Friday, November 12, 2021< ^ >
Meetecho has set the subject to: Virtual UTA "at" IETF 111
Room Configuration
Room Occupants

[15:35:29] Yoshiro Yoneya joins the room
[15:36:37] Meetecho joins the room
[15:44:54] alexamirante joins the room
[15:45:03] Alessandro Amirante_web_368 joins the room
[15:45:03] Deb Cooley_web_455 joins the room
[15:45:03] Hannes Tschofenig_web_112 joins the room
[15:45:03] Valery Smyslov_web_263 joins the room
[15:45:03] Yoshiro Yoneya_web_276 joins the room
[15:45:09] alexamirante has set the subject to: Virtual UTA "at" IETF 112
[15:45:34] Yoshiro Yoneya has set the subject to: Virtual UTA "at" IETF 112
[15:47:37] <Hannes Tschofenig_web_112> Hey Valery, Hi all
[15:47:47] <Valery Smyslov_web_263> Hi all
[15:49:45] Hannes Tschofenig_web_112 leaves the room
[15:49:48] stpeter joins the room
[15:49:49] Hannes Tschofenig_web_135 joins the room
[15:49:53] <Valery Smyslov_web_263> Meeting materials:
[15:50:08] Stephen Farrell_web_377 joins the room
[15:50:25] Francesca Palombini_web_691 joins the room
[15:51:00] Alison Becker_web_709 joins the room
[15:52:14] Chris Lemmons_web_159 joins the room
[15:52:17] Leif Johansson_web_760 joins the room
[15:54:20] francesca joins the room
[15:55:03] Peter Saint-Andre_web_240 joins the room
[15:55:26] <francesca> hello!
[15:55:32] <stpeter> ciao!
[15:55:41] Kelley Burgin_web_985 joins the room
[15:55:44] Yoshitaka Aharen_web_135 joins the room
[15:55:56] <francesca> how do we all feel for the last session of the week? :)
[15:55:59] <Valery Smyslov_web_263> Hi Francesca!
[15:56:14] <Deb Cooley_web_455> honestly?  ready to be finished.
[15:56:17] <Valery Smyslov_web_263> A bit tired...
[15:56:21] Yaron Sheffer_web_584 joins the room
[15:56:26] <sftcd> feel: sad we weren't in Madrid
[15:56:37] <Valery Smyslov_web_263> Agree
[15:57:07] Marcus Dansarie_web_840 joins the room
[15:57:16] Alyssa Thompson_web_172 joins the room
[15:57:27] Daphanie Nisbeth_web_413 joins the room
[15:57:36] Michael Breuer_web_350 joins the room
[15:57:38] Florence D_web_182 joins the room
[15:58:07] Erik Nygren_web_934 joins the room
[15:58:18] Shumon Huque_web_812 joins the room
[15:58:32] Ira McDonald_web_132 joins the room
[15:59:25] Korry Luke_web_233 joins the room
[15:59:35] Kenneth Murchison_web_612 joins the room
[15:59:42] Nicholas Gajcowski_web_498 joins the room
[15:59:46] Rich Salz_web_550 joins the room
[15:59:48] Marco Tiloca_web_117 joins the room
[16:00:03] Benjamin Schwartz_web_450 joins the room
[16:00:15] Tim Hollebeek_web_183 joins the room
[16:00:21] Tadahiko Ito_web_916 joins the room
[16:00:24] Joseph Salowey_web_741 joins the room
[16:00:33] Jonathan Hammell_web_203 joins the room
[16:00:43] Rikard Höglund_web_959 joins the room
[16:00:44] David Oliver_web_863 joins the room
[16:00:52] Leif Johansson_web_760 leaves the room
[16:00:56] Leif Johansson_web_366 joins the room
[16:01:00] Kenneth Murchison_web_612 leaves the room
[16:01:10] Tadahiko Ito_web_916 leaves the room
[16:01:15] Jonathan Lennox_web_187 joins the room
[16:01:17] <Rich Salz_web_550> it's not as harsh as when we meet in person.
