[08:25:46] --- jaltman has joined
[08:34:44] --- jhutz@jis.mit.edu/owl has joined
[09:37:18] --- jhutz@jis.mit.edu/owl has left: Replaced by new connection
[09:37:23] --- jhutz@jis.mit.edu/owl has joined
[09:37:54] --- jhutz@jis.mit.edu/owl has left: Disconnected
[09:44:27] --- lukeh has joined
[09:44:33] <lukeh> hey jeff
[09:47:03] --- jhutz@jis.mit.edu/owl has joined
[09:47:41] --- mrex has joined
[09:48:19] <mrex> hi there
[09:49:14] --- dmcbride has joined
[09:49:18] <jhutz@jis.mit.edu/owl> Greetings. Meeting starts in about 30 minutes
[09:51:11] --- jhutz@jis.mit.edu/owl has left: Disconnected
[09:51:38] --- jhutz@jis.mit.edu/owl has joined
[09:52:23] --- jhutz@jis.mit.edu/owl has left: Disconnected
[09:55:34] --- jhutz@jis.mit.edu/owl has joined
[09:57:29] --- jhutz@jis.mit.edu/owl has left: Disconnected
[10:04:50] --- Simon Josefsson has joined
[10:13:05] <dmcbride> Hmm, audio feed appears to have stopped containing useful data..
[10:13:16] <Simon Josefsson> Same here
[10:13:28] <Simon Josefsson> Has the meeting started?
[10:13:37] <jaltman> no
[10:15:33] <lukeh> are there any slides?
[10:15:47] <jaltman> https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=68
[10:16:01] <lukeh> thx
[10:19:19] --- ietf-meeting has joined
[10:21:00] --- ietf-meeting has left: Logged out
[10:21:20] <dmcbride> Hmm. Audio feed remains non-functional.
[10:21:40] --- ietf-meeting has joined
[10:22:26] <dmcbride> Ahh, that works!
[10:22:27] <lukeh> good morning.
[10:22:36] <Simon Josefsson> Audio works here too, great.
[10:23:12] --- jhutz@jis.mit.edu/owl has joined
[10:23:52] --- tlyu@jis.mit.edu has joined
[10:23:54] --- ShoichiSakane has joined
[10:23:54] <jhutz@jis.mit.edu/owl> test
[10:24:05] <jhutz@jis.mit.edu/owl> OK; what do people think about the audio now?
[10:24:27] --- raeburn@mit.edu has joined
[10:24:41] <Simon Josefsson> Audio works fine
[10:25:20] <dmcbride> Sounds excellent.
[10:27:10] --- nico has joined
[10:27:25] * nico will scribe
[10:27:29] <nico> agenda bashing
[10:27:43] <nico> there will be a second session tomorrow
[10:27:45] <nico> same time
[10:27:47] <nico> diff room
[10:27:48] --- taqtach has joined
[10:28:01] --- taqtach has left
[10:28:07] <nico> already a few minutes behind
[10:28:14] <nico> 8 items on this list
[10:28:50] <nico> 4 today
[10:28:56] <nico> all things not pre-auth
[10:28:59] --- nov has joined
[10:29:02] <nico> tomorrow all things that are pre-auth
[10:29:06] <nico> comments on agenda?
[10:29:12] <nico> any1?
[10:29:51] <nico> Larry Zhu will become co-chair soon
[10:30:00] <jaltman> congrats Larry
[10:30:15] <nico> Lary will author/edit fewer docs
[10:30:25] <nico> he'll be the whip
[10:30:36] <nico> doc status
[10:30:49] <nico> ECC for PKINIT
[10:30:53] <nico> passed WGLC
[10:30:57] <nico> one remaining issue
[10:31:43] <nico> new reference to ECC for CMS, which is informative
[10:31:57] <nico> but ECC for PKINIT is targetting standards track
[10:32:33] <jaltman> I can't hear Paul on audio
[10:32:42] <jaltman> that's better
[10:32:43] <dmcbride> Yup, working.
[10:32:43] <nico> now you should
[10:33:43] --- kasumigaura has joined
[10:33:59] <nico> discussion of why ECC for CMS is informational
[10:34:55] <Simon Josefsson> rfc3278 contains asn.1 stuff required for implementation, I think
[10:37:26] <Simon Josefsson> there are no ipr disclosures filed, at least as far as I can find
[10:38:15] <jhutz@jis.mit.edu/owl> I couldn't find any either.
