IETF
sidr
sidr@jabber.ietf.org
Friday, July 25, 2014< ^ >
sandy has set the subject to: http://trac.tools.ietf.org/wg/sidr/trac/wiki/InterimMeeting20120929
Room Configuration
Room Occupants

GMT+0
[12:33:29] Room Feed joins the room
[12:34:01] slide feed joins the room
[12:38:10] Room Feed leaves the room
[12:38:25] room stream joins the room
[12:48:44] room stream leaves the room
[12:49:10] presenter feed joins the room
[12:49:33] presenter feed leaves the room
[12:49:55] presenter video joins the room
[12:50:48] presenter video leaves the room
[12:52:03] roomvideo feeds joins the room
[12:52:11] Samuel Weiler joins the room
[12:53:07] Agustin Formoso joins the room
[12:54:37] bje joins the room
[12:54:56] Wes George joins the room
[12:59:43] Paolo Saviano joins the room
[13:00:30] Paolo Saviano leaves the room
[13:00:47] Dan York joins the room
[13:02:18] Dan York has set the subject to: SIDR at IETF 90
[13:07:07] akatlas joins the room
[13:08:37] internetplumber joins the room
[13:08:51] <Wes George> session starts
[13:08:54] <Wes George> anyone remote?
[13:09:26] Sean Turner joins the room
[13:09:50] <Wes George> audio: http://ietf90streaming.dnsalias.net/ietf/ietf907.m3u
[13:10:12] Carlos M. Martinez joins the room
[13:10:37] <Wes George> sandy reviewing WG Draft status
[13:10:44] <Dan York> pseudo-remote - monitoring when presentations change from another room
[13:10:54] <Wes George> ok
[13:10:58] <Wes George> currently http://www.ietf.org/proceedings/90/slides/slides-90-sidr-6.pdf
[13:11:05] <Wes George> slide 7
[13:12:36] <Wes George> rob austein  
[13:12:46] <Wes George> doing interop testing. minor changes, textual
[13:12:52] <Wes George> soon ready for WGLC
[13:13:55] <Wes George> slide 8
[13:14:11] <Wes George> slide 9
[13:14:23] mikemlb joins the room
[13:14:54] <Wes George> Matt L now reviewing http://www.ietf.org/proceedings/90/slides/slides-90-sidr-3.pdf
[13:15:01] russ joins the room
[13:15:02] <Wes George> is there anyone remote? audio check?
[13:15:33] <Wes George> slide 2
[13:16:13] <Wes George> slide 3
[13:17:06] ALAIN AINA joins the room
[13:17:14] <Wes George> slide 4
[13:18:29] Benno Overeinder joins the room
[13:18:36] Tony Tauber joins the room
[13:19:32] <Wes George> john scudder
[13:19:43] Tony Tauber leaves the room
[13:19:53] <Wes George> struggling to think of a case where I’d want to trust a route with good AS-path but bad origin
[13:20:20] <Wes George> mike baron (?) - the roa and AS-path validation are done separately
[13:20:25] <Wes George> in my implementation
[13:20:29] Jeffrey Haas joins the room
[13:20:37] <Wes George> worth mention, not sure it needs to be in validation steps
[13:20:44] <Jeffrey Haas> Can someone remind me of the procedure we're doing for private AS origins?
[13:20:53] Tony Tauber joins the room
[13:21:01] <Wes George> randy bush -
[13:21:10] <Wes George> jeff - you’d need an LTA
[13:21:22] <Wes George> or well, no that’s more for private IP
[13:21:43] <Wes George> I think the expectation is that it’d be signed with the external ASN
[13:21:45] <Jeffrey Haas> so, we could have a valid path, but the trust of the origin may be allowed to vary?
[13:21:53] <Wes George> in other words, “remove private”
[13:21:58] <Jeffrey Haas> ah, external as signature. thanks.
