IETF
GNAP
gnap@jabber.ietf.org
Friday, March 25, 2022< ^ >
Room Configuration
Room Occupants

GMT+0
[08:31:38] Meetecho joins the room
[08:45:07] Gabriela Baerje_web_858 joins the room
[08:45:07] Bo-Xue Huang_web_305 joins the room
[08:47:24] Yaron Sheffer_web_622 joins the room
[08:49:59] Alessandro Toppi_web_103 joins the room
[08:53:12] Leif Johansson_web_606 joins the room
[08:53:20] Leif Johansson_web_606 leaves the room
[08:53:24] Leif Johansson_web_481 joins the room
[08:53:34] Roman Danyliw_web_159 joins the room
[08:53:54] Leif Johansson_web_481 leaves the room
[08:53:56] Aaron Parecki_web_792 joins the room
[08:53:58] Leif Johansson_web_967 joins the room
[08:54:09] Leif Johansson_web_967 leaves the room
[08:54:13] Leif Johansson_web_866 joins the room
[08:55:02] fabien imbault_web_502 joins the room
[08:56:15] Roman Danyliw_web_159 leaves the room
[08:56:43] George Fletcher_web_907 joins the room
[08:57:37] Ralf Weber_web_937 joins the room
[08:58:13] aaronpk joins the room
[08:58:30] <Leif Johansson_web_866> any voluneers for note-taking today?
[08:58:35] Christopher Inacio_web_684 joins the room
[08:58:59] Kohei Isobe_web_630 joins the room
[08:59:15] Ralf Weber_web_937 leaves the room
[08:59:34] Paolo Saviano_web_206 joins the room
[08:59:45] Aaron Parecki_web_792 leaves the room
[08:59:57] aaronpk joins the room
[08:59:57] Aaron Parecki_web_229 joins the room
[09:00:01] Mark McFadden_web_652 joins the room
[09:00:25] Justin Richer_web_844 joins the room
[09:01:04] <Christopher Inacio_web_684> sure
[09:01:18] <Yaron Sheffer_web_622> Thanks!
[09:01:32] Valery Smyslov_web_283 joins the room
[09:02:09] Peter Yee_web_333 joins the room
[09:04:23] <Christopher Inacio_web_684> hot mic
[09:04:31] <Christopher Inacio_web_684> @meetecho hot mic
[09:05:12] Benjamin Kaduk_web_409 joins the room
[09:05:21] <Meetecho> Better now?
[09:05:22] Paolo Saviano_web_206 leaves the room
[09:05:30] David Waite_web_508 joins the room
[09:05:37] <aaronpk> no, maybe justin should step back from the mic a bit? it’s still distorted
[09:05:37] Paolo Saviano_web_191 joins the room
[09:05:39] kaduk@jabber.org/barnowl joins the room
[09:05:50] <kaduk@jabber.org/barnowl> Wow, Justin is overdriving the mic (at least from here)
[09:05:59] <Yaron Sheffer_web_622> Same here
[09:06:00] <kaduk@jabber.org/barnowl> Yeah, step back sounds good
[09:06:09] <aaronpk> now it’s distorted but quiet
[09:06:12] <Meetecho> But is it too loud in the room too? Or just for remotes?
[09:06:22] jhoyla joins the room
[09:06:52] <jhoyla> Sounds fine in the room
[09:07:04] <Meetecho> Ack, looking into it
[09:07:08] <kaduk@jabber.org/barnowl> jhoyla: did you sign the blue sheets?
[09:07:53] Lorenzo Miniero_web_938 joins the room
[09:07:56] Paolo Saviano_web_191 leaves the room
[09:07:58] Simon Romano_web_461 joins the room
[09:08:11] Karen Staley_web_963 joins the room
[09:08:47] <jhoyla> @Kaduk I did now 😅
[09:08:52] Kathleen Moriarty_web_602 joins the room
[09:09:34] <kaduk@jabber.org/barnowl> @meetecho something helped
[09:09:35] <Yaron Sheffer_web_622> Audio fixed, thanks!
[09:09:36] <Meetecho> It should sound better now
[09:09:41] <aaronpk> that sounds much better thanks
[09:09:45] <Christopher Inacio_web_684> a lot better, thanks
[09:10:02] <kaduk@jabber.org/barnowl> Yes, thank you meetecho!
