IETF
irtfopen
irtfopen@jabber.ietf.org
Tuesday, November 9, 2021< ^ >
sftcd-pidgin has set the subject to: IRTFOPEN @ IETF-1103333 - https://datatracker.ietf.org/meeting/103/materials/agenda-103-irtfopen-00
Room Configuration
Room Occupants

GMT+0
[00:18:03] Glen joins the room
[00:18:09] Glen leaves the room
[00:18:15] Glen joins the room
[00:18:19] Glen leaves the room
[15:34:27] Meetecho joins the room
[15:35:59] Yoshiro Yoneya joins the room
[15:45:03] Meetecho Robot_web_667 joins the room
[15:45:03] Philip Eardley_web_388 joins the room
[15:45:03] Gorry Fairhurst_web_464 joins the room
[15:45:03] Yoshiro Yoneya_web_920 joins the room
[15:45:03] Markus de Brün_web_106 joins the room
[15:45:03] Spencer Dawkins_web_275 joins the room
[15:45:03] Nicolas Kuhn_web_296 joins the room
[15:45:03] Alessandro Amirante_web_721 joins the room
[15:45:03] Massimo Nilo_web_773 joins the room
[15:45:26] Meetecho Robot_web_667 leaves the room
[15:45:30] Meetecho Robot_web_633 joins the room
[15:47:54] Jaime Jimenez_web_977 joins the room
[15:49:12] Aqsa Kashaf_web_444 joins the room
[15:49:30] Ching-Heng Ku_web_812 joins the room
[15:49:37] alexamirante joins the room
[15:49:41] Laurent Toutain_web_622 joins the room
[15:50:16] Philip Eardley_web_388 leaves the room
[15:51:10] Kazunori Fujiwara_web_185 joins the room
[15:51:52] Colin Perkins_web_565 joins the room
[15:51:56] Colin Perkins_web_565 leaves the room
[15:51:57] Colin Perkins_web_816 joins the room
[15:51:58] Marc Petit-Huguenin_web_247 joins the room
[15:52:05] Richard Scheffenegger_web_599 joins the room
[15:52:10] Richard Scheffenegger_web_599 leaves the room
[15:52:14] Richard Scheffenegger_web_221 joins the room
[15:52:28] Antoine Fressancourt_web_432 joins the room
[15:53:12] Massimo Nilo_web_773 leaves the room
[15:54:17] Richard Scheffenegger_web_221 leaves the room
[15:54:21] Richard Scheffenegger_web_489 joins the room
[15:54:32] Thomas Wirtgen_web_811 joins the room
[15:54:36] Milton Kashiwakura_web_516 joins the room
[15:55:28] Marco Häberle_web_558 joins the room
[15:56:03] Andrew Campling_web_131 joins the room
[15:56:20] Ching-Heng Ku_web_812 leaves the room
[15:57:05] Dieter Sibold_web_321 joins the room
[15:57:19] Markus de Brün_web_106 leaves the room
[15:57:26] Renan Krishna_web_392 joins the room
[15:57:27] Tianji Jiang_web_414 joins the room
[15:57:42] Magnus Westerlund_web_831 joins the room
[15:57:54] Dominique Lazanski_web_357 joins the room
[15:57:57] Mat Ford_web_556 joins the room
[15:57:58] Mirja Kühlewind_web_461 joins the room
[15:57:58] Kazuaki Ueda_web_821 joins the room
[15:57:59] David Millman_web_413 joins the room
[15:57:59] Fatima Zarinni_web_840 joins the room
[15:58:08] Frode Kileng_web_837 joins the room
[15:58:16] Peter Feil_web_227 joins the room
[15:58:17] <Andrew Campling_web_131> Loud and clear
[15:58:20] <Mat Ford_web_556> looking (and sounding) good
[15:58:22] <Antoine Fressancourt_web_432> we can hear you
[15:58:32] Zaid AlBanna_web_269 joins the room
[15:58:35] frodek joins the room
[15:58:43] <Fatima Zarinni_web_840> Hi everyone !
[15:58:49] Jay Daley_web_679 joins the room
[15:58:53] Carsten Bormann_web_816 joins the room
[15:58:54] Shinta Sato_web_150 joins the room
[15:58:55] JAIN Prachi_web_461 joins the room
[15:58:58] <Colin Perkins_web_816> @meetecho a reminder that we have pre-recorded talks in this session
[15:59:03] Karen O'Donoghue_web_338 joins the room
[15:59:06] Duane Wessels_web_186 joins the room
[15:59:10] <alexamirante> ACK
[15:59:19] Peter Koch_web_628 joins the room
[15:59:26] james welch_web_868 joins the room
[15:59:30] Petr Špaček_web_249 joins the room
[15:59:31] <Colin Perkins_web_816> Copies of the slides and talks, and links to the papers, are at https://irtf.org/anrp/
[15:59:49] Lin Han_web_824 joins the room
[15:59:57] Roland Bless_web_107 joins the room
[16:00:02] Alexander Azimov_web_317 joins the room
[16:00:14] Alexander Clemm_web_479 joins the room
[16:00:17] Lucas Pardue_web_235 joins the room
[16:00:17] David Oran_web_413 joins the room
[16:00:20] Luigi Iannone_web_839 joins the room
[16:00:23] John Border_web_895 joins the room
[16:00:24] Philip Eardley_web_381 joins the room
[16:00:40] David Oliver_web_440 joins the room
[16:00:42] Hesham ElBakoury_web_277 joins the room
[16:00:47] Theresa Enghardt_web_895 joins the room
[16:00:48] Shinta Sato_web_150 leaves the room
[16:00:52] Shumon Huque_web_553 joins the room
[16:01:05] Wes Hardaker_web_366 joins the room
[16:01:08] Stuart Cheshire_web_738 joins the room
[16:01:20] Ching-Heng Ku_web_293 joins the room
[16:01:22] Marie-Jose Montpetit_web_383 joins the room
[16:01:25] Greg Wood_web_997 joins the room
[16:01:29] Michael Bilca_web_112 joins the room
[16:01:29] Jaime Jimenez_web_977 leaves the room
[16:01:31] Aqsa Kashaf_web_444 leaves the room