[13:22:19] <Wes George> doug M
[13:23:46] <Wes George> randy bush
[13:24:11] <Wes George> what is result when AS-path validates, no covering roa?
[13:24:15] <Wes George> result is my decision
[13:24:20] <Wes George> ruediger volk
[13:24:34] <Wes George> path authenticated, not path is valid
[13:24:51] <Wes George> rob austein - hearing support for keep them separate, def. separate in pro to
[13:25:11] <Wes George> might make a statement that path good and origin bad is probably a weird state you want to avoid
[13:25:21] <Wes George> sandy murphy - trying to avoid policy hard coding
[13:25:42] <Wes George> this is one case where we’ve hard-coded policy. unknown origins become a not valid path
[13:26:13] <Jeffrey Haas> Are there roa cert rollover/oops scenarios where this might happen?
[13:26:35] <Jeffrey Haas> wes caught my point
[13:27:04] <Jeffrey Haas> or even some of the transit ASes may have a roa cache out of sync to something *very* fresh.
[13:27:22] <Wes George> ruediger volk
[13:27:53] <Wes George> my comment at mic - RPKI uses external certs. access to those can go down. keys for BGPsec are local to the routers and may still be present
[13:28:21] Passive Control joins the room
[13:28:22] <Wes George> slide 5
[13:28:46] <Wes George> randy bush
[13:29:00] <Wes George> curve choice for the signature, has not converged
[13:29:17] <Wes George> a; pro to draft says “see draft lags”
[13:29:36] <Wes George> sean turner - proto spec stays stable, algs changes
[13:30:31] <Wes George> randy (off -mic) cfrg is working on this
[13:30:46] <Samuel Weiler> there are a few details I've missed in the minutes; input on the etherpad is welcome.
[13:31:21] <Wes George> I’ll keep adding stuff here that you can incorporate
[13:31:24] <Wes George> slide 6
[13:31:34] <Wes George> slide 7
[13:32:17] <Wes George> randy - it’s going to need revision
[13:32:39] Passive Control leaves the room
[13:32:47] <Wes George> doc hasn’t been refreshed for 2 years
[13:33:13] <Wes George> it was sort of in parallel with origin ops, lost sync after origin ops went forward, and as bgpsec progressed
[13:33:20] <Wes George> slide 8
[13:33:52] <Wes George> slide 9
[13:35:07] Passive Control joins the room
[13:35:54] <Wes George> randy
[13:36:06] <Wes George> I don’t believe anyone uses TCP AO
[13:36:19] <Wes George> bgpsec is designed to prevent gaming of as-path
[13:36:37] <Wes George> is authentication/encrption on the wire needed to maintain that guarantee
[13:36:49] Passive Control leaves the room
[13:36:52] <Wes George> object security, therefore we don’t need transport sec
[13:37:17] <Wes George> major proponent as opportunistic encryption, but not a requirement
[13:37:33] <Wes George> jeff hass - MITM, intercept and inject valid BGP frames
[13:37:42] <Wes George> you can drop and ignore messages that should get through, insert previously valid sigs
[13:38:29] <Wes George> jeff - different is that it’s a third party
[13:38:41] <Wes George> jared - I have a much bigger problem if someone is on-link in the middle
[13:39:10] <Wes George> routing info isn’t secret, trace route, looking glass, etc
[13:39:16] <Wes George> messaging doesn’t need to be secret
[13:39:28] <Wes George> warren kumari - this is orthogonal to BGPSec
[13:39:43] <Wes George> currently/in the future, I want to make a decision on whether I should do this or not
[13:39:48] <Jeffrey Haas> We do not require secrecy, but integrity.
[13:40:00] <Wes George> michael baer - +1 should is good, must wouldn’t be a bad thing
[13:40:21] Rob Austein joins the room
[13:40:30] <Wes George> doug M -
[13:40:41] <Wes George> you can downgrade from BGPSec to regular BGP as a MITM
[13:41:16] <Wes George> matt - sec considerations should reflect this
[13:41:40] <Wes George> warren - I think this is a good idea, don’t know why you’re saying anything about it.