[09:11:10] Valery Smyslov_web_283 leaves the room
[09:11:11] David Waite_web_508 leaves the room
[09:11:14] Valery Smyslov_web_727 joins the room
[09:11:15] David Waite_web_348 joins the room
[09:12:52] fabien imbault_web_502 leaves the room
[09:13:06] David Waite_web_348 leaves the room
[09:13:10] David Waite_web_355 joins the room
[09:14:29] aaronpk leaves the room: Disconnected: closed
[09:14:34] fabien imbault_web_845 joins the room
[09:15:44] Michael Bilca_web_550 joins the room
[09:17:14] Lorenzo Miniero_web_938 leaves the room
[09:18:07] Valery Smyslov_web_727 leaves the room
[09:18:11] Valery Smyslov_web_515 joins the room
[09:18:20] <Yaron Sheffer_web_622> Total bikeshedding, but I still like "redirect".
[09:21:29] Nancy Cam-Winget_web_642 joins the room
[09:23:59] <Kathleen Moriarty_web_602> Yaron, I'm ok with redirect too as the user gets a URL to go to
[09:25:49] <jhoyla> So I haven't read any of the drafts or anything, but with the confusion attacks, would it be possible to have a master key and then use a KDF to produce an independent key for each AS?
[09:26:54] David Waite_web_355 leaves the room
[09:26:58] David Waite_web_971 joins the room
[09:27:15] <George Fletcher_web_907> That's the last slide :)
[09:28:03] David Waite_web_971 leaves the room
[09:28:07] David Waite_web_461 joins the room
[09:28:44] David Waite_web_461 leaves the room
[09:28:48] David Waite_web_602 joins the room
[09:30:10] David Waite_web_602 leaves the room
[09:30:14] David Waite_web_172 joins the room
[09:30:22] <aaronpk> i’ll try a live demo too :)
[09:31:18] <kaduk@jabber.org/barnowl> tempting fate, eh?
[09:32:01] <jhoyla> Make your sacrifices to the demo gods now :P
[09:33:50] David Waite_web_172 leaves the room
[09:33:54] David Waite_web_558 joins the room
[09:35:34] David Waite_web_558 leaves the room
[09:35:38] David Waite_web_450 joins the room
[09:36:42] David Waite_web_450 leaves the room
[09:36:46] David Waite_web_714 joins the room
[09:37:16] <jhoyla> I wonder if making the signing functions too generic leaves you open to being used as an oracle.
[09:37:25] zhang jun_web_935 joins the room
[09:37:44] <jhoyla> I guess not if you have a different key for each AS.
[09:38:15] zhang jun_web_935 leaves the room
[09:38:16] <Yaron Sheffer_web_622> A signing *library* needs to be generic by definition, and people will be using libraries.
[09:39:48] <jhoyla> @Yaron, but you could have a manadatory field like "intended protocol" or something, such that some library wired up to the network would always add "GNAP" as a string into the signature.
[09:39:56] <jhoyla> For example.
[09:40:38] <Yaron Sheffer_web_622> That's a great idea, and the spec doesn't have it (yet).
[09:41:25] <Yaron Sheffer_web_622> Please raise it at the mike.
[09:41:34] <kaduk@jabber.org/barnowl> Yeah, adding protocol context to what is signed sounds like a great
plan (since we don't have any existing ecosystems lacking such a
context that we have to cope with)
[09:41:46] Alessandro Amirante_web_599 joins the room
[09:41:48] Justin Richer_web_844 leaves the room
[09:41:52] Justin Richer_web_686 joins the room
[09:41:53] <jhoyla> I'll bring it up when we get to questions.
[09:43:29] Alessandro Amirante_web_599 leaves the room
[09:44:59] Peter Yee_web_333 leaves the room
[09:48:49] Aaron Parecki_web_229 leaves the room
[09:48:53] Aaron Parecki_web_687 joins the room
[09:51:42] Samuel Weiler_web_886 joins the room
[09:51:54] Shigeya Suzuki_web_553 joins the room
[09:52:09] David Waite_web_714 leaves the room
[09:52:13] David Waite_web_790 joins the room
[09:52:35] Shigeya Suzuki_web_553 leaves the room
[09:52:39] David Waite_web_790 leaves the room
[09:52:43] David Waite_web_936 joins the room
[09:53:07] David Waite_web_936 leaves the room
[09:53:11] David Waite_web_185 joins the room
[09:53:39] Mark McFadden_web_652 leaves the room
[09:53:43] Mark McFadden_web_844 joins the room
[09:54:10] <jhoyla> @Yaron Your audio was pretty rough, maybe put something in chat that can be relayed at the mic locally?
