RE: How many standards or protocols...
Money money money... Is that what all these businesses think about? What is cheapest? Not all, but the vast majority. The IETF standards were and are compiled by voluntary contributions, approved and revised by other voluntary contributions. Therefor, you can say that the internet is run by volunteers. I personally believe that it is amazing that volunteers cooperate with each other to this extent. I would say that the internet is one of the most complex things developed. Fiber and wire running across the world, connecting most computers together. Complex, successful, and run by volunteers. Welcome to the IETF :-D -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jan Meijer Sent: Monday, May 06, 2002 5:51 PM To: [EMAIL PROTECTED] Cc: todd glassey; [EMAIL PROTECTED] Subject: Re: How many standards or protocols... Over in Detroit, they design cars. They do a *LOT* of market research. Market research may say that 75% of people interested in a certain model car would be interested in a rear spoiler - but it would be quite negligent to let the market researchers decide what size bolts to use to attach it to the car, wouldn't it? Market researchers and the like were the ones that decided just waiting for lawsuits to come along and pay damages would be cheaper then getting all the vehicles back and replace the all-to-easily-exploding-gastank. This is just one example that shows that the ethics of marketing and management persons can be...different. It is quite safe to say they are generally devoted to making money, not technically sound products. If by sheer coincidence a technical soundness would imply more money are they prepared to 'go for the best'. It may be informative to go read the list of authors of the RFCs that come out of that area, and ask yourself if your army of salespeople understands security better than they do. You might also want to go read Bruce Schneier's Secrets and Lies and/or Applied Cryptography, and learn why proprietary security solutions are rarely, if ever, secure. And, while at it, think about the reason why so many closed-source-software-administrators are patching their software all the time. Not because that software has been designed so thouroughly. It would not be because marketing and management has forced them to push something out while it had not been properly finished and tested, now would it? I'm quite happy with the IETF process. It has produced the Internet, which is one of the most complex constructs on this planet. And it works. Jan
Re: How many standards or protocols...
Over in Detroit, they design cars. They do a *LOT* of market research. Market research may say that 75% of people interested in a certain model car would be interested in a rear spoiler - but it would be quite negligent to let the market researchers decide what size bolts to use to attach it to the car, wouldn't it? Market researchers and the like were the ones that decided just waiting for lawsuits to come along and pay damages would be cheaper then getting all the vehicles back and replace the all-to-easily-exploding-gastank. This is just one example that shows that the ethics of marketing and management persons can be...different. It is quite safe to say they are generally devoted to making money, not technically sound products. If by sheer coincidence a technical soundness would imply more money are they prepared to 'go for the best'. It may be informative to go read the list of authors of the RFCs that come out of that area, and ask yourself if your army of salespeople understands security better than they do. You might also want to go read Bruce Schneier's Secrets and Lies and/or Applied Cryptography, and learn why proprietary security solutions are rarely, if ever, secure. And, while at it, think about the reason why so many closed-source-software-administrators are patching their software all the time. Not because that software has been designed so thouroughly. It would not be because marketing and management has forced them to push something out while it had not been properly finished and tested, now would it? I'm quite happy with the IETF process. It has produced the Internet, which is one of the most complex constructs on this planet. And it works. Jan
Re: How many standards or protocols...
When all you have is a hammer, every problem looks like a nail is needed. John Stracke wrote: IMHO, people are people. Whether they are in sales or engineering or management or in Marketing or communication, it does not matter!! When you ask someone to do a job, it does matter what job they know how to do. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Sleep is for wimps--healthy, well-adjusted wimps, but wimps| |nonetheless. | \===/ -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
Re: How many standards or protocols...