[13:41:50] <Wes George> matt - because requirements…
[13:42:14] <Wes George> rob austein - we saw this movie with dnssec
[13:42:25] <Wes George> bgpsec the protocol vs big solution to all security problems in bgpland
[13:42:34] <Wes George> there are other attacks possible on bgp
[13:42:46] <Wes George> the req’s doc is talking about those other threats
[13:42:47] Passive Control joins the room
[13:43:00] <Wes George> we can’t force operators to do anything
[13:43:10] <Wes George> sean turner - recovering sec AD
[13:43:14] <Wes George> trying to get this through IESG
[13:43:15] Passive Control leaves the room
[13:43:28] <Wes George> randy - do the right thing
[13:43:48] <Wes George> matt- helpful to have discussion to respond to iesg concerns
[13:44:02] <Sean Turner> +1 to do the right thing
[13:44:37] <Wes George> john scudder - creates another big writing job (bcp) - stop polishing
[13:44:53] <Wes George> sandy - cover in bgpsec ops?
[13:45:18] <Wes George> rob - I suspect you know whether your peer is doing bgpsec
[13:45:39] <Wes George> john (ntt) - implementation could simply refuse to downgrade
[13:45:53] <Wes George> worth mentioning, but transport security is another doc
[13:46:27] <Wes George> doug m - I don’t know whether any path passing through whether it came signed or not
[13:47:39] <Wes George> slide 10
[13:48:11] ALAIN AINA joins the room
[13:48:18] <Samuel Weiler> Wed George now presenting.
[13:48:18] ALAIN AINA leaves the room
[13:48:29] <Samuel Weiler> slide 2
[13:50:18] <Samuel Weiler> his opinion: leave docs standalone, to preserve background info; thinks we're about done, even though it will block on other doc.
[13:51:03] <Samuel Weiler> John Scudder: couldn't docs ref each other w/o updates and have RFC editor treat them as a cluster?
[13:51:13] <Samuel Weiler> Matt Lepinski: should be standards track.
[13:51:57] <Wes George> sean turner now presenting http://www.ietf.org/proceedings/90/slides/slides-90-sidr-2.pdf
[13:52:05] <Wes George> BGPsec CSR
[13:52:06] <Wes George> slide 2
[13:52:34] <Wes George> slide 3
[13:53:00] <Wes George> slide 4
[13:54:29] <Wes George> slide 5
[13:55:22] <Wes George> wes- as migration
[13:55:41] <Wes George> jeff hass - just plan for multiple ASes on one router
[13:55:52] <Wes George> rob a - a single cert per AS
[13:55:57] <Jeffrey Haas> s/hass/haas/ :-)
[13:56:04] <Wes George> yeah, DYAC
[13:56:15] <Wes George> originally it tried to make it “bass”
[13:56:28] <Jeffrey Haas> Ich nicht dich hasse.
[13:56:39] <Tony Tauber> What about "AS spoofing" (e.g. Cisco's "local-as")?
[13:56:48] <Wes George> that’s what my reference to as-migration was about
[13:56:55] <Wes George> sidr-as-migration draft
[13:56:56] <Wes George> :-)
[13:57:27] <Tony Tauber> One may use it in non-migration ie. long-term cases
[13:57:32] <Wes George> Jeff haas - as-migration discusses one problematic scenario
[13:58:25] <Wes George> randy - you know as what AS you are speaking
[13:58:30] <Wes George> whether it’s 1 or 30
[13:58:36] <Wes George> you can sign with the appropriate key
[13:59:15] <Wes George> summary - multiple certs on the router, one per ASN
[14:00:02] <Wes George> matt
[14:00:13] <Wes George> slide 6
[14:00:32] <Wes George> slide 7
[14:01:42] <Jeffrey Haas> Tersely, if a router X is doing work for AS 1, 2, 3 and is peering as AS 1, the path will often be something like "1 2 3".  This implies that the router must be capable of generating the path signature across "1 2 3".  