[16:01:20] Christopher Inacio_web_890 joins the room
[16:01:26] Robin Wilton_web_655 joins the room
[16:01:32] Tero Kivinen_web_596 joins the room
[16:01:42] Hiroyuki Goto_web_124 joins the room
[16:01:46] Kenneth Murchison_web_359 joins the room
[16:01:49] Jen Hufford_web_151 joins the room
[16:01:58] Benjamin Kaduk_web_644 joins the room
[16:02:02] Robin Wilton_web_655 leaves the room
[16:02:06] Robin Wilton_web_804 joins the room
[16:02:10] joins the room
[16:02:19] Peter Koch_web_855 joins the room
[16:02:38] Chris Inacio joins the room
[16:02:54] <francesca> ahah funny Hannes :D
[16:03:09] Robin Wilton_web_804 leaves the room
[16:03:13] Robin Wilton_web_635 joins the room
[16:03:13] <Hannes Tschofenig_web_135> I had to try it
[16:03:34] <francesca> Thanks Rich!
[16:03:42] <stpeter>
[16:03:58] Kathleen Moriarty_web_948 joins the room
[16:04:11] Robin Wilton_web_635 leaves the room
[16:04:15] Robin Wilton_web_631 joins the room
[16:04:24] Peter Koch_web_855 leaves the room
[16:04:28] Jiri Novotny_web_155 joins the room
[16:05:18] Lixia Zhang_web_709 joins the room
[16:06:15] Carl Mehner_web_360 joins the room
[16:07:08] John Gray_web_516 joins the room
[16:09:33] Mike Bishop_web_748 joins the room
[16:10:27] <> It seems hard to claim that PSS certs are BCP if they aren't current
[16:11:46] <Rich Salz_web_550> wow, that review is impressive.
[16:11:58] <sftcd> just occurs to me it might make sense to have a sentence something like: "Ongoing development of TLS continues so implementers ought not assume that they can depend on specific content of TLS messages. For example, experiments like ECH means that the ClientHello visible before being processed by a TLS library may not correspond to the actual TLS session details." Reason is I have seen application layer code that peeks into the ClientHello in web servers that I had to modify when integrating with my ECH-supporting OpenSSL fork.
[16:12:08] <sftcd> I can send a mail to the list or raise a GH issue if that'd make sense
[16:12:39] <Rich Salz_web_550> yes that makes sense.  ALPS probably adds to the layering issues.
[16:12:56] Kenneth Murchison_web_359 leaves the room
[16:13:00] Kenneth Murchison_web_427 joins the room
[16:13:26] <sftcd> apologies for creating work for Yaron/StPeter with that last one;-)
[16:13:27] <Valery Smyslov_web_263> @sftcd: please, do it
[16:13:49] <sftcd> preference for mail or GH issue?
[16:13:55] <Valery Smyslov_web_263> I mean send a mail
[16:14:02] <sftcd> will do
[16:14:21] Kenneth Murchison_web_427 leaves the room
[16:14:31] <Rich Salz_web_550> I dunno.  As penance for causing all that work, mabye you should use GitHub :)
[16:14:51] <sftcd> that'd be true penance
[16:16:32] <sftcd> mail sent so no penance suffered:-)
[16:18:34] Craig Pearce_web_514 joins the room
[16:19:39] sftcd likes the graphc:-)
[16:20:10] Ned Freed_web_250 joins the room
[16:22:33] Jonathan Lennox_web_187 leaves the room
[16:22:37] Jonathan Lennox_web_864 joins the room
[16:26:32] Erik Nygren_web_934 leaves the room
[16:26:36] Erik Nygren_web_307 joins the room
[16:28:43] <> > I don't even remember how Jeff and I came up with such a long title
Maybe there was a bet involved ;)
[16:28:50] <Jonathan Lennox_web_864> Suspect "PKIX" and "TLS" got expanded by the RFC Editor's process.