Absolutely and they are competent to do whatever they are competent to do... Todd - Original Message - From: Sabharwal, Atul [EMAIL PROTECTED] To: [EMAIL PROTECTED]; todd glassey [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, May 03, 2002 11:52 AM Subject: RE: How many standards or protocols... IMHO, people are people. Whether they are in sales or engineering or management or in Marketing or communication, it does not matter!! Some basic values make the difference. Same with whether they are in industry or in school!! Approach is the key. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 8:55 AM To: todd glassey Cc: [EMAIL PROTECTED] Subject: Re: How many standards or protocols... On Fri, 03 May 2002 06:57:45 PDT, todd glassey said: real-world for you... Letting a technologist blindly develop a protocol that is supposed to work in a commercial world is in my opinion more dangerous that allowing the salesperson to design a protocol for the technical world to solve a problem that they are faced with on a daily basis. Especially as the IETF Find me a sales person who understands security well enough to do a better job than IPSec, and then we'll talk. Find me a sales person who understands routing issues well enough to do a better job than BGP, and then we'll talk. TSG: But isn't the requirements document most of the design in most instances? If you cant define the need then the protocol definition is at best speculative and ambiguous. I never said that the sales people shouldn't be contributing the requirements. I said they shouldn't be designing the protocol. Over in Detroit, they design cars. They do a *LOT* of market research. Market research may say that 75% of people interested in a certain model car would be interested in a rear spoiler - but it would be quite negligent to let the market researchers decide what size bolts to use to attach it to the car, wouldn't it? TSG: perhaps. But I am not clear that the IETF should produce anything other than recommendations. That Internet Standards and anything above an RFC is fodder for a more regimented and audited group. Anybody who thinks the IETF does anything other than recommend doesn't understand the IETF at all. TSG: But who here in the IETF has done commercial security analysis or legal analysis of what the use models for a Protocol does? Erm... Jeff, Steve - will you wave hello to the nice gentleman, and explain to him about the Security area within the IESG? ;) It may be informative to go read the list of authors of the RFCs that come out of that area, and ask yourself if your army of salespeople understands security better than they do. You might also want to go read Bruce Schneier's Secrets and Lies and/or Applied Cryptography, and learn why proprietary security solutions are rarely, if ever, secure. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
RE: How many standards or protocols...
The question is how you determine what *job* someone knows how to do. It's all about perception. Again rating someone's performance is also a perception. Lots of people thrive in the grey areas. That is a problem though!! IMHO, approach to the job makes a big difference. People can learn and can slack off. Persistence does help. So, does motivation. -Original Message- From: John Stracke [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 12:38 PM To: [EMAIL PROTECTED] Subject: RE: How many standards or protocols... IMHO, people are people. Whether they are in sales or engineering or management or in Marketing or communication, it does not matter!! When you ask someone to do a job, it does matter what job they know how to do. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Sleep is for wimps--healthy, well-adjusted wimps, but wimps| |nonetheless. | \===/
Re: How many standards or protocols...
We'd be very foolish to have a policy on this. It all depends on the particular case, and sometimes it's better to let Darwinian selection make the choice. Sometimes (as for IPvN) it is clearly required to make a choice in advance. This is not an official answer. Brian Harald Tveit Alvestrand wrote: --On 15. april 2002 19:55 -0700 todd glassey [EMAIL PROTECTED] wrote: Harald - what is the IETF's policy on this question. How many of any one protocol will the IETF allow to be push through to standard. And the IESG? Is it that there is only one standard for each type of protocol or what? This is an official resuest, Since this is an official request asking for what the IETF will allow, I think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] The obvious (but meaningless) answer is as many as needed. Speaking for myself, I think it would be foolish of the IETF to create a hard rule about this question - the circumstances may differ a lot. Consider a few multiple protocol scenarios the IETF has faced recently. - In the IPNG discussions, we decided to pursue IPv6 only. - In the SNMP vs CMOT discussions, we decided to pursue two approaches. One died, the other remains. - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. Both survive, with little apparent harm to the community. - In the SNMPv2 discussions, we decided to pursue one, then to pursue multiple and let the market decide, and then to pursue one again. - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. One seems to be winning, but the market has not decided yet. - In the PGP vs S/MIME discussions, we decided to pursue two, arguing that they have different fields of applicability. Both survive so far, but neither has become ubiquitous. When we pursue multiple approaches, there is one very hard question - which is when we take the decision to drop the pursuit of one approach. Sooner or later the answer is usually obvious. But the cost of pursuit is substantial; it would often be advantageous to concentrate on one as soon as one is clearly superior to the others. I'd like to hear the IETF community's input on the topic. Harald PS: The mail being responded to was addressed to the chair of the IETF in his IETF role, and is thus a contribution under the terms of the NOTE WELL statement you've all seen.