[14:02:03] <Wes George> slide 8
[14:02:37] Samuel Weiler leaves the room
[14:03:24] <Wes George> JGS now presenting http://www.ietf.org/proceedings/90/slides/slides-90-sidr-5.pdf
[14:04:04] <Wes George> slide 2
[14:04:26] Passive Control joins the room
[14:05:23] <Wes George> slide 3
[14:07:44] <Wes George> wes and sue hares at mic
[14:08:27] <Wes George> slide 5
[14:08:45] <Wes George> slide 6
[14:09:43] <Sean Turner> here @ the ietf - is the draft small enough to drown in a bathtub
[14:10:07] <Wes George> the answer is no, because the boilerplate is very buoyant
[14:10:44] <Jeffrey Haas> document bloat (and thus buoyancy) is not relative to the number of pages. :-)
[14:11:08] Passive Control leaves the room
[14:11:10] Carlos M. Martinez leaves the room
[14:11:52] <Wes George> slide 7
[14:11:59] Carlos M. Martinez joins the room
[14:12:07] amreesh joins the room
[14:13:23] Passive controller joins the room
[14:13:33] <Wes George> samkat ray - if you eliminate sec 3, you need something to influence best path
[14:14:22] <Wes George> offline validation?
[14:14:45] <Wes George> doug m
[14:15:38] <Wes George> I’m literally not following this exchange well enough to summarize it
[14:15:45] Wes George waves white flag
[14:16:08] Simon Romano joins the room
[14:16:31] Simon Romano leaves the room
[14:17:05] <Rob Austein> I am not certain that anybody followed it
[14:18:22] <Wes George> ruediger - why not invoke error handling?
[14:18:29] <Wes George> treat as withdraw, drop attribute, etc
[14:18:47] <Wes George> Jeff Haas - attribute as extended community
[14:18:59] <Wes George> it’s expeditious for the implementation, but that means you can add many
[14:19:11] <Wes George> some system could scribble over it
[14:20:32] <Wes George> slide 8
[14:21:15] <Wes George> slide 9
[14:22:09] Samuel Weiler joins the room
[14:22:34] <Wes George> Steve Kent now discussing http://www.ietf.org/proceedings/90/slides/slides-90-sidr-1.pdf
[14:23:08] <Samuel Weiler> sldie 2
[14:24:43] <Wes George> slide 3
[14:25:20] amreesh leaves the room
[14:26:15] Agustin Formoso leaves the room
[14:26:20] <Wes George> slide 4
[14:27:55] <Wes George> slide 5
[14:29:58] Simon Romano joins the room
[14:30:28] <Wes George> slide 6
[14:32:06] <Wes George> slide 4 has an error, the reference to suspenders is wrong
[14:32:12] <Wes George> slide will be updated
[14:32:31] <Wes George> andy newton - which RIR policy has asked for suspenders
[14:32:40] <Wes George> steve - discussions at RIPE mtg
[14:33:02] <Wes George> no formal consensus
[14:33:05] <Wes George> rob austein -
[14:33:41] <Wes George> agree that LTAM should be retired, open for discussion of if it needs to be replaced
[14:34:15] <Wes George> Tim Bruinzeels (sp) - more discussion is needed, but suggested approach (suspenders) seems complex
[14:34:23] <Wes George> slurm might provide easier way to similar results
[14:34:42] <Wes George> TAO - lot of other concerns WRT transfers
[14:35:06] <Wes George> lots of policy governing transfers
[14:35:44] <Wes George> steve- should the WG not describe how CAs handle this?
