[00:00:42] aalain joins the room [00:01:19] Brenden Kuerbis joins the room [00:03:58] audio seems not working [00:04:26] hear anything yet? [00:04:45] ggm joins the room [00:04:47] we'll report it to mtg desk [00:04:55] nothing. or mic is not up yet [00:05:00] ok. thx [00:05:27] ggm leaves the room [00:05:33] danny joins the room [00:05:37] chwhite2914 joins the room [00:06:24] Jared Mauch joins the room [00:06:32] AdrianFarrel joins the room [00:06:32] Jaap Akkerhuis joins the room [00:06:47] I'll be scribing. There are folks out there who need this, yes? [00:06:57] ASHIDA joins the room [00:07:05] yea [00:07:18] tachibana@jabber.org joins the room [00:07:25] russmundy@jabber.org joins the room [00:07:30] sriram, NIST: put together more use cases, relevant to validation, asks for a few minutes for those. chair: if time. [00:07:33] mlepinski joins the room [00:07:44] looking at agenda slides. [00:07:57] roque joins the room [00:08:07] reviewing LC status. I'll not repeat what's on slides. [00:08:19] cdl joins the room [00:09:26] sidr-arch, Matt Lepinski. [00:09:38] should be -09, not -08 [00:09:41] -07 oops [00:10:25] prev versions said to query once/day. could mean long time to fix problem. -09 recommends more frequent queries. much on-list discussion [00:10:30] Robert Loomans joins the room [00:11:00] recommendation: move discussion of this from arch document. [00:11:16] ("timing's too hard, let's go shopping") [00:12:00] speak if you disagree. [00:12:22] Randy: ??? [00:12:26] Stefan Santesson joins the room [00:13:12] Randy: [uninteligble] MTTR (mean time to recovery) ... [uninteligible] [00:13:18] other discussion... No. [00:13:35] Steve Kent on CP: [00:14:04] roque leaves the room [00:14:32] see slides.... [00:16:08] odonoghue joins the room [00:16:14] slide 4. [00:16:33] kazuya joins the room [00:17:01] slide 5. [00:17:07] 6 [00:18:21] CN's not meaningful, but.... to have successive certs to same entity... can use a serialNumber attr. [00:18:48] Rob Austein: how many implementatins support this? [00:19:05] Kent: I know of one. any implementation which doesn't implement sets si not compliant... [00:19:37] Kent: could relax requirement to allow both; asks Tim to look into implementation capabilities. [00:19:49] i am the only having trouble with the audio ? [00:19:54] no sound at all [00:20:11] roque joins the room [00:20:14] cdl@jabber.org joins the room [00:20:18] slide 7....8 [00:20:18] cdl@jabber.org leaves the room [00:22:54] taking a breif scribing break to look at audio. Matt Lepinski.... [00:23:00] slide 2 [00:23:12] John Schnizlein joins the room [00:25:00] Rob A; I'm ok with having it recommend an order. uncomfortble w/ prescribing order [00:25:24] Wes joins the room [00:25:28] Aalain: I can't open the stream at all. File not found. [00:25:40] Matt: will leave draft as no prescribed order. [00:25:58] Aalain: can you open it? and just not getting sound? [00:26:17] not getting sound [00:26:37] alain, the ietf noc was contacted about this issue [00:26:42] there may be playlist problems. [00:26:51] now on rpki manifests, slide 4. [00:27:24] I can't open audio either, AFAICT none of the room feeds are working [00:27:36] Brian Weis joins the room [00:28:07] HDC00027112 joins the room [00:28:55] Matt: thinks this doc has been under-reviewed. [00:28:59] please help. [00:29:01] Matt done. [00:29:05] George. [00:29:21] cert profile. [00:30:06] no vivisble WG support for CRL reason codes. [00:30:30] only one WGLC comment so far. open Q: do we have to look at alg xititon? [00:31:15] Rob A, on that Q: he thinks alg xition looks the same as any other key roll. [00:31:34] Kent: same. [00:31:46] now to RPKI repos structure. [00:32:26] no substantive changes in -03, one LC comment. [00:33:36] .... [00:33:53] now the fun one. [00:33:59] rhe joins the room [00:34:23] (validation) [00:34:37] mlepinski leaves the room: Replaced by new connection [00:34:37] mlepinski joins the room [00:36:22] koji joins the room [00:37:02] wmhaddad joins the room [00:37:12] eascenco joins the room [00:38:04] John Scudder: I take George's point that this is informational. we need a standards track doc. if this were the only thing avail to a bgp implementer, that wouldn't be a good thing. you go to some length to not use prescriptive language, but that's not helpful to implementer. [00:38:20] George: ... important to have non-prescriptive