Re: How many standards or protocols...
My personal opinions on the matter of when should we allow multiple protocols for the same thing are roughly: 1) No hard and fast rule will work. This is something the relevant ADs, and sometimes the whole IESG, must judge. 2) It is reasonable to allow two (or even more) protocols when they have clear and distinct areas of applicability. Thus, while I may technically like a routing solution that applies to intra and inter domain, it is quite reasonable from a standardization perspective to have two different protocols for the two spaces. 3) History is relevant. We frequently get solutions evolving independently that turn out to have significant overlap. It requires significant care to determinewhat should be used, when, and how. Often, this will require allowing more than one standard for a time while we determine what works, is technically complete, ... In general, multiple protocols for the exact same thing are a bad idea. Translating that into practice is complicated. Yours, Joel M. Halpern At 07:34 AM 4/16/2002 +0200, Harald Tveit Alvestrand wrote: --On 15. april 2002 19:55 -0700 todd glassey [EMAIL PROTECTED] wrote: Harald - what is the IETF's policy on this question. How many of any one protocol will the IETF allow to be push through to standard. And the IESG? Is it that there is only one standard for each type of protocol or what? This is an official resuest, Since this is an official request asking for what the IETF will allow, I think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] The obvious (but meaningless) answer is as many as needed. Speaking for myself, I think it would be foolish of the IETF to create a hard rule about this question - the circumstances may differ a lot. Consider a few multiple protocol scenarios the IETF has faced recently. - In the IPNG discussions, we decided to pursue IPv6 only. - In the SNMP vs CMOT discussions, we decided to pursue two approaches. One died, the other remains. - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. Both survive, with little apparent harm to the community. - In the SNMPv2 discussions, we decided to pursue one, then to pursue multiple and let the market decide, and then to pursue one again. - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. One seems to be winning, but the market has not decided yet. - In the PGP vs S/MIME discussions, we decided to pursue two, arguing that they have different fields of applicability. Both survive so far, but neither has become ubiquitous. When we pursue multiple approaches, there is one very hard question - which is when we take the decision to drop the pursuit of one approach. Sooner or later the answer is usually obvious. But the cost of pursuit is substantial; it would often be advantageous to concentrate on one as soon as one is clearly superior to the others. I'd like to hear the IETF community's input on the topic. Harald PS: The mail being responded to was addressed to the chair of the IETF in his IETF role, and is thus a contribution under the terms of the NOTE WELL statement you've all seen.
Re: How many standards or protocols...
- Original Message - From: Harald Tveit Alvestrand [EMAIL PROTECTED] To: todd glassey [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, April 15, 2002 10:34 PM Subject: Re: How many standards or protocols... --On 15. april 2002 19:55 -0700 todd glassey [EMAIL PROTECTED] wrote: Harald - what is the IETF's policy on this question. How many of any one protocol will the IETF allow to be push through to standard. And the IESG? Is it that there is only one standard for each type of protocol or what? This is an official resuest, Since this is an official request asking for what the IETF will allow, I think it is best to ask the IETF community. Thus the CC to [EMAIL PROTECTED] The obvious (but meaningless) answer is as many as needed. then who makes that decision? You or the WG Chairs? The AD's??? Speaking for myself, I think it would be foolish of the IETF to create a hard rule about this question - the circumstances may differ a lot. Consider a few multiple protocol scenarios the IETF has faced recently. I agree personally. - In the IPNG discussions, we decided to pursue IPv6 only. but if someone wanted to, would you have allowed them to persue a IPv4 variant? - In the SNMP vs CMOT discussions, we decided to pursue two approaches. One died, the other remains. Yes - Funny how the commercial industry is about that!. - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. Both survive, with little apparent harm to the community. And they both offer cricital boundry routhing capabilities - and most Router manufacturers support both protocols as far as I can tell. - In the SNMPv2 discussions, we decided to pursue one, then to pursue multiple and let the market decide, and then to pursue one again. - In the case of CR-LDP vs RSVP-TE, we seem to be pursuing two. One seems to be winning, but the market has not decided yet. - In the PGP vs S/MIME discussions, we decided to pursue two, arguing that they have different fields of applicability. Both survive so far, but neither has become ubiquitous. When we pursue multiple approaches, there is one very hard question - which is when we take the decision to drop the pursuit of one approach. But why is