[14:36:38] <Wes George> randy bush - I raised dutch court attack issue
[14:37:04] <Wes George> there are no ways in the regions I’m familiar with (not ARIN) to have consensus over non-policy issues, this is non-policy
[14:37:41] <Wes George> ripe accepted a technically incorrect police order, did a knee jerk action that they had to back off of next day
[14:37:58] <Wes George> those folk watching from ops and research, it’s a real concern
[14:38:30] <Wes George> steve - china sent someone to BBN to study this issue
[14:38:47] <Wes George> there is concern there
[14:39:09] <Wes George> randy - would like to separate the need for a custom view from the dutch court attack
[14:39:42] <Wes George> different view problem isn’t from cert or tA, but from roa
[14:39:50] <Wes George> I need to say “ I need these roa s”
[14:40:01] <Wes George> let the computer figure the hierarchy out - bottom up, not top down
[14:40:24] <Wes George> sharon goldberg - paper on preventing dutch court (police) attack
[14:40:39] <Wes George> how do you do revocations that show all parties involved agreed
[14:40:43] <Wes George> need feedback
[14:40:50] <Sean Turner> use github ;)
[14:40:54] <Wes George> sigcom
[14:41:00] <Wes George> will send pointer to list
[14:41:20] <Wes George> geoff huston - is the answer to every problem back in the RPKI
[14:41:39] <Wes George> underlying issue is a wish to have local policy that takes precedence over other people’s info
[14:41:43] <Wes George> but I don’t want to tell anyone else
[14:41:48] <Wes George> steve - no not in all use cases
[14:42:06] <Wes George> geoff - in some in these cases, local exceptions/preferences decision
[14:42:21] <Wes George> why is it necessary to boil down into the rpki and find local solution in that mechanism
[14:42:40] <Wes George> not arguing that it’s an issue
[14:42:45] <Wes George> but do we have to solve it in RPKI
[14:43:48] <Wes George> my decision is not transitive
[14:44:24] <Wes George> neither party agrees with the other’s characterization
[14:44:40] <Wes George> morrow - short definition of what the purpose is — is that in the abstract?
[14:44:59] <Wes George> sounds like papering over problems in RPKI, short or long term, some created externally
[14:45:24] <Wes George> randy - point was that in a large distributed env that wants unique view, need a way to communicate that view
[14:45:41] <Wes George> you can invent a new syntax for semantics, or you can use the existing one
[14:46:02] <Wes George> Geoff Huston  presnting http://www.ietf.org/proceedings/90/slides/slides-90-sidr-4.pdf
[14:46:07] <Wes George> slide 2
[14:46:09] <Wes George> slide 3
[14:46:52] <Wes George> breezing through slides
[14:46:54] <Wes George> now on 6
[14:50:42] <Wes George> discussion
[14:51:04] <Wes George> steve kent - current version is cleaner
[14:51:16] <Wes George> focus has change to transfers vs high-tier CA has a “whoops”
[14:51:22] <Wes George> are these separable problems?
[14:51:29] <Wes George> TAO exclusively deals with transfer issue
[14:51:34] <Wes George> not trying to address the other problem
[14:52:01] <Wes George> are the two problems intertwined?
[14:52:35] <Wes George> geoff - removed the modification/implementation stuff, no other changes
[14:52:50] <Wes George> continual issues in running 5 registries that effectively describe a pool of resources
[14:52:57] <Wes George> resources do shift
[14:53:08] <Wes George> result of that is that occasionally gaps appear
[14:53:19] <Wes George> publishing cycle
[14:53:42] <Wes George> other problem is that they get described twice. not as fatal
[14:54:08] <Wes George> one solution is to merge the RIRs, but not sure that’s where we should go
[14:54:18] <Wes George> other solution “ don’t screw up”
[14:54:22] <Wes George> not realistic
[14:55:26] <Wes George> steve - APNIC transfers says very small list
[14:55:34] <Wes George> geoff- that’s only when money changes hands
[14:56:02] <Wes George> ways to move that don’t require reporting as a transfer
[14:58:09] <Wes George> steve - do the RIRs run checks ? if one is already doing so, the “whoops” factor is lower
[14:58:35] <Wes George> geoff: so I can’t revoke a subordinate cert until everyone else is fixed up?