doc. [00:39:04] agrees that strong guidance is needed. [00:39:33] rababy joins the room [00:39:50] John Scudder: taking Pradosh's draft as the concrete example... there's massive overlap. [00:40:10] which is fine, but do you have concerns about the drafts documenting the same set of procedures? [00:40:28] want to remove redundnacy from doc set... can the stnadards doc ref the infomative? [00:40:39] george: definitely issues to think about [00:40:40] russ white: [00:41:08] need to be careful, with prescriptive doc, customers prefer to leave policy on rtr, not server. [00:41:37] rvdp joins the room [00:41:47] ruediger: russ, there are cases where I want things on outside server, cases where I want it on rtr [00:41:59] object to calim that all customers don't want to use external servers. [00:42:14] rvdp leaves the room [00:42:53] Geoff, as chair: ask ADs guidance re; can proposed standard must/must not normatively ref informational? [00:43:14] Housley (wrong AD): it can happen. requires addl. steps at LC. [00:43:40] russ white: the point wasn't that we shouldnt do anyting off-box, but should provide input... [00:43:42] wrong AD! :) [00:44:07] Sandy to Russ White: ... [00:44:07] Stefan Santesson leaves the room [00:44:55] Ronald van der Pol joins the room [00:44:55] HDC00027112 leaves the room [00:45:21] yinxing joins the room [00:45:26] Christopher Liljenstolpe, Telstra: oof-box should be providing furhter input driving selection in rtr; part of policy in rtr, part in. But final decision on the control plane. [00:45:32] s/oof/off [00:45:47] George: still se reason to have more generalized separation of semantics. [00:46:06] george thinks two doc approach appropriate [00:46:21] on to TA profile... [00:46:31] george done. [00:47:26] Byron Ellacot on provisioning proto [00:48:35] Rob A: my current understand: https doesn't provide replay protection. if we need that, need to look at CMS timestamps? [00:49:07] Rob: came up w/ perhaps one replay attack. tls kinda/sorta protects against. if attacker can capture request, they can perform this attack... [00:50:08] foobar joins the room [00:51:08] Housley: what are consequences of replay attack [00:52:00] Rob: assume victim divulges copy of DB (incl. RPKI certs), but not provision proto, but attacker can go back after key rollover and req reissue of compromised key [00:53:00] Rob K: protocol includes revoke capability, if parent remembers.... [00:53:06] (this is the other Rob) [00:53:15] Parent can, by keeping state.... [00:53:22] avoid issuing cert. [00:53:44] tetsuya.innami joins the room [00:53:52] Rob A: I'd rather have timestamps than state... [00:54:30] Off-mike Q: observation: old cert will expire. problem: this is not an old cert. they're requesting reissuance of cert, using old key. [00:55:23] Kent: agree w/ Rob's concern re: state. ut request going over tls-protected channel. but if that keying material not compromised..... but it's more likely they'd both go at once. [00:56:21] calvin joins the room [00:56:52] Brian Weis leaves the room [00:56:56] Rob A: i don't think tls session would protect against this,. but would be hard for attacker to set up new session, and harder for attacker to capture initial session. not entirely comfortable w/ this mechanism. [00:57:23] deone [00:57:33] Rob taking action item to write this up. [00:57:42] rpki alg profile, Geoff: [01:01:38] multiple alg issues. Q sent to security ADs. looking at options for dealing w/ this. [01:05:29] odonoghue leaves the room [01:05:38] odonoghue joins the room [01:06:36] Rob A: on C, you made a good case, then I stopped buying it. If this is essentially a rollover, I think the existing mech works, it's if you have to support in parallel that there's a problem [01:06:57] only worried about keeping copies alive for people who have old data. [01:07:15] problem is if you want to support both. then it gets complex.... [01:07:17] HDC00027112 joins the room [01:07:37] not convinced we need to get more complicated than now if only interested in xition. [01:07:41] Tim Polk: [01:08:34] transition might be cleaner, but that assumes all RPs have upgraded before you begin xition. as a practical matter, no. [01:08:41] ("quit dreaming") [01:09:58] i don't think it's safe to assume the world will have upgraded. RP's will start to xition after the alg appears in the RPKI. [01:10:05] Sandy: has a process