[16:01:31] John Kaippallimalil_web_182 joins the room
[16:01:33] Jaime Jimenez_web_664 joins the room
[16:01:35] Aqsa Kashaf_web_322 joins the room
[16:01:47] JAIN Prachi_web_461 leaves the room
[16:01:51] JAIN Prachi_web_946 joins the room
[16:01:54] Stuart Card_web_535 joins the room
[16:01:54] Jay Daley_web_679 leaves the room
[16:01:58] Kevin Bock_web_634 joins the room
[16:02:00] Niels ten Oever_web_765 joins the room
[16:02:01] afregly@verisign.com_web_879 joins the room
[16:02:03] Michael Breuer_web_764 joins the room
[16:02:08] Jay Daley_web_616 joins the room
[16:02:11] Aqsa Kashaf_web_322 leaves the room
[16:02:15] Aqsa Kashaf_web_924 joins the room
[16:02:23] Jean-Michel Combes_web_606 joins the room
[16:02:46] Lars Eggert_web_590 joins the room
[16:02:49] Peng Liu_web_700 joins the room
[16:02:56] Julien Maisonneuve_web_443 joins the room
[16:02:57] Jessica Fitzgerald-McKay_web_387 joins the room
[16:03:04] Xavier de Foy_web_768 joins the room
[16:03:08] Shivan Sahib_web_665 joins the room
[16:03:12] Eliot Lear_web_165 joins the room
[16:03:15] Georgios Karagiannis_web_287 joins the room
[16:03:18] Olaf Kolkman_web_468 joins the room
[16:03:32] Alexander Clemm_web_479 leaves the room
[16:03:32] Cullen Jennings_web_989 joins the room
[16:03:36] Alexander Clemm_web_312 joins the room
[16:03:37] Joerg Ott_web_411 joins the room
[16:03:46] Jari Arkko_web_623 joins the room
[16:03:47] Ulrich Wisser_web_896 joins the room
[16:03:53] Chris Wendt_web_469 joins the room
[16:03:59] Peng Liu_web_700 leaves the room
[16:04:03] Peng Liu_web_952 joins the room
[16:04:03] Aqsa Kashaf_web_924 leaves the room
[16:04:16] JAIN Prachi_web_946 leaves the room
[16:04:20] JAIN Prachi_web_453 joins the room
[16:04:35] Juhamatti Kuusisaari_web_118 joins the room
[16:04:36] Benno Overeinder_web_743 joins the room
[16:04:52] <Shivan Sahib_web_665> Colin's video is so clear
[16:05:04] Massimiliano Pala_web_866 joins the room
[16:05:11] Jim Reid_web_235 joins the room
[16:05:13] Michael Welzl_web_312 joins the room
[16:05:42] Monika Ermert_web_643 joins the room
[16:05:43] Philip Eardley_web_381 leaves the room
[16:05:46] <Carsten Bormann_web_816> I think he has a real camera
[16:05:46] Monika Ermert_web_643 leaves the room
[16:05:47] Philip Eardley_web_546 joins the room
[16:05:48] Monika Ermert_web_731 joins the room
[16:06:10] alexamirante has set the subject to: IRTFOPEN @ IETF-112 - https://datatracker.ietf.org/meetin…12/materials/agenda-112-irtfopen-01
[16:06:27] Vasilis_web_793 joins the room
[16:06:44] <Andrew Campling_web_131> Or is using his phone's camera linked to laptop / PC
[16:06:59] JAIN Prachi_web_453 leaves the room
[16:07:03] Ali Begen_web_669 joins the room
[16:07:08] Kotikalapudi Sriram_web_809 joins the room
[16:07:43] Lee-Berkeley Shaw_web_350 joins the room
[16:07:49] David Lawrence_web_163 joins the room
[16:07:51] Mallory Knodel_web_907 joins the room
[16:08:11] Zaid AlBanna_web_269 leaves the room
[16:08:15] Zaid AlBanna_web_727 joins the room
[16:08:39] cabo joins the room
[16:08:45] Aqsa Kashaf_web_181 joins the room
[16:09:05] Ulrich Wisser_web_896 leaves the room
[16:09:14] Zaid AlBanna_web_727 leaves the room
[16:09:18] Zaid AlBanna_web_463 joins the room
[16:09:37] Robin Wilton_web_552 joins the room
[16:09:41] Zaid AlBanna_web_463 leaves the room
[16:09:45] Zaid AlBanna_web_179 joins the room
[16:09:49] Wendy Seltzer_web_230 joins the room
[16:09:53] Gang Yan_web_418 joins the room
[16:10:01] Ulrich Wisser_web_747 joins the room
[16:10:10] Zaid AlBanna_web_179 leaves the room
[16:10:14] Zaid AlBanna_web_565 joins the room
[16:11:04] Jason Livingood_web_184 joins the room
[16:12:03] afregly@verisign.com_web_879 leaves the room
[16:12:37] afregly@verisign.com_web_103 joins the room
[16:12:43] Mihail Zverev_web_521 joins the room
[16:13:42] Stephen McQuistin_web_129 joins the room
[16:14:11] Taiji Kimura_web_678 joins the room
[16:14:17] Cindy Morgan_web_871 joins the room
[16:15:13] Alberto Rodriguez-Natal_web_188 joins the room
[16:15:56] Niels ten Oever_web_765 leaves the room
[16:16:16] Niels ten Oever_web_462 joins the room
[16:16:30] Robert Story_web_517 joins the room
[16:16:36] Ulrich Wisser_web_747 leaves the room
[16:16:40] Ulrich Wisser_web_597 joins the room
[16:17:12] Russ White_web_235 joins the room
[16:17:26] <cabo> draft-iab-rfcefdp-rfced-model-05
[16:17:51] Juan-Carlos Zúñiga_web_316 joins the room
[16:18:08] Ari Keränen_web_647 joins the room
[16:18:23] <cabo> 💐
[16:18:42] <Colin Perkins_web_816> Thanks, Carsten
[16:19:00] Juan-Carlos Zúñiga_web_316 leaves the room
[16:19:03] <Spencer Dawkins_web_275> Also, his pink IRSG dot seems pinker today - not sure if they have actually changed the colors, or if my vision is changing as the IETF week goes on ...