[10:38:25] <nico> sorry, I was commenting
[10:38:27] <nico> not scribing
[10:38:54] <Simon Josefsson> there are no other rfc's that reference rfc3278 either, as far as I can find either
[10:39:06] <nico> we don't know and cannot figure out at this moment how to go forward
[10:39:10] <Simon Josefsson> (except for 3299, but that's the 'Request for Comments Summary')
[10:39:12] <nico> we'll seek input from current and new ADs
[10:39:19] <nico> have lively discussion on list
[10:39:31] <nico> next
[10:39:36] <nico> TCP extensibility doc
[10:39:44] <nico> WGLC ends next week or so (you check)
[10:40:45] --- kdz has joined
[10:40:55] <nico> next
[10:40:58] <nico> set/change password 2
[10:41:08] <nico> passed WGLC
[10:41:14] <nico> current version is truncated
[10:41:42] <nico> I (nico) will submit new version not truncated to Jeff who will eval...
[10:41:52] <nico> then submit and pass to IESG
[10:41:53] <nico> next
[10:42:00] --- lzhu has joined
[10:42:07] <nico> draft-ietf-krb-wg-naming-03.txt
[10:42:11] <nico> WGLC in progress
[10:42:26] <nico> (this is a reference for the anon I-D, yes?)
[10:42:55] <nico> yes
[10:42:58] <nico> next
[10:43:11] <nico> draft-ietf-krb-wg-anon-03.txt
[10:43:16] <nico> WGLC soon
[10:43:34] <nico> three volunteers to review before WGLC
[10:43:54] <nico> WGLC in March (_this_ March)
[10:44:00] --- hartmans@jis.mit.edu/owl has joined
[10:44:09] <nico> next
[10:44:18] <nico> GSS mech hash agility
[10:44:21] <jaltman> I wonder if draft-ietf-pkix-ecc-pkalgs-03.txt will have the same issue with 3278
[10:44:21] <nico> Shawn's doc
[10:44:34] <nico> jeff: good q
[10:44:51] <nico> jeff: did you hear the discussion, or do you need it summarized?
[10:44:59] <jaltman> I can hear
[10:45:20] <nico> Larry brought up some issues
[10:45:32] <nico> Shawn answered an hour ago
[10:45:56] <nico> issue: initiator never knows whether the acceptor understood the new extension
[10:46:23] <nico> response: doesn't matter, the initiator never has a guarantee that the server verified channel bindings _today_
[10:52:01] --- kdz has left: Replaced by new connection
[10:55:08] <lukeh> criticality could be part of the extension definition
[10:56:02] <nico> sorry, I can't scribe when being part of the discussion
[10:56:14] <nico> luke: yes, we're discussing just that
[10:58:01] <mrex> I hate critical flags. They're abused heavily in X.509, please don't repeat this in Kerberos
[10:59:18] <nico> mrex: we already have criticality modifying things in Kerberos
[10:59:23] <nico> e.g., AD-IF-RELEVANT
[10:59:39] <mrex> The philosophy behind GSS-API is: the implementations try their best to provide interoperability, the applicatons must decided whether the resuting attributes are acceptable -- if they care
[10:59:49] <nico> jeffh: other open issues?
[11:00:23] <nico> mrex: tom yu is relaying you
[11:02:16] <nico> jeffh: cutting this discussion off
[11:02:43] <nico> Larry's issue amounts to adding a feature to RFC4121 which we're not scoped to do
[11:02:52] --- kdz has joined
[11:03:06] <nico> (so does this merely cut off discussion or does it settle the matter?)
[11:03:14] <nico> paul: about 3278
[11:03:27] <nico> it's informational specifically because of the IPR issues
[11:03:38] <nico> explicit decision
[11:03:43] <Simon Josefsson> why aren't those ipr issue on ietf.org/ipr?
[11:06:08] <nico> more discussion: must we make this I-D informational for the same reason, or has the rationale potentially changed and 3278 should be upgraded? resolved: we need AD input
[11:06:26] <kdz> While I agree that criticality flags are often abused and can hinder interoperability, there are certain extensions which must either be processed or result in error. One way you could avoid much of the criticality flag problem would be to state that the flag cannot be set unless the extension specification requires it to be set. That is, setting it (or not) should not an implementation choice, but an extension design choice.
[11:06:31] <mrex> Certicom used to have patents in the ECC area -- they probably know about other patents in that space of crypto
[11:06:40] <nico> paul: <reads message from Russ Housley about the difficulty in getting clear IPR statements about ECC, which led to the informational status)
[11:07:30] <nico> jeffh: I will talk the Russ
[11:07:45] <nico> recalls SAAG presentation about NSA ECC licensing deal
[11:07:57] <nico> S/MIME didn't have that info available
[11:08:00] <nico> blah, blah, blah
[11:08:47] <nico> me: can we send the I-D as is to the IESG and let them resolve the matter?