Q. [01:10:15] Sandy; let's continue technical discussion [01:10:41] RobA: Since we're already using hashes of PK's., when we change algs, we change keys, which may save us. [01:11:07] geoff: [01:11:19] Hoffman: it's not clear that we change keys when we change algs. [01:11:35] examples of changes in RSA w/o keys changing. [01:11:55] RobA: is it unreasonable to require key roll when changing alg? A; No. [01:12:27] GGM: if this is bottom up, you get 2^^N. if from the top, it's 2*N [01:14:05] Hoffman: the concept that you need to do top-down does get advantage of size, but is somewhat unreasonable depending on who the top is. [01:14:25] sometimes you get changes driven by policies below [01:14:49] relying on being able to do top-down is not wise. [01:16:03] Roque: what if paralle trees aren't parallel? [01:17:29] kent: we're looking at alg changes that occur only after changes to CP. this is not arbitrary. [01:17:45] pbfffft. [01:18:13] tv joins the room [01:18:48] tetsuya.innami leaves the room [01:18:56] Geoff: suggesting reoslution: would like to summarize these constraints on ML, but not in draft, and revise draft ...hearing that balance of xitional process does look a lot like C. [01:20:18] Tim Polk: [01:20:38] can these docs progress in current state or do they have to wait for other work? [01:20:48] Sandy: and what other work do you want to see? [01:21:28] wmhaddad leaves the room: Computer went to sleep [01:21:54] tim: as i understand, alg drafts only have one alg. core work has been done so we can define new algs. I'd like to see ground broken on the other two piececs of work: specifiy a second alg (EC/DSA?). this probably needs a document talking about xition. [01:22:12] AdrianFarrel leaves the room [01:22:48] would like to see a -00 draft and added to the charter before this goes to RFC. do not want to hold current work for that, but don't want to just promise to do it. wants to see the work started and underway. [01:24:15] roque leaves the room [01:24:28] Who? [01:24:30] jimsch joins the room [01:25:03] bje joins the room [01:25:20] Weiler: Current speaker? Adrian Farrel. [01:25:24] Sandy to Adrian: implementation report? [01:25:34] Adrian: rtg area does not require impl any more. [01:25:53] it would be nice, it would help iesg have confidence. not required. [01:26:01] Ross Callon: ==adrian. [01:26:50] calvin leaves the room [01:27:48] Rob A: as an author of one interop implementations. [01:28:06] would be nice to restict ourselves to something already in openssl. [01:28:27] hoffman: this is in openssl. [01:28:33] who's this? [01:28:40] Wed George. Sprint [01:28:46] (handy RFID system) [01:28:58] moving on.... [01:29:04] Terry Manderson, use cases. fun fun fun [01:29:13] aalain, and other remote: is this helping? [01:29:18] is audio working yet? [01:29:36] very helpful [01:29:40] someone in-room reports the audio feed is working. [01:29:48] ok [01:34:44] something on terry presentation, please [01:35:05] Kent: there's no intro material for section3; seems completely adhoc, no confidence as reader re: completeness. [01:35:25] audi is good. can hear kent [01:36:47] Jared Mauch leaves the room [01:39:14] Jared Mauch joins the room [01:39:20] Danny asked re: taking on path protection. Ross, as not-reupping-AD says: not until you get this stuff done. [01:40:25] calvin joins the room [01:40:32] geoff: adopt? [01:41:58] Kent on TA's. [01:44:31] tetsuya.innami joins the room [01:49:36] HELIOPOLIS joins the room [01:50:34] HELIOPOLIS leaves the room [01:51:09] VOSTRO joins the room [01:52:50] calvin leaves the room [01:53:08] jimsch leaves the room [01:53:26] VOSTRO leaves the room [01:55:09] Is Kent still talking about TA's? [01:55:09] Ronald van der Pol leaves the room [01:55:13] yes [01:55:18] yes [01:55:31] local TA's. [01:59:02] Ruediger: don't want this to be common [01:59:25] Randy: 1918 space will be a common use .... would be nice to have a simple way to do 1918 w/o messing w/anything else. [02:00:21] Jared Mauch leaves the room [02:05:57] John Schnizlein, re: ISOC's round table on rtg security [02:08:10] consensus: RPKI should be persued for v4 and v6. [02:08:35] uniquneess of ipaddr cert at global level is required. [02:09:00] (skirts single/multi root issue: don't leave operators holding the bag) [02:09:27] do v6 data cleanup now (tackle the easier task first, as compared to v4) [02:10:34] we need a cert