[16:20:01] Juan-Carlos Zúñiga_web_889 joins the room
[16:20:10] <Olaf Kolkman_web_468> Bravo!!!
[16:20:16] <Alessandro Amirante_web_721> @Spencer: color codes have been changed, indeed :)
[16:20:22] Hugo Salgado_web_825 joins the room
[16:20:57] Juan-Carlos Zúñiga_web_889 leaves the room
[16:22:18] <Fatima Zarinni_web_840> Talking about the colored dots, is it mentioned anywhere what each colored dot stands for ? I can guess some of them.
[16:22:27] <Mat Ford_web_556> mouse over the dot
[16:23:00] <Fatima Zarinni_web_840> +1 @Mat
[16:23:34] <Mat Ford_web_556> I'm not sure how we replicate that functionality if we meet f2f again :-)
[16:23:38] Rüdiger Volk_web_495 joins the room
[16:24:01] Ignas Bagdonas_web_661 joins the room
[16:24:28] Dave Levin_web_857 joins the room
[16:24:48] <Andrew Campling_web_131> @Mat - QR codes?
[16:24:51] <Antoine Fressancourt_web_432> @Mat I have been at conferences where they add a color band for each role at the bottom of the badge
[16:24:52] Lucy Lynch_web_130 joins the room
[16:24:56] Juan-Carlos Zúñiga_web_623 joins the room
[16:25:22] <Antoine Fressancourt_web_432> The head of the conference ended up with a 70 CM long badge,
[16:25:46] Jason Livingood_web_184 leaves the room
[16:26:06] Juan-Carlos Zúñiga_web_623 leaves the room
[16:26:10] Juan-Carlos Zúñiga_web_672 joins the room
[16:26:40] <Fatima Zarinni_web_840> True @Mat & I like @Andrew's idea of QR codes :)
[16:26:50] <Stuart Card_web_535> Louder please!
[16:27:15] <Alessandro Amirante_web_721> better now?
[16:27:16] <Massimiliano Pala_web_866> The audio is very muffled, would it be possible to raise the mike volume?
[16:27:23] Zhe Lou_web_357 joins the room
[16:27:26] Georgios Karagiannis_web_287 leaves the room
[16:27:30] Georgios Karagiannis_web_109 joins the room
[16:27:58] Ulrich Wisser_web_597 leaves the room
[16:28:00] Weiqiang Cheng_web_936 joins the room
[16:28:22] <Alessandro Amirante_web_721> cannot raise the volume more than that. the muffled audio is in the pre-recorded video itself unfortunately
[16:28:29] Ulrich Wisser_web_844 joins the room
[16:28:38] Weiqiang Cheng_web_936 leaves the room
[16:28:40] <Massimiliano Pala_web_866> Thank you, that is much better!
[16:28:42] Weiqiang Cheng_web_671 joins the room
[16:29:15] <Andrew Campling_web_131> @Massimiliano Have you tried using the slider volume control on your browser window (bottom right corner)?
[16:29:31] Nicolas Kuhn_web_296 leaves the room
[16:29:35] Nicolas Kuhn_web_119 joins the room
[16:29:35] Allison Mankin_web_498 joins the room
[16:30:39] Robin Wilton_web_552 leaves the room
[16:30:43] Robin Wilton_web_852 joins the room
[16:31:40] Weiqiang Cheng_web_671 leaves the room
[16:31:40] mcint leaves the room
[16:31:41] Matthew leaves the room
[16:31:41] olaf leaves the room
[16:31:41] ghwood leaves the room
[16:31:41] sftcd leaves the room
[16:31:44] Weiqiang Cheng_web_311 joins the room
[16:31:44] mcint joins the room
[16:31:45] Matthew joins the room
[16:31:45] olaf joins the room
[16:31:45] ghwood joins the room
[16:31:45] sftcd joins the room
[16:32:04] Phillip Hallam-Baker_web_775 joins the room
[16:32:27] <Spencer Dawkins_web_275> @Alessandro Amirante - thank you! I have the same dot, and don't want anyone to think I'm on the IAB :grin:
[16:32:44] Ari Keränen_web_647 leaves the room
[16:33:23] <Alessandro Amirante_web_721> :rolling_on_the_floor_laughing:
[16:33:24] Weiqiang Cheng_web_311 leaves the room
[16:33:39] Phillip Hallam-Baker_web_775 leaves the room
[16:33:55] <Colin Perkins_web_816> The pink dots are much more vibrant now :)
[16:34:17] <Eliot Lear_web_165> if these are recorded presentations are the presentors available for questions afterwards?
[16:34:29] <Colin Perkins_web_816> Yes – they should also be in the chat
[16:35:42] Robin Wilton_web_852 leaves the room
[16:35:46] Robin Wilton_web_499 joins the room
[16:35:50] <Eliot Lear_web_165> @csp thanks!
[16:36:29] Kentaro Goto_web_512 joins the room
[16:36:42] <Eliot Lear_web_165> What I am wondering is how to implement this sort of mechanism safely.  I could see something like this done with the Transit bit set to 0, for instance.