[11:08:54] <nico> jeffh: will talk to ADs
[11:09:05] <nico> back to GSS mech hash agility
[11:09:11] <nico> will WGLC this month
[11:09:21] <nico> volunteers to review please
[11:09:41] <nico> other than Larry, Shawn and NIco
[11:09:46] <nico> volunteers please
[11:09:50] <nico> jabber?
[11:10:08] <nico> sam?
[11:10:10] <hartmans@jis.mit.edu/owl> does the WG have consensus that given the IPR issues the WG wants to publish as proposed standard?
[11:10:28] <nico> sam: jeffh answers: no
[11:10:47] <nico> sam: jeffh will talk to you and Russ and Tim
[11:11:16] <nico> me: sam: I propose that we punt on that and let the IESG resolve that issues :)
[11:11:18] <nico> next
[11:11:27] <hartmans@jis.mit.edu/owl> OK, if the WG does not have that consensus then you cannot just make it the IESG's problem
[11:11:31] <nico> PKINIT hash agility
[11:11:42] <nico> sam: oh, that's too bad
[11:12:15] <nico> larry: no reviews for PKINIT hash agility
[11:12:21] <nico> WGLC in April?
[11:12:26] <nico> volunteers to review?
[11:12:42] <jhutz@jis.mit.edu/owl> The wg does not _yet_ have a consensus on the question
[11:12:54] <nico> yes, in April
[11:13:51] <nico> who's read PKINIT or participated in the discussions?
[11:14:02] <nico> who's got experience with alg agility
[11:14:03] <nico> ?
[11:14:12] <nico> jeffh: Paul, it's a short document
[11:14:15] <nico> paul: pass
[11:14:23] <nico> jeffh: warlord
[11:14:38] <nico> warlord: too sleep deprived to answer right now
[11:14:49] <nico> steffan volunteers
[11:15:15] <nico> jeffh: how about a second person, not from MS
[11:15:23] <nico> shawn volunteers
[11:15:27] <nico> next
[11:15:29] <nico> referrals
[11:15:49] <nico> kenr: no slides
[11:15:54] <nico> four lines of text
[11:16:26] <nico> -09 was submitted before deadline, but not all comments from -08 folded in
[11:16:31] <nico> on time
[11:16:57] <nico> substantial issues: possibility of cname canon with name types other than enterprise names
[11:17:34] * nico asks ken to repeat second issue
[11:18:14] <nico> authorization-data type for conveying aliases for client principals
[11:18:21] <nico> whether and when to carry that along
[11:18:32] <nico> privacy issues
[11:19:06] <nico> in -09 there's some validation requirements where the how of validation is not specified
[11:19:31] <nico> larry suggested a pre-auth method for that
[11:19:47] <nico> how to determine how long to cache server name canon
[11:20:00] <nico> ttl in reply?
[11:20:14] <nico> complex, but it seems necessary
[11:20:37] <nico> to avoid additional messages after tickets expire
[11:20:44] <nico> :)
[11:20:58] <nico> sec cons needs expansion
[11:21:14] <nico> cliff made comments in e-mail that I (kenr) haven't responded to yet
[11:21:27] <nico> jeffh: do you need input on anything?
[11:21:42] <nico> kenr: the validation thing, I need to go look at the pre-auth framework
[11:22:00] <nico> jeffh: folks, please read the pre-auth framework document
[11:25:05] --- resnick has joined
[11:25:23] --- resnick has left
[11:25:47] <nico> <discussion of cname aliases authz-data>
[11:26:00] <nico> kenr: will post on list about these issues
[11:26:18] <nico> jeffh: so not at point where we should be asking for additional reviews yet
[11:26:20] <nico> next
[11:26:27] <nico> rfc1510ter
[11:26:39] <nico> new revision
[11:26:41] <nico> -04
[11:26:49] <nico> not complete?
[11:26:58] <nico> will set intermediate milestones
[11:27:00] <nico> for next round
[11:27:13] <nico> think we've had enough discussion on past issues
[11:27:45] <nico> jeffh: we'll discuss milestones for referrals and rfc1510ter tomorrow
[11:28:00] --- kdz has left
[11:28:02] <nico> that concludes the discussion of work we're doing (for today)
[11:28:44] <nico> future work
[11:28:55] <nico> ietm 1: TLS for KDC protocol
[11:29:09] <nico> draft-josefsson-kerberos5-starttls-02.txt
[11:29:19] <nico> uses KDC TCP extensibility
[11:29:29] <jaltman> hand
[11:29:39] --- kdz has joined
[11:29:40] <nico> do we want this on our charter
[11:30:39] <nico> issue: we have multiple ways to deal with protecting KDC exchanges
[11:30:49] <nico> chartering?
