< draft-iab-for-the-users-01.txt   draft-iab-for-the-users-02.txt >
Internet Architecture Board (IAB) M. Nottingham Internet Architecture Board (IAB) M. Nottingham
Internet-Draft November 18, 2019 Internet-Draft 22 January 2020
Intended status: Informational Intended status: Informational
Expires: May 21, 2020 Expires: 25 July 2020
The Internet is for End Users The Internet is for End Users
draft-iab-for-the-users-01 draft-iab-for-the-users-02
Abstract Abstract
This document explains why the IAB believes the IETF should consider This document explains why the IAB believes the IETF should consider
end users as its highest priority concern, and how that can be done. end users as its highest priority concern, and how that can be done.
Note to Readers Note to Readers
The issues list for this draft can be found at The issues list for this draft can be found at
https://github.com/intarchboard/for-the-users/issuess [1]. https://github.com/intarchboard/for-the-users/issues
(https://github.com/intarchboard/for-the-users/issues).
The most recent (often, unpublished) draft is at The most recent (often, unpublished) draft is at
https://intarchboard.github.io/for-the-users/ [2]. https://intarchboard.github.io/for-the-users/
(https://intarchboard.github.io/for-the-users/).
Recent changes are listed at https://github.com/intarchboard/for-the- Recent changes are listed at https://github.com/intarchboard/for-the-
users/commits/master [3]. users/commits/master (https://github.com/intarchboard/for-the-
users/commits/master).
See also the draft's current status in the IETF datatracker, at See also the draft's current status in the IETF datatracker, at
https://datatracker.ietf.org/doc/draft-iab-for-the-users/ [4]. https://datatracker.ietf.org/doc/draft-iab-for-the-users/
(https://datatracker.ietf.org/doc/draft-iab-for-the-users/).
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 21, 2020. This Internet-Draft will expire on 25 July 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents (https://trustee.ietf.org/
(https://trustee.ietf.org/license-info) in effect on the date of license-info) in effect on the date of publication of this document.
publication of this document. Please review these documents Please review these documents carefully, as they describe your rights
carefully, as they describe your rights and restrictions with respect and restrictions with respect to this document.
to this document.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. What Are "End Users"? . . . . . . . . . . . . . . . . . . . . 3 2. What Are "End Users"? . . . . . . . . . . . . . . . . . . . . 3
3. Why The IETF Should Prioritise End Users . . . . . . . . . . 4 3. Why The IETF Should Prioritise End Users . . . . . . . . . . 4
4. How The IETF Can Prioritise End Users . . . . . . . . . . . . 5 4. How The IETF Can Prioritise End Users . . . . . . . . . . . . 5
4.1. Engaging the Internet Community . . . . . . . . . . . . . 5 4.1. Engaging the Internet Community . . . . . . . . . . . . . 5
4.2. Creating User-Focused Systems . . . . . . . . . . . . . . 7 4.2. Creating User-Focused Systems . . . . . . . . . . . . . . 7
4.3. Designing for Positive User Outcomes . . . . . . . . . . 7 4.3. Identifying Negative End User Impact . . . . . . . . . . 7
4.4. Identifying Negative End User Impact . . . . . . . . . . 8 4.4. Handling Conflicting End User Needs . . . . . . . . . . . 8
4.5. Handling Conflicting End User Needs . . . . . . . . . . . 8 4.5. Deprioritising Internal Needs . . . . . . . . . . . . . . 8
4.6. Deprioritising Internal Needs . . . . . . . . . . . . . . 9 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 6. Security Considerations . . . . . . . . . . . . . . . . . . . 8
6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 7. Informative References . . . . . . . . . . . . . . . . . . . 9
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
7.1. Informative References . . . . . . . . . . . . . . . . . 9
7.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 10 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 10
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
Many who participate in the IETF are most comfortable making what we Many who participate in the IETF are most comfortable making what we
believe to be purely technical decisions; our process is defined to believe to be purely technical decisions; our process is defined to
favor technical merit, through our well-known mantra of "rough favor technical merit, through our well-known mantra of "rough
consensus and running code." consensus and running code."
Nevertheless, the running code that results from our process (when Nevertheless, the running code that results from our process (when
things work well) inevitably has an impact beyond technical things work well) inevitably has an impact beyond technical
skipping to change at page 4, line 24 skipping to change at page 4, line 16
entering a room with sensors that send data to the Internet has entering a room with sensors that send data to the Internet has
interests that may be involved in our deliberations about how those interests that may be involved in our deliberations about how those
sensor readings are handled. sensor readings are handled.
While such less-direct interactions between people and the Internet While such less-direct interactions between people and the Internet
may be harder to evaluate, this document's concept of end-user may be harder to evaluate, this document's concept of end-user
nonetheless includes such people. nonetheless includes such people.