[16:29:15] <sftcd> I'd bet more likely there was a lot of email and not a bet invlolved
[16:32:45] John Preuß Mattsson_web_692 joins the room
[16:34:26] Lixia Zhang_web_709 leaves the room
[16:35:13] <> There is at least in theory the option of "Updates:"-ing all the other
IETF documents that say to use CCM_8...though that is probably not a
pleasant document to write
[16:35:44] Göran Selander_web_428 joins the room
[16:36:07] <Tero Kivinen_web_596> How about giving bandwidth limit with CCM_8. For example IEEE 802.15.4 with 100kbit/s speeds I think the CCM_8 forgery will take quite a long time...
[16:36:17] <Rikard Höglund_web_959> Draft related to OSCORE can be found here:
[16:36:31] <John Preuß Mattsson_web_692> As I presented in SAAG a couple of meeting ago. I think the integrity advantage per key is not a relevant measure for a security protocol using a lot of keys.
[16:36:31] <> It's not always easy to rate-limit what you process as incoming
[16:36:31] Roman Danyliw_web_287 joins the room
[16:36:35] <sftcd> yeah rfc8996 was a PITA because of all the updates
[16:36:50] <John Preuß Mattsson_web_692> I think the security consideration here is the tag length 64 bits
[16:37:36] <Tero Kivinen_web_596> It is easy if your max bandwidth on radio link is what it is... This is supposed to be used in the IoT, which are constrained devices thus radio speed are slow.
[16:37:47] <Ira McDonald_web_132> The CFRG draft
[16:38:02] Yoshiro Yoneya_web_276 leaves the room
[16:38:06] Yoshiro Yoneya_web_946 joins the room
[16:40:09] <Tero Kivinen_web_596> For example in 802.15.4 the max frame number (i.e., maximum number of packets transmitted using one key) is 2^32, and transmitting the 2^32 packets will take over a year, thus rekeying every half a year should be enough...
[16:44:11] Christian Amsüss_web_540 joins the room
[16:44:21] <Erik Nygren_web_307> Doesn't TLS 1.3 AES-GCM get the nonce from the sequence number to make it deterministic?  While the full 64 bits in memory, could cTLS use a more compressed version of the seqno on the wire?  (if it doesn't already)
[16:44:53] Ned Freed_web_250 leaves the room
[16:45:41] Alison Becker_web_709 leaves the room
[16:46:40] <> Non-D TLS doesn't even send the sequence number on the wire.
[16:47:07] <Christian Amsüss_web_540> +1 on "WiFi makes something not IoT any more"
[16:47:29] <> DTLS 1.3 already has a compressed header that shortens the sequence
[16:48:17] <Benjamin Schwartz_web_450> @Erik, yes, the sequence number is not all sent in DTLS or cTLS
[16:49:13] Göran Selander_web_428 leaves the room
[16:51:49] Marco Tiloca_web_117 leaves the room
[16:51:53] Marco Tiloca_web_841 joins the room
[16:53:02] <John Preuß Mattsson_web_692> All the calculations in the CFRG draft are correct, but I think the idea to calculate is the advantage for a single key is not useful for the practical security. The CFRG states that very frequent rekeying improves security. I don't think that is true. The forgery probability per attemt is 2^-64 before and after rekeying. The forgery probability per packet only starts to increase at something like 2^35 forgery attampts. CCM_8 behaves very close to an ideal MAC. The important security factor for integrity is the 64 bit tag, which I think is acceptable for most IoT. An average forgery reguires 4.3 billion forgery attemps per second for 68 years.
[16:53:28] <> I don't think I'm awake enough to work through the (default) RTO case.
But doesn't the ACK mechanism mean that you only actually hit the RTO
timer when "the entire flight" is lost (in one direction or the
other)?  So it would be much more exceptional to actually hit an RTO
[16:54:25] Florence D_web_182 leaves the room
[16:55:22] <Tim Hollebeek_web_183> When I architected a similar system many years ago, we intentionally dropped connections once a day to reauthenticate / rekey.  The performance difference between forever connections and daily connections is pretty neglible.
[16:55:34] <stpeter> We have some text in RFC 6120 about long-lived connections: (not sure if that's useful)
[16:55:44] Nicholas Gajcowski_web_498 leaves the room
[16:57:01] Satoru Kanno_web_606 joins the room
[16:57:32] <John Preuß Mattsson_web_692> Some discussions relevant for the of (D)TLS with long connections. You might want to make some security considerations.
