Logs for appsarea@ietf.xmpp.org, 2003-11-10

[08:52:29] --- mrose has become available
[08:56:43] <mrose> meeting begins
[08:57:11] --- hildjj has become available
[08:57:46] --- nsb has become available
[08:58:12] --- nsb has left
[08:58:27] --- nsb has become available
[08:58:35] --- lisaDusseault has become available
[08:58:54] <mrose> ted: welcome
[08:58:55] <lisaDusseault> Hey - Joe which version of Exodus did you say I should upgrade to?
[08:59:12] <hildjj> http://exodus.jabberstudio.org/daily/setup.exe
[08:59:52] <hildjj> if you're using IE, you may have to go to the daily directory, and *then* download setup.exe
[08:59:55] <mrose> ted: ned is recovering well, but is absent ... available via email
[09:00:03] --- lisaDusseault has left: Disconnected
[09:00:53] --- lisaDusseault has become available
[09:01:14] <mrose> ted: agenda - conflict w/ htp, may have 2nd meeting if needed
[09:01:28] --- lisaDusseault has left: Disconnected
[09:01:54] <hildjj> For those running Panther, there's a fresh build of Nitro on my local webserver. You should be able to use Rendezvous to find me.
[09:03:00] <mrose> chris newman - imap urlauth
[09:03:40] --- hildjj has left: Disconnected
[09:04:01] --- hildjj has become available
[09:04:05] --- hildjj has left: Disconnected
[09:04:32] --- lisaDusseault has become available
[09:04:46] <mrose> aka pawn ticket / authorization w/o authetication
[09:04:53] --- hildjj has become available
[09:05:19] --- lisaDusseault has left: Replaced by new connection
[09:05:19] --- lisaDusseault has become available
[09:05:45] --- lisaDusseault has left: Replaced by new connection
[09:05:45] --- lisaDusseault has become available
[09:05:45] --- lisaDusseault has left
[09:05:46] <mrose> history: developed for imap composition prrposal
[09:07:06] <hildjj> note: the scalable deployment scheme shown (separate inbound and outbound MTA's) is the use case that makes S2S dialback interesting.
[09:07:43] <mrose> steps - client gets mailbox secret from imap, sends url to smtp w/ estp, smtp derefs url
[09:10:20] <mrose> generalizes to auhorization w/o authentication
[09:10:40] <hildjj> doesn't webdav already do this ticketing scheme?
[09:10:58] --- lisaDusseault has become available
[09:11:31] <lisaDusseault> Joe: We proposed something called 'tickets' but it didn't generate sufficient interest at the time.
[09:11:41] <hildjj> oh. crap. i need that.
[09:13:15] <mrose> security - tls protect mbxkey, beware caching, prefer oob authentication
[09:14:38] <hildjj> lisa: so could this approach be reused for webdav?
[09:15:43] <mrose> draft-crispin-imap-urlauth-04.txt
[09:17:02] <mrose> morgan: cf, attribute-based authorization/oasis
[09:19:18] --- resnick has become available
[09:19:49] --- yone has become available
[09:20:11] --- jaltman has become available
[09:20:35] --- rjs3 has become available
[09:20:51] --- alexeym has become available
[09:21:16] <mrose> orman: there are subtle trust issues, caching is a concern
[09:22:04] <mrose> crispin: there are additional protections discussed in the draft
[09:22:16] --- michael has become available
[09:22:36] <hildjj> tickets are also useful for xmpp file transfer use cases.
[09:23:28] <mrose> dusseault: lots of good experiences w/webdav product for similar things
[09:23:59] --- warlord has become available
[09:24:04] <mrose> crocker: this mechanism permits very fine grained control
[09:24:25] --- wgriffin has become available
[09:25:06] <mrose> masinter: expiration date/time
[09:25:50] --- mrose has left
[09:25:52] --- mrose has become available
[09:26:05] --- wgriffin has left
[09:27:29] <mrose> masinter: existing url syntax supports placement of auth info
[09:28:09] <mrose> masinter: consider an url wrapping mechanism
[09:29:24] <mrose> morgan: standardizing this is a good thing
[09:29:53] --- resnick has left: Replaced by new connection
[09:29:53] --- kmurchison has become available
[09:29:54] --- jhutz has become available
[09:30:11] <mrose> morgan: be careful about reusing auth slot in url syntax
[09:30:12] --- resnick has become available
[09:32:58] --- anewton has become available
[09:34:39] --- mrose has left
[09:34:47] --- mrose has become available
[09:35:51] <mrose> parsons: lemonade needs to decide push/pull to decide whether to pursue this
[09:36:24] <mrose> legg: xml-enabled directories
[09:36:38] <alexeym> URLAUTH has applicability outside of Lemonade
[09:37:07] <mrose> yes!