[16:37:09] <Eliot Lear_web_165> Because doing otherwise invites all sorts of scary scenarios.
[16:37:31] Jari Arkko_web_623 leaves the room
[16:38:19] Robert Story_web_517 leaves the room
[16:39:05] Mallory Knodel_web_907 leaves the room
[16:39:09] Mallory Knodel_web_370 joins the room
[16:39:10] Niels ten Oever_web_462 leaves the room
[16:39:14] Niels ten Oever_web_226 joins the room
[16:40:07] Marc Petit-Huguenin_web_247 leaves the room
[16:40:19] Marc Petit-Huguenin_web_983 joins the room
[16:40:30] Yoshiro Yoneya_web_920 leaves the room
[16:40:34] Yoshiro Yoneya_web_968 joins the room
[16:40:40] Mallory Knodel_web_370 leaves the room
[16:40:44] Mallory Knodel_web_569 joins the room
[16:40:53] Jaime Jimenez_web_664 leaves the room
[16:41:22] <Spencer Dawkins_web_275> @Eliot, the constant discussion with the speaker during the talk is one of the best things about recorded talks in meetecho. I've connected with speakers on LinkedIn before the talk finished. :satisfied:
[16:42:08] David Millman_web_413 leaves the room
[16:42:12] David Millman_web_825 joins the room
[16:42:36] Cedric Westphal_web_790 joins the room
[16:43:03] Shivan Sahib_web_665 leaves the room
[16:43:59] Brian Trammell_web_699 joins the room
[16:44:17] Ike Kunze_web_334 joins the room
[16:44:33] Shivan Sahib_web_908 joins the room
[16:44:34] Theresa Enghardt_web_895 leaves the room
[16:44:38] Theresa Enghardt_web_581 joins the room
[16:44:45] Bruno Decraene_web_682 joins the room
[16:45:32] Michael Welzl_web_312 leaves the room
[16:45:49] Theresa Enghardt_web_581 leaves the room
[16:45:53] Theresa Enghardt_web_536 joins the room
[16:45:54] Nicolas Kuhn_web_119 leaves the room
[16:46:48] Laurent Toutain_web_622 leaves the room
[16:46:54] Dmitry Afanasiev_web_633 joins the room
[16:47:41] Abdussalam Baryun_web_395 joins the room
[16:48:02] Zhe Lou_web_357 leaves the room
[16:48:35] <Abdussalam Baryun_web_395> Hi all
[16:48:46] Jay Daley_web_616 leaves the room
[16:49:24] Ike Kunze_web_334 leaves the room
[16:51:13] Al Morton_web_636 joins the room
[16:51:50] Michael Tüxen_web_281 joins the room
[16:52:22] <Juhamatti Kuusisaari_web_118> Maybe allowing this kind of plugin extension could be part of the protocol design.
[16:53:08] Hannu Flinck_web_721 joins the room
[16:53:10] Peter Koch_web_628 leaves the room
[16:53:14] Peter Koch_web_207 joins the room
[16:53:15] <Antoine Fressancourt_web_432> Maybe this is a method to use those "reserved for future use" bits we saved from places to places
[16:54:14] Abdussalam Baryun_web_395 leaves the room
[16:55:03] Dominique Lazanski_web_357 leaves the room
[16:55:40] Natalie Ennis_web_346 joins the room
[16:56:06] Monika Ermert_web_731 leaves the room
[16:56:10] Monika Ermert_web_688 joins the room
[16:57:49] Peng Liu_web_952 leaves the room
[16:57:52] Yuji Koyama_web_904 joins the room
[16:58:03] Alexey Melnikov_web_661 joins the room
[16:58:24] Korry Luke_web_827 joins the room
[16:58:43] Oliver Borchert_web_365 joins the room
[17:00:52] Lee-Berkeley Shaw_web_350 leaves the room
[17:00:58] Ching-Heng Ku_web_293 leaves the room
[17:01:12] Jessica Fitzgerald-McKay_web_387 leaves the room
[17:01:13] Avri Doria_web_749 joins the room
[17:01:26] Hannu Flinck_web_721 leaves the room
[17:01:41] Natalie Ennis_web_346 leaves the room
[17:01:45] Natalie Ennis_web_346 joins the room
[17:02:10] Joerg Ott_web_411 leaves the room
[17:02:20] Juan-Carlos Zúñiga_web_672 leaves the room
[17:02:27] Natalie Ennis_web_346 leaves the room
[17:02:31] Natalie Ennis_web_903 joins the room
[17:02:42] Michael Welzl_web_697 joins the room
[17:02:44] Ali Begen_web_669 leaves the room
[17:03:16] Cindy Morgan_web_871 leaves the room
[17:03:22] Dave Levin_web_857 leaves the room
[17:04:54] Dave Levin_web_774 joins the room
[17:05:03] Bruno Decraene_web_682 leaves the room
[17:06:45] <Petr Špaček_web_249> Hello @Aqsa Kashaf! Have you considered looking at IP addresses associated with names present in NS records?
[17:07:29] Niels ten Oever_web_226 leaves the room
[17:08:19] Ines Robles_web_855 joins the room
[17:08:26] <Aqsa Kashaf_web_181> We do not look at the IP addresses, only the domain names. Do you mean this would help with identifying redundancy?
[17:08:53] <Jim Reid_web_235> Why just the addresses of NS records Petr? Surely the web site addresses and ASNs are part of this centralisation issue?
[17:09:26] <Petr Špaček_web_249> @Jim that's also a possible angle, definitelly.
[17:09:47] <Allison Mankin_web_498> I probably missed it @Aqsa but for CDNs and DNS, have you analyzed how many are using multiple providers?  Is that the 11% that aren't vulnerable?