the question? If there are people actively working on the effort and they want to continue, why is the management making any decisions as to which protocols to push? Sooner or later the answer is usually obvious. But the cost of pursuit is substantial; it would often be advantageous to concentrate on one as soon as one is clearly superior to the others. The cost of persuits is not borne by the IETF though so what's the point? Why should the WG constrain any effort over another? This is a curiosity of mine, that being why a WG should have squat to say at the management level about the content of its protocols, only whether they are completed and elevated to the next level or not. This is the core flaw in the IETF's process. The WG Chairs need an arms length from each of the protocol efforts and to act as mentors for all the projects that have committed participants. They are not the ones to decide what the WG will and will not focus on, its membership is. As to the actual content and form of the protocols themselves, the content and form is up to the contributors and those actively involved in the vetting process. So I would like to pose the question why then should any WG Management have anything to say about which protocols are done in their groups?. Several have said to me that they need this ability to drive focus into the group. The problem is that there is no formal definition as to what that focus is. Also it needs to be stated that WG participants are not labor sources for the WG Chair to allocate, they are participants and are all equal before the IESG - or should be at least. I'd like to hear the IETF community's input on the topic. Harald Me too!. PS: The mail being responded to was addressed to the chair of the IETF in his IETF role, and is thus a contribution under the terms of the NOTE WELL statement you've all seen. Thanks Harald for the immediate response. Todd Glassey
Re: How many standards or protocols...
then who makes that decision? You or the WG Chairs? The AD's??? The IETF as a community, depending on rough consensus. If the rough consensus is that there will be multiple protocols, then then there will be. If not, then not. Rough also means not everyone will agree with the decision. But why is the question? If there are people actively working on the effort and they want to continue, why is the management making any decisions as to which protocols to push? There must be sufficient support for the effort and that must be rough consensus. People activiely (solo or team) working is not enough. The cost of persuits is not borne by the IETF though so what's the point? Why should the WG constrain any effort over another? This is a curiosity of mine, that being why a WG should have squat to say at the management level about the content of its protocols, only whether they are completed and elevated to the next level or not. This is the core flaw in the IETF's process. The WG Chairs need an arms length from each of the protocol efforts and to act as mentors for all the projects that have committed participants. They are not the ones to decide what the WG will and will not focus on, its membership is. In an ideal situation, the wg chairs would make decision based on what he determined as a rough consensus of the working group. It is typical that a handful of people will disagreed with the decision anyway but a loud voice doesn't mean you'll get your way. But if there are sufficient people who disagreed with the decision of the chairs, then the chairs have failed to determine the rough consensus. That decision will be overturned. It does not matter what the contributions the working group chairs made, what protocol they supports, what they thinks or what they eat last week *as long* as the final decision represent a rough consensus of the group. If you think the wg chairs should be arms length and mentoring role, you should be looking elsewhere, not IETF. As to the actual content and form of the protocols themselves, the content and form is up to the contributors and those actively involved in the vetting process. So I would like to pose the question why then should any WG Management have anything to say about which protocols are done in their groups?. Why not? Does been a wg chairs means he/she have to stop been a contributor? Several have said to me that they need this ability to drive focus into the group. The problem is that there is no formal definition as to what that focus is. Check your working group charter. Also it needs to be stated that WG participants are not labor sources for the WG Chair to allocate, they are participants and are all equal before the IESG - or should be at least. I think that is why the wg chairs are paid big bucks by the IETF ;-) Big bucks as in a *BIG* zero with all-expenses-on-your-own deal. I'd like to hear the IETF community's input on the topic. Harald Me too!. I think you should try to keep your disagree with the chairs within your own working group. Also look into RFC2026 on the appealing process. -James Seng