[09:37:11] <lisaDusseault> Joe: Not as-is. The model seems to be no different, though.
[09:38:25] <mrose> pre-ldap world: overlap of data
[09:38:50] <mrose> ldap: single admin, less overlap
[09:39:32] <mrose> emergent xml leading to pre-ldap scenarios
[09:40:34] <mrose> post-ldap: needs xml-based access protocol, complax data, searching
[09:41:51] <mrose> xed: replace ber in ldap w/ xml [asn becomes a schema language]
[09:43:10] <mrose> ...dxer - directory xml encoding rules
[09:44:41] <mrose> xed gets all of ldap, x.500 stuff
[09:46:31] <mrose> need to revert ldap octetstrings back to original x.500 types
[09:46:43] --- resnick has left: Disconnected
[09:47:03] --- resnick has become available
[09:47:06] --- stpeter has become available
[09:47:31] <mrose> a slide on xldap v. dsmlV2...
[09:47:54] --- amarine has become available
[09:48:22] <mrose> in brief: dmslV2 uses base64 encodings
[09:49:27] <mrose> ldap discourages user-defined syntaxes, xed allows this
[09:49:32] <anewton> I think the main point between xdap and dsmlv2 was that xldap allows any XML, whereas dsmlv2 is much more restrictive.
[09:49:39] --- randy has become available
[09:51:00] <mrose> true.
[09:51:51] --- rjs3 has left: Disconnected
[09:52:13] <mrose> xldap: general-purpose xml-based for managing hierarchical xml datastores
[09:52:58] <mrose> impediments: asn.1 blechhhhhhhhh
[09:54:40] <mrose> asn.1 schema - just what it sounds like
[09:55:45] <mrose> analogy: xml document is to dxer encoding, as binary xml is to ber, as ...
[09:57:59] <mrose> xeddev@adacel.com - http://www.xmled.info/
[10:00:29] --- danlc has become available
[10:00:41] * danlc waves, trying this thing out
[10:01:13] <mrose> hildjj: use xmpp for transfer?
[10:01:41] <mrose> legg: ldap sort of does that
[10:02:06] <hildjj> except not really. his approach is to not *have* a transport protocol.
[10:02:26] <hildjj> but to just send the xml that gets generated on the wire.
[10:02:34] <mrose> ?: is this related to iso's xml/ber
[10:02:41] <mrose> true.
[10:02:44] <hildjj> i wonder how you implement that without xmpp-like xml streams?
[10:03:00] --- leslie has become available
[10:03:01] <hildjj> without having to use N xml parser instances.
[10:04:07] <mrose> can an ldap expert chime in? [i'm scribing]
[10:04:56] --- rjs3 has become available
[10:05:42] <michael> I'm still not sure what the burning need is here....
[10:06:29] <mrose> morgan: is this useful even if i don't care about ldap?
[10:06:41] <hildjj> well, doing LDAP stuff in XML is interesting in the XMPP space. we end up having to do a lot of directory stuff, but we do it with more general-purpose approaches.
[10:07:11] <hildjj> http://www.jabber.org/jeps/jep-0004.html for details
[10:08:13] <hildjj> (particularly the iq:search examples)
[10:08:26] <michael> if you're doing general directory stuff then I'd suggest IRIS instead of LDAP. IMHO, the stuff LDAP inherited from X.500 (the DIT, etc) will only get in your way.
[10:09:03] <anewton> paf: where is the applicability statement for XLDAP vs. the other XML directory stuff.
[10:09:13] * anewton good question
[10:09:39] <mrose> newman: isn't this kind'a complex? can we do running code?
[10:10:06] --- mrose has left
[10:10:11] --- mrose has become available
[10:11:39] <mrose> legg: if you already have x.500, it's not hard; if you already have ldap, it's more
[10:11:51] --- resnick has left: Disconnected
[10:12:00] --- resnick has become available
[10:12:07] <anewton> If you are already doing x.500 or ldap, then why wouldn't you just do dmsl?