[17:09:58] <Andrew Campling_web_131> In some markets the highest %s here (ie in the presentation slides) could come close to reaching definitions for significant market power, sometimes with associated pro-competition actions by regulators etc  
[17:10:17] <Jim Reid_web_235> @Aqsa, domain name dependencies are an important part of the problem - as your great work shows. But there are others.
[17:10:46] <Aqsa Kashaf_web_181> Yes we do @Allison. The 11% are the ones who either use single 3rd party DNS, or CDN, or do not support OCSP stapling
[17:11:07] Brian Trammell_web_699 leaves the room
[17:11:49] <Aqsa Kashaf_web_181> Hi @Jim, definitely. There are many other dependecies such as among hosting providers, routing, ASNs etc.  We just scoped our work to this.
[17:11:56] <Allison Mankin_web_498> Thanks
[17:12:25] <Jim Reid_web_235> How many are using just one provider for some combination of all these services? ie A DNS provider who does webhosting is a CA.
[17:12:42] <Jim Reid_web_235> Thanks Aqsa
[17:12:45] Michael zhou_web_721 joins the room
[17:12:57] Michael zhou_web_721 leaves the room
[17:13:01] Michael zhou_web_609 joins the room
[17:13:25] <Zaid AlBanna_web_565> Very informative study, have you considered the concentration numbers with the introduction of encrypted dns?
[17:13:38] Monika Ermert_web_688 leaves the room
[17:13:42] Monika Ermert_web_930 joins the room
[17:14:35] Zheng Zhang_web_136 joins the room
[17:14:45] <Aqsa Kashaf_web_181> Hi Zaid, that would also be a very interesting study. But we do not look at encrypted DNS
[17:14:51] <Olaf Kolkman_web_468> I might have missed this in your discussion.
the failure of a CA does not immediately break the whole infrastructure, certificates are valid up to  3 months or a year. So a temporary failure of a CA may not have any effect whatsoever.
[17:15:03] <Olaf Kolkman_web_468> Have you taken that into account
[17:15:04] <Olaf Kolkman_web_468> ?
[17:15:13] Jake Holland_web_173 joins the room
[17:15:18] Peter Feil_web_227 leaves the room
[17:15:20] <Petr Špaček_web_249> @Aqsa This is belated answer to your question if looking at IP addresses would help. For example let's have a look at .PL TLD: PL NS records contain 7 names with format [a-h]-dns.pl. It might look like "private" DNS, but when we look at IP addresses we can see that e.g. h-dns.pl. IP address belongs (and is in fact run) by 3rd party - CIRA. And also f-dns.pl is run by 3rd party - NIC.AT. So by looking at IP addresses, PL suddenly moves from "all private" classification to at least two independent DNS providers.
[17:16:07] Boris Khasanov_web_788 joins the room
[17:16:42] Chris Wendt_web_469 leaves the room
[17:16:58] <Aqsa Kashaf_web_181> Hi Olaf, you are right that it does not immediately break the internet but it is not just about validity of certificates. For each https request, the certificate is verified for revocation (there is some small caching time though), because revocations can happen at any time.
[17:17:31] Boris Khasanov_web_788 leaves the room
[17:17:33] Dimitris Maroulidis_web_416 joins the room
[17:17:38] <Jim Reid_web_235> Nice work Aqsa!
[17:17:44] <Robin Wilton_web_499> @Olaf Right, but failure of CRL services (e.g. GlobalSign 2016) can produce immediate effects.
[17:17:47] Roland Bless_web_107 leaves the room
[17:17:50] <Jake Holland_web_173> yes, i hear you
[17:18:32] <Massimiliano Pala_web_866> We can hear you Wes - Maybe you can type the question?
[17:18:36] <Stuart Card_web_535> I hear each of you.
[17:18:44] Aqsa Kashaf_web_181 leaves the room
[17:18:48] Aqsa Kashaf_web_918 joins the room
[17:19:49] <Petr Špaček_web_249> Oh definitely +1 for studies like this, as @Jim and @Wes and others already mentioned.
[17:20:41] <Antoine Fressancourt_web_432> Regarding DDOS, I hear a motivation for DOTS collaboration, am I mistaken ?
[17:22:33] <Dave Levin_web_774> Awesome work, Aqsa!
[17:23:46] <Allison Mankin_web_498> Great presentation!
[17:24:03] <Mirja Kühlewind_web_461> SAIN (Service Assurance for Intent-based Networking)
Benoit Claise
Draft:
https://datatracker.ietf.org/doc/draft-ietf-opsawg-service-assurance-architecture/
https://datatracker.ietf.org/doc/draft-ietf-opsawg-service-assurance-yang/
[17:24:13] <Eliot Lear_web_165> have a look at draft-ietf-opsawg-service-assurance-architecture-02.txt
[17:24:27] <Shumon Huque_web_553> Olaf/Robin - on inline revocation checks, Aqsa does distinguish between those and OCSP stapling (and characterizes lack of the latter as a critical dependency).
[17:24:33] <Eliot Lear_web_165> oops!  Mirja got there first!
[17:25:14] <Stuart Card_web_535> This work would be of interest to many attendees at the ACM GECCO conference 2022 JUL in Boston.
[17:25:24] <Aqsa Kashaf_web_918> Thank you very much for this.