[09:54:33] <kaduk@jabber.org/barnowl> I think I got the gist of Yaron's remarks:
[09:54:46] <Yaron Sheffer_web_622> Yep, sorry. I was comparing your idea to the JWT "@typ" field.
[09:55:41] Justin Richer_web_686 leaves the room
[09:56:41] David Waite_web_185 leaves the room
[09:56:45] Houda Labiod_web_592 joins the room
[09:56:45] David Waite_web_487 joins the room
[09:56:56] <kaduk@jabber.org/barnowl> Right.  And we have a chance to make its use mandatory from the start,
unlike in JWT :)
[09:57:08] <Yaron Sheffer_web_622> !!
[09:57:47] Houda Labiod_web_592 leaves the room
[09:59:13] David Waite_web_487 leaves the room
[09:59:17] David Waite_web_778 joins the room
[10:00:16] David Waite_web_778 leaves the room
[10:00:20] David Waite_web_439 joins the room
[10:00:23] Justin Richer_web_701 joins the room
[10:01:45] <jhoyla> That was v. cool
[10:01:59] <George Fletcher_web_907> clap+
[10:02:00] <kaduk@jabber.org/barnowl> For future reference, what was the sacrifice to the demo gods?
Need to replicate for next time...
[10:02:03] <Samuel Weiler_web_886> (Yes, I stepped away.)
[10:02:32] <aaronpk> almost flawless demo, minus chrome screen sharing permissions issue which i still don’t know why it got reset 😊
[10:03:03] Olle Johansson_web_125 joins the room
[10:04:34] <jhoyla> Are people going to call GNAP "OAuth" for the next 25 years, à la TLS?
[10:05:35] <aaronpk> 😂
[10:06:02] Geng-Da Tsai_web_728 joins the room
[10:06:55] Filip Skokan_web_583 joins the room
[10:07:41] <Yaron Sheffer_web_622> mic: I was going to ask if the protocol is ready to freeze, to allow researchers to focus on proofs/attacks. But if we're still changing the state machine, we're not ready. To be clear: I am supportive of that.
[10:09:07] <jhoyla> Yeah, the state machine is the first bit of FA for me.
[10:09:44] <jhoyla> Although cyclic state machines are always a pain to resolve.
[10:10:28] fabien imbault_web_845 leaves the room
[10:12:13] Taiji Kimura_web_931 joins the room
[10:13:46] fabien imbault_web_937 joins the room
[10:14:00] Houda Labiod_web_451 joins the room
[10:14:37] <kaduk@jabber.org/barnowl> You can have extensions be optional by default but with an explicit
indication when a given extension is critical to comprehend
[10:15:30] Karen Staley_web_963 leaves the room
[10:15:34] Karen Staley_web_390 joins the room
[10:17:04] Houda Labiod_web_451 leaves the room
[10:19:06] Lorenzo Miniero_web_103 joins the room
[10:21:06] Lorenzo Miniero_web_103 leaves the room
[10:23:57] <Christopher Inacio_web_684> Can someone voice Ben's question if desired?  Ben, should I drop that in the notes?
[10:24:36] <kaduk@jabber.org/barnowl> Um.  I'm pretty sure Justin knows it, but probably worth putting it in
the notes regardless.
[10:25:01] <Christopher Inacio_web_684> then I won't take it out of the notes.  ;)
[10:25:14] <kaduk@jabber.org/barnowl> (alongside the bits about "defining the semantics of an extension
mechanism is not as straightforward as you might think")
[10:25:21] <kaduk@jabber.org/barnowl> Ah, excellent :)
[10:25:35] fabien imbault_web_937 leaves the room
[10:26:42] fabien imbault_web_924 joins the room
[10:27:44] <Christopher Inacio_web_684> quote of the day (in the notes) "no one ever runs a security protocol for the sake of running a security protocol"
[10:28:23] <kaduk@jabber.org/barnowl> What about "it's a security protocol, so you click a button, and it
works"? ;)
[10:28:55] <Christopher Inacio_web_684> yeah, that was pretty good too.
[10:29:05] Olle Johansson_web_125 leaves the room
[10:29:48] <Christopher Inacio_web_684> I didn't put that in the notes, it would be something like "buried in wall of text, <quote>, buried in more wall of text"
[10:29:59] <kaduk@jabber.org/barnowl> Yeah, makes sense
[10:30:04] Bart Bakker_web_303 joins the room
[10:30:20] <Christopher Inacio_web_684> <bold>test</bold?
