact of it. For the mundane stuff, that's too much work, but for other things that might help the community. 4. Structural issues between the IETF, the IAOC, ISOC, the IESG, and contractors (15m) Slide: Structural issues - The line between the IETF and ISOC is not organizationally clear-cut, which has led to issues around transparency, allocation of staff time and priorities, budgeting, and clarity of who is responsible for what. - The respective roles of ISOC, the IETF chair, the IAOC, and the secretariat in representing the IETF to sponsors and donors and communicating with them are not clear. - Having ISOC represent the IETF to sponsors and donors: - creates confusion about why the IETF does not represent itself, - yields questions about why ISOC does not instead increase its IETF support and how donations can be guaranteed to be dedicated to the IETF, and - can result in those soliciting sponsorships and donations having a lack of familiarity with IETF work. - Apart from people who are on the IAOC, how much time have people spent pondering these issues? Is there a way to make this more digestible? -- We've been working to account better for the contributions of ISOC, for manpower. But it's not just an issue of accounting, but of who is in the driver's seat, and if we don't like a function can we delete it, or does that require IETF participation? It's a continuum of issues. Some things are very clearly IETF topics, and then there are some that fall in between IETF and ISOC, and then there are some that are ISOC. But I think there is definitely work to be done. -- When I've been asked about sponsorship, I have felt more likely to go back to my management structure and see if that funding could be found. Like for Systers. But that was for a personal sense, and I had the right connections to get funding for something for diversity efforts. I wonder if others also feel more inclined to really try to go track down that funding. - Sounds like one of the challenges of trying to outsource some of the responsibilities around funding. I think we'll get back to that in a bit when we get to funding. Another thing I heard is also to be able to better articulate what the ask is, as well as what the relevance is for the potential sponsor. For purposes of this slide, I don't know where--the responsibilities for coming up with the messages, how to do the outreach, is split between the different parties. -- I would agree with the last comment about funding clarity. Speaking as a global host, it's always unusual to be funding IETF through a third party, and you always wonder if IETF is getting the money right away, and you wonder if the structure makes sense. Also makes it difficult to contribute to the IETF endowment. Maybe some different level of financial and administrative separation would be helpful. -- I'd like to hear more about what kinds of separations or changes you'd have in mind. Distinguish between outward-facing issue and internal ones. I think we do ourselves a disservice by this long-standing confusion about whether IETF is an organization. If I am talking to someone in the community and say I'm working with the IETF, people know what I'm talking about. I think we need to confine the confusion to the internal. When ISOC is raising funds on behalf of the IETF, it is IETF money and they are a sub-contractor. Being more clear about that would help. -- There are a couple of topics that came up on the first call, and I thought I'd throw those out. We also talked a bit about the confusion in the IETF about who has policy authority over some of these aspects. If the idea came up that we wan to change the structure of what we do for sponsors. Who actually has the authority to make that decision. Should it come from the IESG? IAOC? Community consensus? There tends to be a gap in terms of the IAOC being the body that carries this out. Do people think it's clear? The other was, with some other ISOC activities which have visibility to the outside world, like the IETF Fellows, the IETF Journal, the lunch meetings that are part of ISOC programming. Is there a lack of clarity about who is defining the content for those? Who decides how to drive those things? Also a question about whether those should be included in the budget. 5. Internal IAOC organizational issues (15m) Slide: Internal IAOC organizational issues - The IAOC has 4 ex officio members (IETF Chair, IAB Chair, ISOC CEO, IAD (non-voting)), and 5 appointed members. One of 5 members is appointed by the ISOC Board of Trustees, and is traditionally expected not to stand for IAOC Chair. This yields: - A small pool from which to select the IAOC Chair - A small pool from which to select the IETF Trust Chair - Very few (2, by the time you've appointed Chairs) "worker bees" for the IAOC - Requiring that the IAOC and the IETF Trust be constituted by the same group of people overloads the job responsibilities of both roles, narrows the pool of individuals willing and able to serve on the IAOC, and creates the potential for conflicts in cases where the creation of Trust policies requires IAOC oversight. - Requiring that the IAB chair serve on the IAOC overloads the IAB Chair's job responsibilities and narrows the pool of people willing and able to serve as IAB Chair. The same may be true for the IETF Chair. - If we want to look at changing the makeup of the IAOC, we need to have a clear understanding of the roles and responsibilities. Apart from scoping the IAOC well, we need to revisit how we populate the IAOC if we want it to be able to do more