[17:25:53] Karen Staley_web_193 joins the room
[17:26:20] Aqsa Kashaf_web_918 leaves the room
[17:26:24] Aqsa Kashaf_web_370 joins the room
[17:26:43] Jingrong Xie_web_154 joins the room
[17:27:52] Jingrong Xie_web_154 leaves the room
[17:27:56] Jingrong Xie_web_327 joins the room
[17:28:05] Georgios Karagiannis_web_109 leaves the room
[17:28:09] Georgios Karagiannis_web_323 joins the room
[17:28:59] Hugo Salgado_web_825 leaves the room
[17:29:00] Marie-Jose Montpetit_web_383 leaves the room
[17:29:21] Antoine Fressancourt_web_432 leaves the room
[17:29:46] Antoine Fressancourt_web_774 joins the room
[17:29:59] Mallory Knodel_web_569 leaves the room
[17:30:03] Mallory Knodel_web_898 joins the room
[17:30:33] Alissa Cooper_web_911 joins the room
[17:30:59] Jingrong Xie_web_327 leaves the room
[17:31:03] Jingrong Xie_web_774 joins the room
[17:31:22] <Stuart Card_web_535> Is it a conventional GA or more like a GP or some other evolutionary algorithm?
[17:31:35] Antoine Fressancourt_web_774 leaves the room
[17:31:42] Antoine Fressancourt_web_591 joins the room
[17:31:51] Mallory Knodel_web_898 leaves the room
[17:32:29] <Stuart Card_web_535> It looks rather like a Learning Classifier System?
[17:32:54] <Kevin Bock_web_634> @Stuart you can think of it as a GA or GP - it's a fairly conventional GA, and the units it is evolving is these 'strategies', which specify how it should modify live network traffic
[17:32:55] Michael Bilca_web_112 leaves the room
[17:32:59] Michael Bilca_web_218 joins the room
[17:33:12] <Kevin Bock_web_634> There's a whole lot more info and detail on our website at https://censorship.ai
[17:33:38] Marco Davids_web_428 joins the room
[17:34:55] Shumon Huque_web_553 leaves the room
[17:36:35] <Andrew Campling_web_131> @Kevin: For the purposes of this presentation, could your definition of "censorship" apply to, for example, network-based content filtering of malicious content?  Server-side evasion in that context would be pretty concerning.
[17:36:35] Michio Honda_web_561 joins the room
[17:37:00] Russ White_web_235 leaves the room
[17:38:08] Jingrong Xie_web_774 leaves the room
[17:38:18] Michio Honda_web_561 leaves the room
[17:38:40] <Olaf Kolkman_web_468> There doesn't seem to be a fundamental reason for the censors learning about these evasion and responding to them, not?
[17:39:02] <Kevin Bock_web_634> @Andrew you are correct - this work more broadly applies to the whole class of middleboxes that filter network traffic
[17:39:46] <Zaid AlBanna_web_565> @kevin, did you run any tests in the US?
[17:40:02] <Andrew Campling_web_131> @Kevin - okay, so also things like parental controls etc?  This needs careful thought, not all "censorship" is evil!
[17:40:06] <Dave Levin_web_774> Followup to @Andrew - "malicious" is in the eye of the beholder. To a censor, that might be content pertaining to a rival political party. To a network operator, it might be malware. At the end of the day, they're all just setting policy in middleboxes (often from the same vendors!)
[17:40:40] <Kevin Bock_web_634> @Olaf - also true. We believe some censors have patched some issues that we've found - we're hopeful that by having an automated way to discover these relatively quickly will help us keep pace.
[17:41:27] <Antoine Fressancourt_web_591> Have you looked at the use of the anti-censorship techniques you put in place to detect and prevent DDoS attacks ?
[17:41:49] <Andrew Campling_web_131> @David: true, although I used malicious here to mean malware as well as C&C activity etc  
[17:41:51] <Kevin Bock_web_634> @Olaf 2/ - it's also worth mentioning that many of the things we find are not just bugs, but more fundamental issues in how the middleboxes are architected/deployed, and may be costly to fix
[17:42:07] <Alexander Azimov_web_317> What is the chance that if some owner of 'restricted content' applies these techniques, sensors-in-the-middle won't catch up (fix bugs) in the mid-term period?
[17:42:10] <Kevin Bock_web_634> @Zaid - when you ask if we ran tests in the US, do you mean if we hosted servers in the US, or if we looked for US-based censorship?
[17:43:01] Eliot Lear_web_165 leaves the room
[17:43:14] <Zaid AlBanna_web_565> @kevin both. This work could be very useful to privacy overall
[17:43:27] <Olaf Kolkman_web_468> @Kevin - I guess that it depends on the cost/risk analysis of the sensor. If the evasion mechanism becomes pervasive, then the middlebox vendor has incentive to fix, or go out of business.
[17:43:31] <Kevin Bock_web_634> @Antoine - We've spent some time looking into DDoS attacks, but we haven't looked into evading DDoS defense mechanisms. We did publish a recent paper in which we found that middleboxes can be tricked into launching DDoS amplification attacks, and for that we did test all middleboxes on the v4 Internet (including middleboxes in the US @Zaid)
[17:43:51] <Olaf Kolkman_web_468> (Good talk by the way, thanks!)
[17:44:17] <Kevin Bock_web_634> @Olaf - definitely true. This work does not win the cat & mouse game, it just accelerates it. What's the logical conclusion? :)
[17:44:46] <Mirja Kühlewind_web_461> Really interesting work! I think this can also help to debug various implementations of other boxes
[17:45:07] <Dave Levin_web_774> @Alexander - censors are regularly updating their mechanisms, but as Kevin is going to mention next in his talk, Geneva finds new ways to evade censorship very quickly
[17:45:14] <Antoine Fressancourt_web_591> I was not thinking about evading DDoS defense mechanisms, but looking at a DNS attacker as someone that is similar to the censor in your work in the regard that it can't afford tackling TCP corner cases
[17:45:54] <Kevin Bock_web_634> @Zaid - we focused the work on specific nation-states that had documented censorship ahead of time, so we didn't go looking for censorship in the US. In our other work on DDoS amplification attacks, we did find many middleboxes in the US that could be taken advantage of! See https://geneva.cs.umd.edu/weaponizing/ for more info on that work.