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 10:46 , todd glassey wrote: - In the OSPF vs IS-IS discussions, we decided to pursue two approaches. Both survive, with little apparent harm to the community. And they both offer cricital boundry routhing capabilities - and most Router manufacturers support both protocols as far as I can tell. Note well that IS-IS is *not* an IETF standard. It is an ISO standard. The IETF IS-IS WG only generates Informational RFCs which are formally just contributions to the ISO IS-IS standards group. ISO retains change control over the IS-IS protocol standards. The IETF picked OSPF. Certain vendors pushed IS-IS onto large ISP customers, during the mid-90s, in part to give themselves a proprietary advantage (at the time only 1 or 2 vendors had a solid IS-IS implementation). Over time, other vendors desiring to compete in the ISP market segment shipped IS-IS in addition to OSPF. Quality of implementation of IS-IS remains highly variable today, IMHO. But why is the question? If there are people actively working on the effort and they want to continue, why is the management making any decisions as to which protocols to push? Interoperability would be one good answer. Having a consistent Internet Architecture is another. Other reasons also exist. The cost of persuits is not borne by the IETF though so what's the point? Disagree. Cost of having any WG is actually pretty high for the IETF. It is pretty strongly desirable to minimise the number of active WGs, IMHO, for reasons of the operational load. That said, I think much of the community expects decisions to be made to pick one approach over another approach when the two overlap a great deal. And number me among those who think that there ought not be a hard and fast rule on this topic. Instead, local circumstances should be a major factor in deciding whether to permit competing efforts to exist within the IETF. (Of course vendor consortia could be created to take on stuff the IETF chooses not to take on.) I don't plan to get into an extended dialogue about this, so I plan not to respond to followup postings. Ran [EMAIL PROTECTED]
Re: How many standards or protocols...
The IETF picked OSPF. Certain vendors pushed IS-IS onto large ISP customers, during the mid-90s, in part to give themselves a proprietary advantage (at the time only 1 or 2 vendors had a solid IS-IS implementation). puhleeze! is-is worked at scale. ospf did not. heck, when most large isps were starting (late '80s and early '90s), ospf barely worked at all. and perhaps one should not accuse a company of a proprietary advantage for implementing a well-known standardized protocol. but it sure is cheering to see that old wars and old warriors are not dead. randy
Re: How many standards or protocols...
What is the case is that each WG Chair gets to decide what concensus is for their WG Not really; they can be overruled or replaced. The problem with the operations is that the rules change form group to group and this has serious technical and financial implications for anyone trying to mount a standards effort as part of a product release or market development activity. Anybody tying a product release schedule to completion of a standard is already taking an unwarranted risk. They're placing their company's future in the hands of outsiders who owe that company nothing. This is the case no matter where the standard is coming from; the IETF's volunteer nature just exaggerates the effect. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Any sufficiently rigged demo is indistinguishable from advanced| |technology.| \===/
Re: How many standards or protocols...
On Monday, April 15, 2002, at 10:34 PM, Harald Tveit Alvestrand wrote: [...] I'd like to hear the IETF community's input on the topic. [...] This is a matter of politics, philosophy and economics (PPE). Asking engineers to comment on such things is nice-- we're so often left out of such discussions. Here's what I think: asking this question is like asking, how many units of currency and instruments of payment does the world need? The answer depends on your theories of PPE. If I could measure the sovereignty of the IETF as a political organization, I'd say it's a function of 1) the value of the networks defined by the standard protocols it has produced to the present, and 2) the forecasted increase in value derived from the standards the world expects it will produce in the future. The obvious (but meaningless) answer is as many as needed. Please allow me to speculate that what the Chair meant to say was as many or as few as will serve to optimize the present and future value of the Internet. The more interesting question is whether the IETF process is well suited to finding the right number of standards or protocols for any given purpose. On *that* subject, I will demure to wiser and older hands than myself. For now, anyway. -- j h woodyatt [EMAIL PROTECTED]
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 01:01 , todd glassey wrote: The problem James is that this is just not the case. What is the case is that each WG Chair gets to decide what concensus is for their WG and that is wrong. It is the role of the WG chair(s) to determine rough consensus. If one disagrees, there is a well-documented appeal process. Consensus necessarily is sometimes more rough than other times. I'm quite happy with the way it is. And by the way, the IETF doesn't recognise organisational members, just individuals. And I like that aspect as well. Clearly your mileage varies. Ran
Re: How many standards or protocols...