3. Why The IETF Should Prioritise End Users 3. Why The IETF Should Prioritise End Users
The IETF has focused on user needs since [RFC0001], which stated that Even before the IETF was established, the Internet technical
"One of our goals must be to stimulate the immediate and easy use by community has focused on user needs since at least [RFC0001], which
a wide class of users." stated that "One of our goals must be to stimulate the immediate and
easy use by a wide class of users."
And, while we specialise in technical matters, the IETF is not And, while we specialise in technical matters, the IETF is not
neutral about the purpose of its work in developing the Internet; in neutral about the purpose of its work in developing the Internet; in
"A Mission Statement for the IETF" [RFC3935], the definitions "A Mission Statement for the IETF" [RFC3935], the definitions
include: include:
The IETF community wants the Internet to succeed because we The IETF community wants the Internet to succeed because we
believe that the existence of the Internet, and its influence on believe that the existence of the Internet, and its influence on
economics, communication, and education, will help us to build a economics, communication, and education, will help us to build a
better human society. better human society.
skipping to change at page 5, line 14 skipping to change at page 5, line 7
groups of them forming businesses, governments, clubs, civil society groups of them forming businesses, governments, clubs, civil society
organizations, and other institutions. organizations, and other institutions.
Merely advancing the measurable success of the Internet (e.g., Merely advancing the measurable success of the Internet (e.g.,
deployment size, bandwidth, latency, number of users) is not an deployment size, bandwidth, latency, number of users) is not an
adequate goal; doing so ignores how technology is so often used as a adequate goal; doing so ignores how technology is so often used as a
lever to assert power over users, rather than empower them. lever to assert power over users, rather than empower them.
Beyond fulfilling the IETF's mission, prioritising end users also Beyond fulfilling the IETF's mission, prioritising end users also
helps to ensure the long-term health of the Internet and the IETF's helps to ensure the long-term health of the Internet and the IETF's
relevance to it. Perceptions of capture by vendors or other entities relevance to it. Perceptions of capture by vendors or other
harm both; the IETF's work will (deservedly) lose end users' trust if providers harm both; the IETF's work will (deservedly) lose end
it prioritises (or is perceived to prioritise) others' interests over users' trust if it prioritises (or is perceived to prioritise)
them. others' interests over them.
Ultimately, the Internet will succeed or fail based upon the actions Ultimately, the Internet will succeed or fail based upon the actions
of its users, because they are the driving force behind its growth to of its users, because they are the driving force behind its growth to
date. Not prioritising them jeopardizes the network effect which the date. Not prioritising them jeopardizes the network effect which the
Internet relies upon to provide so much value. Internet relies upon to provide so much value.
4. How The IETF Can Prioritise End Users 4. How The IETF Can Prioritise End Users
There are a few ways that the IAB believes the IETF community can There are a few ways that the IAB believes the IETF community can
prioritise end users, based upon our observations. By its nature, prioritise end users, based upon our observations. By its nature,
skipping to change at page 6, line 19 skipping to change at page 6, line 10
incomplete (and sometimes inaccurate) models. Often, even when we incomplete (and sometimes inaccurate) models. Often, even when we
try to engage a broader audience, their participation is minimal - try to engage a broader audience, their participation is minimal -
until a change affects someone in a way they don't like. Surprising until a change affects someone in a way they don't like. Surprising
the Internet community is rarely a good outcome. the Internet community is rarely a good outcome.
Government representatives sometimes participate in the IETF Government representatives sometimes participate in the IETF
community. While this is welcome, it should not be taken as community. While this is welcome, it should not be taken as
automatically representative of end users elsewhere, or even all end automatically representative of end users elsewhere, or even all end
users in the relevant jurisdiction. Furthermore, what is desirable users in the relevant jurisdiction. Furthermore, what is desirable
in one jurisdiction (or at least to its administrators) might be in one jurisdiction (or at least to its administrators) might be
detrimental in others (see Section 4.5). detrimental in others (see Section 4.4).
While some civil society organisations specialise in technology and While some civil society organisations specialise in technology and
Internet policy, they typically do not have the capacity to Internet policy, they typically do not have the capacity to
participate broadly, nor are they necessarily representative of the participate broadly, nor are they necessarily representative of the
larger Internet community. Nevertheless, their understanding of end larger Internet community. Nevertheless, their understanding of end
user needs is often profound, and they are in many ways the most user needs is often profound, and they are in many ways the most
representative advocates for end user concerns; they should be representative advocates for end user concerns; they should be
considered a primary channel for engaging the broader Internet considered a primary channel for engaging the broader Internet
community. community.
skipping to change at page 7, line 23 skipping to change at page 7, line 14
4.2. Creating User-Focused Systems 4.2. Creating User-Focused Systems
We should pay particular attention to the kinds of architectures we We should pay particular attention to the kinds of architectures we
create, and whether they encourage or discourage an Internet that create, and whether they encourage or discourage an Internet that
works for end users. works for end users.