[14:58:57] <Wes George> steve - where did the resources move? if they didn’t move below them, it might not affect
[15:00:33] <Wes George> steve - my concern in relaxing path validation results in something that is not useful is valid
[15:00:39] <Wes George> randy - have we seen this problem?
[15:00:44] <Wes George> geoff - dunno
[15:00:52] <Wes George> which problem?
[15:01:05] <Wes George> randy - the problem that you claim this solves
[15:01:27] <Wes George> geoff - when something disappears from one RIR’s registry system and doesn’t reappear, yes
[15:01:35] <Wes George> randy what about the RPKI?
[15:01:39] <bje> … the rpki which is not yet linked between registries
[15:02:43] <Wes George> randy - better way to solve this is to properly describe transfers
[15:03:09] <Wes George> how to handle within RPKI
[15:03:24] <Wes George> ruediger volk - have we seen other problems?
[15:03:32] <Wes George> are we monitoring and figuring out?
[15:03:58] <Wes George> geoff - send text
[15:04:16] <Wes George> tim bruijnzeels - we have not experienced, no guarantee for the future
[15:04:36] <Wes George> RV - not a long delegation chain. this hits with a delegation chain longer than one
[15:04:44] Benno Overeinder leaves the room: Disconnected: closed
[15:04:48] <Wes George> tim - problem becomes worse when you don’t have full control of local hierarchy
[15:05:08] <Wes George> more formal transfers in RPKI might fix one problem that leads to this
[15:05:18] <Wes George> still work looking at this, can be bugs
[15:05:41] <Wes George> impact is disproportional
[15:06:26] <Jeffrey Haas> The implication of transfer issues in the RIRs is troublesome: If it happens today outside of a bgpsec enabled Internet, it's an annoyance.  In RPKI enabled bgpsec Internet, such a fault could potentially knock people offline.  I'm not sure quite why people are dancing outside of the outright accusation.
[15:06:53] <Wes George> robert - there is value even if RIRs are working flawlessly
[15:07:16] <Wes George> procedural question - assuming we agree there is a problem - why are we producing a doc that says “problem” and another doc to fix
[15:07:30] <Wes George> assuming there’s no consensus there’s a problem, why are we doing this?
[15:07:42] <Wes George> sandy - working out details via draft, don’t necessarily end up as RFCs
[15:09:20] Benno Overeinder joins the room
[15:10:02] <Wes George> morrow - my suggestion
[15:10:06] Eric Burger joins the room
[15:10:16] Eric Burger leaves the room
[15:10:44] <Wes George> rob austein - this is fundamentally a robustness principle argument
[15:11:12] <Wes George> it’s weird that mostly what we’re hearing is a lot from the senders, and not the receivers
[15:11:19] <Wes George> as to whether they consider this a danger
[15:11:34] <Wes George> fundamental tension - robustness principle is not the method people follow
[15:11:39] <Wes George> in the security area
[15:11:45] <Wes George> fundamental disconnect
[15:12:17] <Wes George> geoff - it added something that wasn’t there before
[15:13:13] <Wes George> doug M - public/private WGs, the fear that some failure than this infra will be greater than the problem it solves dominates
[15:13:21] <Wes George> must produce a proof that this cannot happen
[15:13:32] <Wes George> they don’t even understand this level of detail, or it’d be worse
[15:13:48] <Wes George> geoff - I can’t offer any reassurance
[15:14:20] <Wes George> doug - don’t think a proof is possible
[15:14:31] <Wes George> warren - people who operate a system telling us that they might screw it up
[15:14:39] <Wes George> no news here
[15:15:00] <Wes George> if we don’t agree this is a problem, we’ll see it eventually, and I don’t want geoff to be able to say I told you so
[15:15:03] <Wes George> I don’t want that
[15:15:45] <Wes George> Tim B - not sure I’d classify this as liberal. this is accepting resources for which there is no dispute
[15:16:02] <Wes George> chris - bundles of resources. 1 /8 assigned to 16 asns?