On Tuesday, April 16, 2002, at 02:43 , Christian Huitema wrote: Fine, but Randy is also right when he points out that just because a spec is not an IETF standard does not mean that the spec is proprietary. Christian, As deployed IS-IS is not fully documented *anyplace*. What is actually deployed is not the same as ISO IS-IS, nor is it the same as RFC-1195, nor are those 2 documents (and a few other more recent RFCs) sufficient to create an interoperable IS-IS. Proprietary is a commonly used term to describe something that does not have a full, complete, and open specification -- which is the current state of IS-IS. Now folks (including me) are trying to fix that issue by publishing sundry non-standard RFCs on how the as-deployed IS-IS really works (which effort is to be applauded). But the bottom-line remains that *today* the as-deployed IS-IS and the documented IS-IS aren't the same. I wish they were. Now the original point was someone else's inaccurate claim that the IETF let both IS-IS and OSPF bloom, when really the IETF originally chose OSPF -- and IS-IS made a separate come-back in the deployed world during the mid-90s. Cheers, Ran [EMAIL PROTECTED]
Re: How many standards or protocols...
this is a standards organization and not a place where we decide who we like and which of their projects we are going to allow to come through us today and not. That's not the way any other GLOBAL standards orgs work. Which globe are you talking about? On this one, that's *exactly* the way standards bodies work. Go to the ITU and propose your pet project; see how far you get. You'll need corporate backing, at the very least. A group that approved any spec proposed to it wouldn't be a standards body at all; it'd be a vanity publishing house. /===\ |John Stracke|Principal Engineer| |[EMAIL PROTECTED] |Incentive Systems, Inc. | |http://www.incentivesystems.com |My opinions are my own. | |===| |Dave Barry for President! He'll Keep Dan Quayle. (OK, it's old)| \===/
Re: How many standards or protocols...
Bob Hinden wrote: Ran, Proprietary is a commonly used term to describe something that does not have a full, complete, and open specification -- which is the current state of IS-IS. Now folks (including me) are trying to fix that issue by publishing sundry non-standard RFCs on how the as-deployed IS-IS really works (which effort is to be applauded). But the bottom-line remains that *today* the as-deployed IS-IS and the documented IS-IS aren't the same. I wish they were. I am glad to hear this activity is going on. Regarding your definition of proprietary. From Merriam-Webster Online at http://www.m-w.com/ : Main Entry: 1pro·pri·e·tary Pronunciation: pr-'prI--ter-E Function: noun Inflected Form(s): plural -tar·ies Date: 15th century 1 : one that possesses, owns, or holds exclusive right to something; specifically : PROPRIETOR 1 2 : something that is used, produced, or marketed under exclusive legal right of the inventor or maker; specifically : a drug (as a patent medicine) that is protected by secrecy, patent, or copyright against free competition as to name, product, composition, or process of manufacture 3 : a business secretly owned by and run as a cover for an intelligence organization This matches my view that proprietary has more to do with ownership than the availability of open specifications. A protocol can have open specifications, but still be proprietary. For example prior to Sun Microsystems giving change control of NFS and RPC to the IETF, NFS and RPC had open specifications (and there were independent inter-operable implementations), but were still proprietary. open is ambiguous: (A) visible, i.e., documented (PDF and PS qualify) (B) able to be modified (PDF and PS do not qualify) E.g., Adobe's PDF and PostScript are both (A) but not (B). proprietary can (as per definition above) apply to either, and thus cannot be used to exclusively denote case (A). Joe