For example, one of the most successful Internet applications is the For example, one of the most successful Internet applications is the
Web. One of its key implementation roles is that of the Web browser - Web. One of its key implementation roles is that of the Web browser -
called the User Agent in [RFC7230] and other specifications. Because called the User Agent in [RFC7230] and other specifications. Because
there is more than one implementation of the standards that specify a there are multiple interoperable implementations, users can switch
Web browser, there is a natural competition between them to do with relatively low costs, and as a result there is a natural
carefully consider the user's needs as an agent. As a result, Web tendency to more carefully consider the user's needs as an agent.
browsers' interests are better aligned with those of their users, This leads to Web browsers' interests being better aligned with those
creating an ecosystem that is positively user-focused. of their users, creating an ecosystem that is more user-focused (even
if there are serious challenges in it regarding the balance of power
between implementations and the barrier to entry for new
implementations).
In contrast, the Internet of Things (IoT) has not yet seen the In contrast, the Internet of Things (IoT) has not yet seen the
emergence of a natural role for representing the needs of the end emergence of a natural role for representing the needs of the end
user. Perhaps as a result of this, that ecosystem and its users face user. Perhaps as a result of this, that ecosystem and its users face
serious challenges. serious challenges.
We should also create explicit roles for users in our protocols where We should also create explicit roles for users in our protocols where
appropriate, and respect them. appropriate, and respect them.
4.3. Designing for Positive User Outcomes 4.3. Identifying Negative End User Impact
The Internet's users are heterogeneous; they have different access
characteristics (latency, available bandwidth, reliability), contexts
(economic, social, and political), and different characteristics
(languages spoken and read, cognitive and physical abilities).
The issues involved in serving them well are often not singular in
nature; they often require multiple solutions. While the network
effects of a single solution might be significant, this should not
stop us from meeting user needs with multiple solutions if they are
necessary.
However, this is not a reason to introduce alternative mechanisms
that are harmful; see Section 4.5.
4.4. Identifying Negative End User Impact
At its best, our work will unambiguously promote the collective At its best, our work will unambiguously promote the collective
social good. In some cases, we will consciously decide to be neutral social good. In some cases, we will consciously decide to be neutral
and open-ended, allowing the "tussle" among stakeholders to produce a and open-ended, allowing the "tussle" among stakeholders to produce a
range of results (see [TUSSLE] for further discussion). range of results (see [TUSSLE] for further discussion).
At the very least, however, we must examine our work for negative At the very least, however, we must examine our work for negative
impact on end users, and take steps to mitigate it where encountered. impact on end users, and take steps to mitigate it where encountered.
In particular, when we've identified a conflict between the interests In particular, when we've identified a conflict between the interests
of end users and other stakeholders, we should err on the side of of end users and other stakeholders, we should err on the side of
skipping to change at page 8, line 40 skipping to change at page 8, line 17
Much of that advice has focused on maintaining the end-to-end Much of that advice has focused on maintaining the end-to-end
properties of a connection [RFC3724]. This does not mean that our properties of a connection [RFC3724]. This does not mean that our
responsibility to users stops there; decisions might affect users in responsibility to users stops there; decisions might affect users in
other ways. For example, data collection by various applications other ways. For example, data collection by various applications
even inside otherwise secure connections is a major problem on the even inside otherwise secure connections is a major problem on the
Internet today. Also, inappropriate concentration of power on the Internet today. Also, inappropriate concentration of power on the
Internet has become a concerning phenomenon - one that protocol Internet has become a concerning phenomenon - one that protocol
design might have some influence upon. design might have some influence upon.
4.5. Handling Conflicting End User Needs 4.4. Handling Conflicting End User Needs
When the needs of different end users conflict (for example, two sets When the needs of different end users conflict (for example, two sets
of end users both have reasonable desires) we again should try to of end users both have reasonable desires) we again should try to
minimise negative impact. minimise negative impact.
For example, when a decision improves the Internet for end users in For example, when a decision improves the Internet for end users in
one jurisdiction, but at the cost of potential harm to others one jurisdiction, but at the cost of potential harm to others
elsewhere, that is not a good tradeoff. As such, we effectively elsewhere, that is not a good tradeoff. As such, we effectively
design the Internet for the pessimal environment; if a user can be design the Internet for the pessimal environment; if a user can be
harmed, they probably will be, somewhere. harmed, they probably will be, somewhere.
There may be cases where genuine technical need requires compromise. There may be cases where genuine technical need requires compromise.