distribution and validation widget. [02:11:25] no consensus that path validation is feasible. [02:12:11] hide.zebra joins the room [02:12:35] short term; cert validation widget, open tools, origin prot, clean v6, partial implementation, revoke, path prot w/o proto changes. long term: HW changes, path pro w/ proto changes, AS path relationshop, proto changes, clean v4 data, bootstrapping-exception handling [02:16:09] wmhaddad joins the room [02:17:14] HDC00027112 leaves the room [02:18:24] chwhite2914 leaves the room [02:19:01] no consensus of re: AS0 is enough. not clear if RPKI has functionality to black hole prefixes [02:19:42] jared mauch at the mike [02:22:03] ASHIDA leaves the room [02:22:05] Randy. [02:22:13] is I publish ROA, that protects me. [02:22:16] ASHIDA joins the room [02:22:17] s/is/if/ [02:22:18] wmhaddad leaves the room: Computer went to sleep [02:22:50] aalain leaves the room [02:23:26] Danny: did you ask these operators if ythey'd participate inthe IETF? [02:23:32] for those that don't already? [02:23:49] Ruediger: there was only one who doesn't regularly (maybe 2-3) show up. [02:24:18] Wes George/Sprint. [02:24:25] sorrya bout the audio. [02:24:58] to clarify about bootstrapping: rapid behavior when it's coming online -- does it let table converge first, then purge, or do the vlaidationin real time. what's the impact on convergence? [02:25:03] ruediger volk: [02:26:53] eascenco leaves the room [02:26:55] ASHIDA leaves the room: Replaced by new connection [02:28:37] danny leaves the room [02:28:41] Robert Loomans leaves the room [02:29:06] weiler leaves the room [02:29:26] koji leaves the room [02:30:04] weiler joins the room [02:30:05] rababy leaves the room: Computer went to sleep [02:30:05] cdl leaves the room [02:30:07] foobar leaves the room [02:30:35] tetsuya.innami leaves the room [02:31:25] weiler leaves the room [02:31:41] mlepinski leaves the room [02:31:43] weiler joins the room [02:32:14] sandy expressing regret re: not getting to validation/implementation/IPR. [02:32:34] have a good afternoon, all. [02:32:37] moche-moche joins the room [02:32:48] weiler leaves the room [02:32:50] rhe leaves the room [02:32:54] John Schnizlein leaves the room [02:33:04] bje leaves the room [02:33:18] russmundy@jabber.org leaves the room [02:33:25] Mat Ford leaves the room [02:34:01] hide.zebra leaves the room [02:34:14] Brenden Kuerbis leaves the room [02:34:40] kazuya leaves the room [02:35:09] yamashin4579 joins the room [02:37:00] tv leaves the room [02:38:03] Jaap Akkerhuis leaves the room [02:42:50] moche-moche leaves the room: Replaced by new connection [02:47:24] Stefan Santesson joins the room [02:50:14] odonoghue leaves the room [02:50:43] tachibana@jabber.org leaves the room [02:52:38] Wes leaves the room [02:52:39] yinxing leaves the room [03:07:22] danny joins the room [03:10:33] Stefan Santesson leaves the room [03:12:11] danny leaves the room [03:53:24] yamashin4579 leaves the room [03:59:47] calvin joins the room [03:59:53] calvin leaves the room [04:08:02] John Schnizlein joins the room [04:11:09] John Schnizlein leaves the room [04:13:57] John Schnizlein joins the room [04:14:57] John Schnizlein leaves the room [04:22:46] wmhaddad joins the room [04:23:09] wmhaddad leaves the room [04:43:13] Stefan Santesson joins the room [05:04:33] Jaap Akkerhuis joins the room [05:04:38] cdl joins the room [05:05:15] cdl leaves the room [05:27:58] cdl joins the room [05:29:03] Stefan Santesson leaves the room [05:34:39] cdl leaves the room [05:41:21] odonoghue joins the room [05:42:15] Stefan Santesson joins the room [06:09:31] Stefan Santesson leaves the room [06:27:11] Stefan Santesson joins the room [06:32:24] odonoghue leaves the room [07:07:16] Jaap Akkerhuis leaves the room [07:17:21] Stefan Santesson leaves the room [07:22:20] Stefan Santesson joins the room [07:53:31] Stefan Santesson leaves the room [08:39:58] Stefan Santesson joins the room [08:40:15] Stefan Santesson leaves the room [08:40:15] Stefan Santesson joins the room [09:28:23] Stefan Santesson leaves the room: Replaced by new connection [09:28:23] Stefan Santesson joins the room [09:33:52] Stefan Santesson leaves the room [09:34:42] Stefan Santesson joins the room [09:45:29] Stefan Santesson leaves the room: Replaced by new connection [09:45:29] Stefan Santesson joins the room [09:45:29] Stefan Santesson leaves the room