[15:16:13] Benno Overeinder leaves the room
[15:16:20] <Wes George> geoff - no, when I issue an RPKI cert, you’ll find a collection of v4 and v6 resources, and ASNs
[15:16:37] <Wes George> that cert is only valid if every last item as a block is seen in the chain of certs in the validation path
[15:16:49] <Wes George> can we keep a system that guarantees integrity of that block of resources
[15:17:22] bje leaves the room
[15:17:43] <Wes George> morrow - why bundle? can’t you have one per?
[15:18:34] <Wes George> geoff- what’s the separation point?
[15:18:48] <Wes George> fewer certs if possible
[15:18:59] <Wes George> morrow - growing pains problems?
[15:19:43] <Wes George> carlos - I don’t see this as being more liberal
[15:19:50] Carlos M. Martinez leaves the room
[15:20:29] <Wes George> what sort of attacks does this open?
[15:20:40] <Wes George> steve kent - problem statement needs to be expanded
[15:21:25] Simon Romano leaves the room
[15:21:39] <Wes George> need more examples that are important as establishing the bounds of the problem
[15:22:25] <Wes George> geoff -seeing ASNs in table that NIR says are reserved
[15:22:42] Carlos M. Martinez joins the room
[15:22:50] mikemlb leaves the room
[15:23:16] <Wes George> steve - next level down characterization
[15:25:38] <Wes George> wes, then tim at mic
[15:26:01] <Wes George> we don’t issue over claiming certs for the sake of it
[15:26:16] <Wes George> Jeff haas - mostly an issue due to the potential impacts on routing
[15:26:30] <Wes George> mistakes, latency are going to happen
[15:26:50] <Wes George> better off saying for bgpsec, what is our procedure for managing when resources vanish
[15:27:22] <Wes George> geoff - under 3779 one resource has left but all resource in the EE go left
[15:27:42] <Wes George> the further out in the hierarchy, the larger the amount of resources affected
[15:28:06] <Wes George> jeff - routers are good at doing large subtree walks
[15:28:41] <Wes George> randy - ops practices for OV, the loss of the entire RPKI, the packets will still get there
[15:28:55] <Wes George> the fact that you’ve lost a cert, they go to unknown
[15:29:33] Dan York leaves the room
[15:30:10] Samuel Weiler leaves the room
[15:30:35] Jeffrey Haas leaves the room
[15:30:37] russ leaves the room
[15:31:36] internetplumber leaves the room
[15:31:41] Rob Austein leaves the room
[15:31:45] Wes George leaves the room
[15:32:20] ALAIN AINA leaves the room
[15:32:25] Passive controller leaves the room
[15:32:53] Carlos M. Martinez leaves the room
[15:32:59] Tony Tauber leaves the room
[15:33:00] akatlas leaves the room
[15:33:38] roomvideo feeds leaves the room
[15:34:53] slide feed leaves the room
[15:50:21] akatlas joins the room
[15:52:49] Sean Turner leaves the room
[15:53:17] akatlas leaves the room
[16:14:45] Dan York joins the room
[16:16:18] Dan York joins the room
[16:27:50] Dan York leaves the room
[17:23:02] Dan York leaves the room
[17:30:47] Dan York joins the room
[18:44:40] Dan York joins the room
[18:54:52] Dan York leaves the room
[20:32:37] Dan York leaves the room
[20:33:52] Dan York joins the room
[20:36:48] Dan York leaves the room
[22:40:56] Dan York joins the room
[22:44:24] Dan York leaves the room
[22:44:27] Dan York joins the room
[23:45:57] Dan York leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!