[16:58:27] Michael Breuer_web_350 leaves the room
[16:59:33] <Rich Salz_web_550> gotta go.  see y'all next time!
[17:00:13] Rich Salz_web_550 leaves the room
[17:00:35] Shumon Huque_web_812 leaves the room
[17:01:02] <francesca> Thank you Peter for minute taking! Thanks chairs!
[17:01:08] Benjamin Schwartz_web_450 leaves the room
[17:01:10] <Hannes Tschofenig_web_135> Thanks a lot
[17:01:12] <David Oliver_web_863> thanks all
[17:01:14] Jiri Novotny_web_155 leaves the room
[17:01:18] <Yaron Sheffer_web_584> Thank you!
[17:01:18] Jonathan Hammell_web_203 leaves the room
[17:01:19] Stephen Farrell_web_377 leaves the room
[17:01:19] Marco Tiloca_web_841 leaves the room
[17:01:22] Rikard Höglund_web_959 leaves the room
[17:01:22] Yoshiro Yoneya_web_946 leaves the room
[17:01:22] Christopher Inacio_web_890 leaves the room
[17:01:22] Deb Cooley_web_455 leaves the room
[17:01:22] Marcus Dansarie_web_840 leaves the room
[17:01:22] <Robin Wilton_web_631> Thanks everyone - see you at 113!
[17:01:23] Kelley Burgin_web_985 leaves the room
[17:01:24] Yaron Sheffer_web_584 leaves the room
[17:01:24] Francesca Palombini_web_691 leaves the room
[17:01:24] Tim Hollebeek_web_183 leaves the room
[17:01:29] Roman Danyliw_web_287 leaves the room
[17:01:33] Robin Wilton_web_631 leaves the room
[17:01:33] Daphanie Nisbeth_web_413 leaves the room
[17:01:33] Leif Johansson_web_366 leaves the room
[17:01:36] <Valery Smyslov_web_263> Thanks all
[17:01:42] Joseph Salowey_web_741 leaves the room
[17:01:48] Mike Bishop_web_748 leaves the room
[17:01:52] Ira McDonald_web_132 leaves the room
[17:01:55] John Preuß Mattsson_web_692 leaves the room
[17:01:56] John Gray_web_516 leaves the room
[17:01:56] David Oliver_web_863 leaves the room
[17:01:57] Chris Lemmons_web_159 leaves the room
[17:02:00] Christian Amsüss_web_540 leaves the room
[17:02:01] Yoshiro Yoneya leaves the room
[17:02:01] Alyssa Thompson_web_172 leaves the room
[17:02:02] Craig Pearce_web_514 leaves the room
[17:02:03] Yoshitaka Aharen_web_135 leaves the room
[17:02:03] Carl Mehner_web_360 leaves the room
[17:02:09] Jen Hufford_web_151 leaves the room
[17:02:10] Korry Luke_web_233 leaves the room
[17:02:11] Tero Kivinen_web_596 leaves the room
[17:02:14] Peter Saint-Andre_web_240 leaves the room
[17:02:16] Chen Li_web_448 joins the room
[17:02:17] Erik Nygren_web_307 leaves the room
[17:02:18] Tadahiko Ito_web_320 joins the room
[17:02:20] Jonathan Lennox_web_864 leaves the room
[17:02:45] Benjamin Kaduk_web_644 leaves the room
[17:02:49] Chen Li_web_448 leaves the room
[17:02:50] Valery Smyslov_web_263 leaves the room
[17:03:02] Tadahiko Ito_web_320 leaves the room
[17:03:06] Satoru Kanno_web_606 leaves the room
[17:03:54] Hannes Tschofenig_web_135 leaves the room
[17:04:03] stpeter leaves the room
[17:05:28] francesca leaves the room
[17:05:47] Hiroyuki Goto_web_124 leaves the room
[17:06:44] Meetecho leaves the room
[17:07:07] Kathleen Moriarty_web_948 leaves the room
[17:07:07] Alessandro Amirante_web_368 leaves the room
[18:08:40] alexamirante leaves the room
[20:30:26] Chris Inacio leaves the room