[10:31:20] <Christopher Inacio_web_684> interesting, does the meet echo chat just strip '<' '>' tokens and ignore them, or are there things you can with that????  Hmmm
[10:31:21] <jhoyla> From a Formal Analysis perspective this makes me sweat. It's not necesarrily insecure, it's just _super_ hard to reason about.
[10:32:00] <jhoyla> @Christopher you should be able to get bold text.
[10:32:55] <kaduk@jabber.org/barnowl> <a href="https://www.youtube.com/watch?v=dQw4w9WgXcQ">maybe you can
link to things...</a>
[10:33:15] <Christopher Inacio_web_684> I more often use a separate jabber client, and I've not bothered too much with the meet echo - so there's all new hijinks here. <b>bold</b>
[10:33:48] <jhoyla> This sounds like a 10-year FA research project.
[10:34:00] <Christopher Inacio_web_684> @Jonathan - a couple of quick tests and it seems to just drop them
[10:34:28] <Yaron Sheffer_web_622> @jhoyla: mixed protocols or "bold" in Meetecho?
[10:35:35] <Christopher Inacio_web_684> this embedding feels like a pandora's box
[10:35:35] <jhoyla> @Yaron mixed protocols. I'm pretty sure we can figure out Meetecho in the course of a hackathon. Maybe by embedding a Markdown post-processor.
[10:35:50] <Yaron Sheffer_web_622> :-)
[10:35:55] Karen Staley_web_390 leaves the room
[10:35:59] Karen Staley_web_567 joins the room
[10:36:46] <jhoyla> Actually, thinking on this, this sounds like a case where you need Exporters and Importers
[10:38:44] David Waite_web_439 leaves the room
[10:38:48] David Waite_web_341 joins the room
[10:39:37] David Waite_web_341 leaves the room
[10:39:41] David Waite_web_691 joins the room
[10:39:59] David Waite_web_691 leaves the room
[10:40:06] David Waite_web_883 joins the room
[10:41:08] David Waite_web_883 leaves the room
[10:41:12] David Waite_web_590 joins the room
[10:41:45] <jhoyla> I think giving GNAP an RFC 5056 style API would give you an answer without having to put to much effort in.
[10:42:44] <jhoyla> too much*
[10:42:45] David Waite_web_590 leaves the room
[10:42:49] David Waite_web_168 joins the room
[10:43:32] jhoyla leaves the room
[10:43:36] Bart Bakker_web_303 leaves the room
[10:43:43] Leif Johansson_web_866 leaves the room
[10:43:55] Yaron Sheffer_web_622 leaves the room
[10:43:58] Kathleen Moriarty_web_602 leaves the room
[10:44:03] Aaron Parecki_web_687 leaves the room
[10:44:14] Samuel Weiler_web_886 leaves the room
[10:44:16] Benjamin Kaduk_web_409 leaves the room
[10:44:17] David Waite_web_168 leaves the room
[10:44:18] Michael Bilca_web_550 leaves the room
[10:44:18] Taiji Kimura_web_931 leaves the room
[10:44:25] fabien imbault_web_924 leaves the room
[10:44:46] Mark McFadden_web_844 leaves the room
[10:44:57] Meetecho leaves the room
[10:45:02] Gabriela Baerje_web_858 leaves the room
[10:45:03] Nancy Cam-Winget_web_642 leaves the room
[10:45:15] Bo-Xue Huang_web_305 leaves the room
[10:45:15] Alessandro Toppi_web_103 leaves the room
[10:45:15] George Fletcher_web_907 leaves the room
[10:45:15] Christopher Inacio_web_684 leaves the room
[10:45:15] Kohei Isobe_web_630 leaves the room
[10:45:15] Simon Romano_web_461 leaves the room
[10:45:15] Valery Smyslov_web_515 leaves the room
[10:45:15] Filip Skokan_web_583 leaves the room
[10:45:15] Geng-Da Tsai_web_728 leaves the room
[10:45:15] Justin Richer_web_701 leaves the room
[10:45:15] Karen Staley_web_567 leaves the room
[11:30:33] jhoyla joins the room
[11:42:43] aaronpk joins the room
[11:44:51] aaronpk leaves the room: Disconnected: closed
[11:46:52] kaduk@jabber.org/barnowl leaves the room
[11:58:30] aaronpk leaves the room: Disconnected: closed
[12:01:01] jhoyla leaves the room
[12:17:59] jhoyla joins the room
[13:32:47] jhoyla leaves the room