than the very thinnest of oversight roles. -- One thing that makes the population difficult is that so few of the people who are appointed can actually be Chair. You're really down to the appointees from the IESG, IAB, and 2 NomCom. One of those 4 people will always be the Chair, and another of those 4 will chair the Trust. Need a way for the community to pick additional people. -- I used to think that it was convenient that the IAOC and Trust were together, but given the IANA stewarship transition issues last year I am no longer of that opinion. I also consider this secondary to more fundamental questions like the structure and funding. -- I agree with what Russ said, and it's important that the people who appoint people choose people who have interest in chairing, otherwise the pool gets smaller. -- +1 to that. And I've been reviewing the paper, and was pleased to see much of this. The ex officios need to be participants, for the extreme context they carry with them. But they just don't have the time, and the way to solve that is to increase the regular membership of the IAOC. - Still collecting comments on the paper, so if you have more, please send them along. 6. Funding issues (20m) Slide; Funding issues - Meeting fees are currently an important source of revenue, but remote participation and other factors may be responsible for declining in-person meeting attendance going forward. Even if fees were charged for remote participation, charging the same for remote and in-person attendance is unlikely to be a viable way to make up the difference. - While there has been a lot of sponsor support for, e.g., meeting hosting, getting support for the full sponsorship program is not easy. The value to sponsors is not always obvious, the IETF community is sometimes critical or unappreciative, and the same sponsors get tapped again and again for many related but different opportunities. - Relying heavily on meeting-based revenue is somewhat at odds with the fact that much of the IETF's work takes place outside of in-person meetings. - The IETF is increasingly relying on professional services to support its activities, causing expenses to grow. - We go back to the same people for support over and over again. How can we get out of that rut and find new companies. What is the right proportion for meeting-based revenue? What are the alternative methods to fund the non-meeting-based activities. Maybe there are things where we need to have things provided professionally, either through staff or contracted efforts. The structure of how we have funded ourselves in the past is in question because the direction we go may not work with that. -- One thing I've thought is that the model where we do look for sponsors is a good way of measuring support in the community. If that starts to dry up, it's probably a symptom of larger problems of us being no longer relevant. -- This issue is one reason why it's good for the IETF to multiple sources of funding to stand on. I also submitted an I-D this morning with my view of the challenges in this space. https://datatracker.ietf.org/doc/draft-arkko-ietf-finance-thoughts/ -- One of the big pieces of the puzzle to me; it's not even the specifics of where the expenses are coming from, but a mismatch between our activities and our funding model. One thing I've observed is that even explaining the need for diversity of funding is more complicated than it needs to be. We need to find a simpler story. - To follow on what Jari said vs what Bob said. If the IETF needs to ensure its ongoing relevance. Diversity is a good thing because it allows you to shift gears. To the question in the chat about registration fees being prohibitive for many, I actually think to the point of relevancy it would be good for the IETF to understand what it's offering. For me it's valuable to stay in touch with the engineers who understand how the Internet works. But I don't know how to tie that back to three meetings a year. I suspect this will never line up perfectly, but that doesn't take away the need for clarity. -- A couple of comments on organizations funding the IETF. We have the global hosts. If you think the level of funding we're getting, $500K a year--if you compare it to open-source projects, we could be getting a lot more money. The best way to support the IETF as an organization is to become a Global Host. But it's not just about money; there is printing T-shirts, social events; have to get the marketing departments involved. I think we could focus on just getting the money, and having someone else worry about the logistic problems. - Getting just the money while continuing to support the things we've come to expect like T-shirts and social events. 7. Parking lot / AOB (10m) - Does anyone have anything they'd like to offer for discussion here? -- I agree with Gonzalo's point having been involved in hosting a meeting. There is extra work involved, but there is a lot of risk as a meeting sponsor if you get anything wrong, and that's expertise IETFers don't have. And to relevance, it seems like there are 2 types of organizations we're looking for--involved in the Internet ecosystem, and those interested in standards. Figuring out how to do outreach to both of those would be helpful. The relevancy is critical to the sponsoship and funding aspects. -- I appreciate everyone who joined the call and contributed their thoughts. Please do continue to send thoughts to the list. There will be draft to capture these discussions. Also a one-hour meeting slot in Chicago to further the discussions.