[10:12:26] <mrose> s-naptr - daigle
[10:14:22] --- resnick has left: Disconnected
[10:14:22] <mrose> s-naptr - service location witin a domain [not transport]
[10:14:53] <mrose> ping
[10:15:11] <stpeter> pong
[10:15:20] --- amarine has left: Disconnected
[10:18:01] <mrose> distinguish app service / app protocol
[10:18:01] <mrose> a layer above srv rrs
[10:18:01] <mrose> ni
[10:18:14] <mrose> netstat
[10:18:32] <mrose> oops
[10:18:41] <stpeter> heh
[10:18:52] <mrose> anyone care to type in that slide?
[10:19:01] <stpeter> application casting, anyone?
[10:19:03] --- resnick has become available
[10:19:10] <hildjj> thinkingcat.com NAPTR query
[10:19:25] <hildjj> credreg.thingcat.com NAPTR query
[10:19:33] <hildjj> _iris-beep._tcp.example.com SRV query
[10:19:40] --- hardie has become available
[10:19:41] --- hardie has left
[10:19:50] <hildjj> iris.thinkingcat.com A query
[10:19:50] <hildjj> etc.
[10:19:55] --- rjs3 has left: Disconnected
[10:20:09] <hildjj> then, same slide, but with a domain hop in the middle.
[10:20:42] --- resnick has left: Disconnected
[10:21:26] --- lisaDusseault has left: Replaced by new connection
[10:21:29] --- lisaDusseault has become available
[10:22:09] <anewton> ppt is availabe at http://www.ecotroph.net/~anewton/s-naptr-openapps.ppt
[10:22:26] <mrose> anewton - thanks!
[10:23:03] <hildjj> oh, cool. keynote imported it automatically.
[10:23:24] <anewton> and it was written in open office.
[10:23:50] <anewton> sample code: http://www.verisignlabs.com/pysnaptr-0.1.tgz
[10:24:02] <mrose> be careful - backtracking/branching
[10:24:43] --- resnick has become available
[10:24:46] --- randy has left: Disconnected
[10:25:14] <mrose> python sample - http://www.verisignlabs.com/pysnaptr-0.1.tgz
[10:25:16] <hildjj> PDF: http://wolfram.local./~hildjj/s-naptr-openapps.pdf
[10:25:40] <mrose> ?: other examples besides m
[10:26:02] <mrose> morgan: pop or imap
[10:26:36] <mrose> croker: how much useis naptr getting?
[10:27:03] <mrose> enum/iris
[10:27:29] <mrose> crocker: difference from srv?
[10:28:15] --- resnick has left: Disconnected
[10:28:27] --- resnick has become available
[10:28:30] --- resnick has left: Disconnected
[10:29:20] <mrose> supports multiple levels, eg, lets domains outsourca it stuff
[10:30:01] <mrose> shockley: need an iana registration
[10:30:37] --- resnick has become available
[10:31:13] <mrose> newman: 2 others - srvloc, srv - both have "issues" - can this be better?
[10:32:45] <mrose> shockley: srv didn't have enough for eum, naptr did
[10:33:25] --- reschke has become available
[10:34:00] <mrose> andrews: will we blow the limits of dns if successful, eg, packet size?
[10:34:44] <mrose> an admin issue
[10:36:16] --- resnick has left: Disconnected
[10:36:39] --- resnick has become available
[10:37:14] <mrose> mealling: on naptr v. srv, complexity deals with app protocol interaction model
[10:38:21] --- nsb has left
[10:38:25] --- lisaDusseault has left: Replaced by new connection
[10:38:35] --- lisaDusseault has become available
[10:38:39] <mrose> andrew mcgreager - intro to hip
[10:39:46] <mrose> history - bofs @ 50/51 meetings
[10:40:02] <jhutz> ... and conducting another BOF _right now_ in Salon A
[10:40:14] --- Markk has become available
[10:40:17] --- lisaDusseault has left: Replaced by new connection
[10:40:20] <mrose> development in parallel, at least 5 implementations
[10:40:33] --- lisaDusseault has become available
[10:40:40] --- lisaDusseault has left
[10:41:15] <mrose> ip addresses: endpoint identifiers & locators
[10:42:15] --- lisaDusseault has become available
[10:42:22] <mrose> lots of Related wgs
[10:43:02] <mrose> hip integrates security, mobility, multihoming
[10:43:10] --- rjs3 has become available
[10:43:32] <jhutz> It is worth noting that the folks in the HIP BOF have indicated that what they're proposing is a WG to do "experiments", not produce standards-track documents.