[17:45:57] <Dave Levin_web_774> Thanks, @Mirja! Yes, we also think that this could be a very effective tool at testing middleboxes — and, perhaps more importantly, testing combinations of middleboxes that are deployed in tandem
[17:46:32] Lin Han_web_824 leaves the room
[17:47:11] <Aqsa Kashaf_web_370> Hi Kevin, have you looked at domain fronting evasion in China for SNI
[17:47:18] <Petr Špaček_web_249> The only problem is that vendors can use it too, and then sell hardened middleboxes to censors for a higher price tag.
[17:48:18] <Petr Špaček_web_249> (I mean - it will certainly help software quality in the long run, but I any evasion is bound to be short-lived, I believe. Having said that - great work! Thank you!)
[17:48:33] <Kevin Bock_web_634> @Aqsa - domain fronting is an interesting case - it works well in some circumstances, but CDNs are increasingly disallowing it, making it more costly to use. Since domain fronting requires client-side involvement, it fell out of scope in this work though
[17:48:56] <Dave Levin_web_774> @Petr - They can use Geneva to fix bugs (fewer bugs is a good thing in general!) but Geneva finds more than just bugs. It also finds issues that arise due to fundamental assumptions that the middleboxes make. E.g., the TTL-limited RSTs that Kevin started the talk with: that wasn't a bug, it was an assumption the middleboxes (probably have to) make — that if they see a RST, then the end-host saw the RST, too
[17:49:14] <Spencer Dawkins_web_275> "Middleboxes Considered Better Than We Thought" - but will it be a BCP, or an April 1st RFC?
[17:49:25] <Stuart Card_web_535> This is indeed fascinating work. Using evolutionary algorithms for protocol work has been happening for at least a decade, but it is woefully underutilized. This is a great application.
[17:49:39] <Dave Levin_web_774> This is the so-called "eavesdropper dilemma": middleboxes can never know for certain that they're seeing the same exact thing that the end-hosts do, so they have to make some assumptions. Geneva finds way to exploit these assumptions
[17:49:42] <Avri Doria_web_749> fascinating and important talk. thanks.
[17:49:45] <Petr Špaček_web_249> @Dave Sure, wrong assumption is still a bug which needs to be fixed. I do that every week while developing DNS server :-)
[17:49:55] <Dave Levin_web_774> :-D
[17:51:26] <Massimiliano Pala_web_866> Could it be possible for Access Networks/Routers/TCP endpoints/Infrastructure to help implementing those strategies at a middle-box level by integrating this strategy as part of the routing protocol itself?
[17:51:42] <Dave Levin_web_774> Some of these assumptions might be very costly _not_ to make. How can the MB determine that it has seen the same thing as the end-hosts? Very hard problem that MB manufacturers face
[17:52:35] <Cedric Westphal_web_790> the public side meeting on Contractual Networking will start shortly after this meeting at https://fipe-580.my.webex.com/fipe-580.my/j.php?MTID=m3c6e67aaed5c255332cf248a313c3325
[17:52:37] <Petr Špaček_web_249> Definitely agreed. That's why middle box suppliers will be able to charge more, irrespective if "fix" helps or not :troll:
[17:53:00] <Dave Levin_web_774> @Massimiliano - yep! The packet manipulations could hypothetically happen anywhere on the path. Think of "client-side" / "server-side" more as whether it's running on the client-to-censor side of the path or the server-to-censor side.
[17:54:15] David Oliver_web_440 leaves the room
[17:54:19] David Oliver_web_657 joins the room
[17:55:59] Dave Plonka_web_961 joins the room
[17:56:04] Yoshiro Yoneya_web_968 leaves the room
[17:56:08] Yoshiro Yoneya_web_924 joins the room
[17:56:33] <Alexander Azimov_web_317> Btw, what's about QUIC?
[17:57:37] Stuart Card_web_535 leaves the room
[17:58:56] Michael Welzl_web_697 leaves the room
[17:59:00] Zaid AlBanna_web_565 leaves the room
[17:59:13] Antoine Fressancourt_web_591 leaves the room
[17:59:16] <Robin Wilton_web_499> There are definitely ethical issues here, but it is also possible for the (any) research team to adopt a systematic approach to incorporating value-based decision-making into its development process.
[17:59:17] <Kevin Bock_web_634> We haven't observed much in the way of QUIC censorship actually - it's something we're monitoring for and it will be interesting to see how that develops
[17:59:30] Greg Wood_web_997 leaves the room
[17:59:31] Gang Yan_web_418 leaves the room
[17:59:34] <Dave Levin_web_774> Thanks so much for the questions, everyone!
[17:59:44] Wes Hardaker_web_366 leaves the room
[17:59:50] David Oliver_web_657 leaves the room
[17:59:50] Mirja Kühlewind_web_461 leaves the room
[17:59:50] Oliver Borchert_web_365 leaves the room
[17:59:51] <Dave Levin_web_774> For more info on the project, please see https://censorshipa.i
[17:59:52] <Kevin Bock_web_634> Thanks, everyone!