However, such tradeoffs are carefully examined and avoided when there However, such tradeoffs are carefully examined and avoided when there
are alternate means of achieving the desired goals. If they cannot are alternate means of achieving the desired goals. If they cannot
be, these choices and reasoning ought to be thoroughly documented. be, these choices and reasoning ought to be thoroughly documented.
4.6. Deprioritising Internal Needs 4.5. Deprioritising Internal Needs
There are a number of needs that are very visible to us as There are a number of needs that are very visible to us as
specification authors, but should explicitly not be prioritised over specification authors, but should explicitly not be prioritised over
the needs of end users. the needs of end users.
These include: convenience for document editors, IETF process These include: convenience for document editors, IETF process
matters, and "architectural purity". matters, and "architectural purity" for its own sake.
5. IANA Considerations 5. IANA Considerations
This document does not require action by IANA. This document does not require action by IANA.
6. Security Considerations 6. Security Considerations
This document does not have any direct security impact; however, This document does not have any direct security impact; however,
failing to prioritise end users might well affect their security failing to prioritise end users might well affect their security
negatively in the long term. negatively in the long term.
7. References 7. Informative References
7.1. Informative References
[RFC0001] Crocker, S., "Host Software", RFC 1, DOI 10.17487/RFC0001, [RFC0001] Crocker, S., "Host Software", RFC 1, DOI 10.17487/RFC0001,
April 1969, <https://www.rfc-editor.org/info/rfc1>. April 1969, <https://www.rfc-editor.org/info/rfc1>.
[RFC3724] Kempf, J., Ed., Austein, R., Ed., and IAB, "The Rise of [RFC3724] Kempf, J., Ed., Austein, R., Ed., and IAB, "The Rise of
the Middle and the Future of End-to-End: Reflections on the Middle and the Future of End-to-End: Reflections on
the Evolution of the Internet Architecture", RFC 3724, the Evolution of the Internet Architecture", RFC 3724,
DOI 10.17487/RFC3724, March 2004, DOI 10.17487/RFC3724, March 2004,
<https://www.rfc-editor.org/info/rfc3724>. <https://www.rfc-editor.org/info/rfc3724>.
skipping to change at page 10, line 36 skipping to change at page 10, line 8
Nordmark, "Technical Considerations for Internet Service Nordmark, "Technical Considerations for Internet Service
Blocking and Filtering", RFC 7754, DOI 10.17487/RFC7754, Blocking and Filtering", RFC 7754, DOI 10.17487/RFC7754,
March 2016, <https://www.rfc-editor.org/info/rfc7754>. March 2016, <https://www.rfc-editor.org/info/rfc7754>.
[TUSSLE] Clark, D., Sollins, K., Wroclawski, J., and R. Braden, [TUSSLE] Clark, D., Sollins, K., Wroclawski, J., and R. Braden,
"Tussle in Cyberspace: Defining Tomorrow's Internet", "Tussle in Cyberspace: Defining Tomorrow's Internet",
2002, 2002,
<http://groups.csail.mit.edu/ana/Publications/PubPDFs/ <http://groups.csail.mit.edu/ana/Publications/PubPDFs/
Tussle2002.pdf>. Tussle2002.pdf>.
7.2. URIs
[1] https://github.com/intarchboard/for-the-users/issuess
[2] https://intarchboard.github.io/for-the-users/
[3] https://github.com/intarchboard/for-the-users/commits/master
[4] https://datatracker.ietf.org/doc/draft-iab-for-the-users/
Appendix A. Acknowledgements Appendix A. Acknowledgements
This document was influenced by many discussions, both inside and This document was influenced by many discussions, both inside and
outside of the IETF and IAB. In particular, Edward Snowden's outside of the IETF and IAB. In particular, Edward Snowden's
comments regarding the priority of end users at IETF 93 and the HTML5 comments regarding the priority of end users at IETF 93 and the HTML5
Priority of Constituencies were both influential. Priority of Constituencies were both influential.
Thanks to Sandra Braman for her insightful overview of the RFC series
from a legal perspective.
Many people gave feedback and input, including Harald Alvestrand, Many people gave feedback and input, including Harald Alvestrand,
Mohamed Boucadair, Stephen Farrell, Joe Hildebrand, Lee Howard, Russ Mohamed Boucadair, Stephen Farrell, Joe Hildebrand, Lee Howard, Russ
Housley, Niels ten Oever, Mando Rachovitsa, Martin Thomson, Brian Housley, Niels ten Oever, Mando Rachovitsa, Martin Thomson, Brian
Trammell, John Klensin, Eliot Lear, Ted Hardie, and Jari Arkko. Trammell, John Klensin, Eliot Lear, Ted Hardie, and Jari Arkko.
Author's Address Author's Address
Mark Nottingham Mark Nottingham
Email: mnot@mnot.net Email: mnot@mnot.net
 End of changes. 23 change blocks. 
73 lines changed or deleted 46 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/