[10:43:36] <mrose> new layer between ip & transport
[10:44:12] --- rjs3 has left: Replaced by new connection
[10:44:37] --- brunod has become available
[10:45:05] --- rjs3 has become available
[10:45:30] --- randy has become available
[10:46:02] <mrose> host id tags - hit - sockets bind to hits, kernel maps to ip addr
[10:46:29] <mrose> allows ip4/p6 crossover
[10:48:10] --- brunod has left
[10:50:10] <mrose> 4 step hip exchange w/ varying puzzle hardness, dh, signatures
[10:51:13] --- sakai has become available
[10:51:54] <mrose> may optimize by including tcp syn in exchange
[10:53:13] <mrose> draft-moskowitz-hip-08 - base protocol almost ready - experimental anticipated
[10:53:51] <mrose> 3 other drafts on arch, mobility, esp extensions
[10:54:40] <mrose> 5 implentations - mtr's fave: andrew's python implementation
[10:55:18] <mrose> to sum up: new cyptographic namespace
[10:55:53] <mrose> api extensiuns - to be dscussed later
[10:56:46] <mrose> hoffman: why esp only?
[10:57:43] <mrose> ah could be added in place of esp null
[10:59:28] <mrose> morgan: traditionally no viibility between apps & lower layer stuff
[11:00:29] <mrose> crocker: at least 5 other proposals, all different
[11:04:33] <mrose> hardie: why is this a cryptographic namespace?
[11:06:25] <mrose> w/o it, lots of dos/masquerade attacks are possible
[11:07:24] <mrose> puzzle hardness can shift based on observed behavior
[11:11:17] <mrose> hoffman: given range of endpoint power, id signing/validating isn't useful
[11:11:59] <jhutz> looks like there will probably be a WG.
[11:12:10] <jhutz> more refinement of the charter will happen on the HIP mailing list.
[11:12:27] <jhutz> http://honor.trusecure.com/pipermail/hipsec
[11:14:02] <mrose> hardie: we'll try to get a 1530-1730 slot on weds
[11:14:22] <mrose> hardie: open mic
[11:15:39] <mrose> falstrom: iea bof today @ 1530
[11:16:27] <mrose> klensin: people pLanning to contribute should Read drafts...
[11:17:42] <mrose> morgan: simple is working on xcap, if folks are interested,,,
[11:18:17] <mrose> hardie: they want it for buddy lists
[11:18:23] <hildjj> note: "buddy list" is a TM of AOL.
[11:18:33] <stpeter> http://www.ietf.org/ietf/03nov/iea.txt
[11:19:35] <mrose> hardie: limited for geopriv
[11:20:07] --- sakai has left
[11:20:24] <mrose> deboo: what's going on w/ calsch?
[11:21:12] <mrose> hardie: patricia had a death in the family will chair this week
[11:21:52] <mrose> zellinga - xed bar bof on weds or thUrs
[11:22:20] --- resnick has left: Disconnected
[11:22:20] <mrose> hardie: adjourn
[11:22:22] --- rjs3 has left: Disconnected
[11:22:35] --- hildjj has left: Disconnected
[11:22:39] --- warlord has left
[11:22:50] --- kmurchison has left
[11:23:06] --- leslie has left
[11:23:31] --- anewton has left
[11:23:41] --- Markk has left
[11:23:56] --- yone has left
[11:25:18] --- stpeter has left
[11:25:48] --- reschke has left
[11:27:04] --- alexeym has left
[11:29:06] --- jaltman has left: Disconnected
[11:30:30] --- mrose has left
[11:38:38] --- jhutz has left: Logged out
[11:38:39] --- jhutz has become available
[11:38:39] --- jhutz has left: Logged out
[11:42:15] --- michael has left: Disconnected
[11:45:31] --- lisaDusseault has left: Disconnected
[11:47:17] --- reschke has become available
[11:47:52] --- reschke has left
[12:54:10] --- hildjj has become available
[13:01:24] --- randy has left: Disconnected
[13:09:00] --- leg has become available
[13:09:45] --- leg has left
[13:22:44] --- hildjj has left
[13:34:53] --- dcrocker has become available
[13:35:14] --- dcrocker has left
[13:37:23] --- reschke has become available
[13:37:49] --- reschke has left
[13:44:15] --- nsb has become available
[14:35:37] --- reschke has become available
[14:37:22] --- reschke has left
[15:07:20] --- nsb has left: Disconnected