[17:59:53] Avri Doria_web_749 leaves the room
[17:59:55] Lucy Lynch_web_130 leaves the room
[17:59:55] Robin Wilton_web_499 leaves the room
[17:59:55] <Dave Levin_web_774> oops - no not that
[17:59:55] Renan Krishna_web_392 leaves the room
[17:59:56] Taiji Kimura_web_678 leaves the room
[17:59:57] Richard Scheffenegger_web_489 leaves the room
[17:59:57] Jake Holland_web_173 leaves the room
[17:59:57] Andrew Campling_web_131 leaves the room
[17:59:58] <Dave Levin_web_774> https://censorship.ai
[17:59:59] Yoshiro Yoneya_web_924 leaves the room
[18:00:00] <Dave Levin_web_774> ^^ that's the one :)
[18:00:01] David Millman_web_825 leaves the room
[18:00:02] james welch_web_868 leaves the room
[18:00:05] Natalie Ennis_web_903 leaves the room
[18:00:06] Alexey Melnikov_web_661 leaves the room
[18:00:08] Milton Kashiwakura_web_516 leaves the room
[18:00:08] Dieter Sibold_web_321 leaves the room
[18:00:11] Dimitris Maroulidis_web_416 leaves the room
[18:00:12] Al Morton_web_636 leaves the room
[18:00:13] Shivan Sahib_web_908 leaves the room
[18:00:24] Monika Ermert_web_930 leaves the room
[18:00:25] Luigi Iannone_web_839 leaves the room
[18:00:26] Theresa Enghardt_web_536 leaves the room
[18:00:26] Spencer Dawkins_web_275 leaves the room
[18:00:27] Aqsa Kashaf_web_370 leaves the room
[18:00:27] Georgios Karagiannis_web_323 leaves the room
[18:00:28] Jim Reid_web_235 leaves the room
[18:00:28] John Kaippallimalil_web_182 leaves the room
[18:00:28] Frode Kileng_web_837 leaves the room
[18:00:28] Michael Bilca_web_218 leaves the room
[18:00:29] <Colin Perkins_web_816> Thanks all - please submit ANRP nomination for next time: irtf.org/anrp
[18:00:29] Dave Plonka_web_961 leaves the room
[18:00:29] Massimiliano Pala_web_866 leaves the room
[18:00:30] Alexander Azimov_web_317 leaves the room
[18:00:31] Magnus Westerlund_web_831 leaves the room
[18:00:31] Michael zhou_web_609 leaves the room
[18:00:32] Oliver Borchert_web_949 joins the room
[18:00:32] Cullen Jennings_web_989 leaves the room
[18:00:34] Marco Häberle_web_558 leaves the room
[18:00:35] Duane Wessels_web_186 leaves the room
[18:00:36] Olaf Kolkman_web_468 leaves the room
[18:00:36] John Border_web_895 leaves the room
[18:00:36] Juhamatti Kuusisaari_web_118 leaves the room
[18:00:37] Dmitry Afanasiev_web_633 leaves the room
[18:00:43] Peter Koch_web_207 leaves the room
[18:00:45] Mat Ford_web_556 leaves the room
[18:00:46] Ignas Bagdonas_web_661 leaves the room
[18:00:46] Kazunori Fujiwara_web_185 leaves the room
[18:00:47] Colin Perkins_web_816 leaves the room
[18:00:48] Zheng Zhang_web_136 leaves the room
[18:00:51] Alexander Clemm_web_312 leaves the room
[18:00:52] Jean-Michel Combes_web_606 leaves the room
[18:00:53] Mihail Zverev_web_521 leaves the room
[18:00:53] Karen O'Donoghue_web_338 leaves the room
[18:00:54] Thomas Wirtgen_web_811 leaves the room
[18:00:54] Kentaro Goto_web_512 leaves the room
[18:00:56] Yoshiro Yoneya leaves the room
[18:00:58] Dave Levin_web_774 leaves the room
[18:00:59] Alissa Cooper_web_911 leaves the room
[18:01:02] Meetecho Robot_web_633 leaves the room
[18:01:02] Carsten Bormann_web_816 leaves the room
[18:01:04] Ulrich Wisser_web_844 leaves the room
[18:01:08] Korry Luke_web_827 leaves the room
[18:01:12] Kazuaki Ueda_web_821 leaves the room
[18:01:13] Alessandro Amirante_web_721 leaves the room
[18:01:13] Gorry Fairhurst_web_464 leaves the room
[18:01:13] Tianji Jiang_web_414 leaves the room
[18:01:13] Fatima Zarinni_web_840 leaves the room
[18:01:13] Petr Špaček_web_249 leaves the room
[18:01:13] David Oran_web_413 leaves the room
[18:01:13] Lucas Pardue_web_235 leaves the room
[18:01:13] Hesham ElBakoury_web_277 leaves the room
[18:01:13] Stuart Cheshire_web_738 leaves the room
[18:01:13] Kevin Bock_web_634 leaves the room
[18:01:13] Michael Breuer_web_764 leaves the room
[18:01:13] Lars Eggert_web_590 leaves the room
[18:01:13] Julien Maisonneuve_web_443 leaves the room
[18:01:13] Xavier de Foy_web_768 leaves the room
[18:01:13] Benno Overeinder_web_743 leaves the room
[18:01:13] Philip Eardley_web_546 leaves the room
[18:01:13] Vasilis_web_793 leaves the room
[18:01:13] David Lawrence_web_163 leaves the room
[18:01:13] Kotikalapudi Sriram_web_809 leaves the room
[18:01:13] Wendy Seltzer_web_230 leaves the room
[18:01:13] afregly@verisign.com_web_103 leaves the room
[18:01:13] Stephen McQuistin_web_129 leaves the room
[18:01:13] Alberto Rodriguez-Natal_web_188 leaves the room
[18:01:13] Rüdiger Volk_web_495 leaves the room
[18:01:13] Allison Mankin_web_498 leaves the room
[18:01:13] Marc Petit-Huguenin_web_983 leaves the room
[18:01:14] Cedric Westphal_web_790 leaves the room
[18:01:14] Yuji Koyama_web_904 leaves the room
[18:01:14] Ines Robles_web_855 leaves the room
[18:01:14] Michael Tüxen_web_281 leaves the room
[18:01:14] Karen Staley_web_193 leaves the room
[18:01:14] Marco Davids_web_428 leaves the room
[18:01:14] Oliver Borchert_web_949 leaves the room
[18:02:02] frodek leaves the room
[18:13:21] Meetecho leaves the room
[18:21:07] alexamirante leaves the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!