[11:31:50] <Simon Josefsson> starttls could be used to protect initial authentication too, including SRP via TLS
[11:32:22] <nico> /me had stated that starttls provides privacy prot but the pre-auth framework does not
[11:32:42] <nico> larry says -05 of pre-auth framework does, in fact, provide privacy protection
[11:32:49] --- dmcbride has left
[11:33:25] <nico> /me do we want to defer discussion of this till tomorrow
[11:33:41] <nico> jeffh: should we?
[11:33:59] <nico> /me yes, we should defer discussion till tomorrow
[11:34:13] <nico> next item
[11:34:14] <nico> IAKERB
[11:34:26] <nico> sometime ago we had such an item
[11:34:32] <nico> it kinda got dropped on the floor
[11:34:37] <nico> actually, it was deferred
[11:34:46] <nico> there's no current I-D/author/editor
[11:34:57] <nico> last meeting Larry brought a document
[11:35:18] <nico> <description of IAKERB>
[11:35:35] <nico> <a mech that proxies KDC exchanges through GSS acceptor>
[11:35:58] <nico> this was desired for EAP, but it's not clear EAP needs this anymore
[11:37:23] <nico> ...
[11:37:31] <nico> charter too broad
[11:37:39] <nico> do we want to do IAKERB
[11:39:06] <mrex> well, for existing Kerberos implementations, iakerb is significantly different from user2user in respect to the credentials management
[11:39:22] <nico> mrex: this isn't user2user though
[11:39:48] <nico> PUK2U is about using a PKINIT-derived protocol
[11:39:57] <mrex> (sorry, I confused user2user and pku2u)
[11:40:07] <nico> for a GSS mechanism for using PKIX credentials
[11:40:36] <nico> both IAKERB and PKU2U involve sending KDC messages in the context tokens, followed by an AP exchange
[11:40:52] <nico> IAKERB is intended for proxying AS and/or TGS exchanges through the acceptor
[11:41:16] <nico> PKU2U has the acceptor act as a KDC and only AS and AP exchanges are done in the context token exchange
[11:41:45] <nico> steffan: asks if there is any relation to "TLS work"
[11:41:50] * nico missed something there
[11:42:23] <nico> jeffh: PKU2U is interesting process wise
[11:42:33] <nico> it's not in KRB WG's charter to do random GSS mechs
[11:42:36] <Simon Josefsson> Perhaps he thought whether zhu-ws-kerb could be implemented via krb5starttls? assuming that gss-api is supported by tls, that may be the case.
[11:42:43] <nico> PKU2U isn't Kerberos -- it's based on Kerberos
[11:42:55] <nico> PKU2U doesn't fit in KITTEN's charter either
[11:43:09] <nico> so it may end up as an individual submission
[11:43:30] <nico> so let's decide if we want to do the IAKERB item
[11:43:47] <nico> and them we can consider if we want to fold PKU2U into IAKERB because of its similarities
[11:43:59] <nico> but if no to either of those then PKU2U will not be in this WG
[11:44:28] <nico> <Tom channels Simon's question>
[11:45:00] <nico> jeffh answers that there is no relation between starttls and ws-kerb
[11:45:08] <nico> this isn't about protecting the AS exchange
[11:47:55] <nico> ...
[11:48:15] <nico> /me brings up an issue that Jeff H says I should bring up tomorrow
[11:48:22] <nico> about starttls
[11:48:35] <nico> jefh: do we want to adopt this work item
[11:48:49] --- JeffH has joined
[11:48:59] <Simon Josefsson> more information
[11:49:20] <Simon Josefsson> (i'll like to read zhu-ws-kerb to understand whether it may be better to do it through krb5starttls)
[11:49:26] <nico> who thinks we should do this
[11:49:43] --- dmcbride has joined
[11:49:51] <mrex> how much "wiggle room" is there left with iakerb? The original proposal was done by Mike Swift in 1997. Is there an installed base that will limit what IETF / krb-wg can do to iakerb?
[11:49:51] <nico> (jabber folks: specify what question you're answering)
[11:50:03] <nico> (some hands)
[11:50:10] <nico> who thinks this is something we should not do
[11:50:13] <nico> (no hands)
[11:50:17] <nico> who doesn't care?
[11:50:25] <nico> (a few hands)
[11:50:33] <Simon Josefsson> i vote 'more information' on the zhu-ws-kerb work
[11:50:39] <nico> ppl who would like to know more?
[11:50:42] <nico> (some hands)
[11:50:50] <nico> ppl who would not like more info?
[11:50:53] <nico> (laughter)
[11:51:01] <nico> we'll have to discuss this some more
[11:51:48] --- jis has joined
[11:52:12] <nico> jeffh: mrex: this doc is not Mike Swift's doc at all
[11:52:15] <nico> diff OID
[11:52:19] <nico> diff details
[11:52:23] <nico> similar purpose
[11:52:30] <nico> jeffh: deferring this to list
[11:52:34] <nico> next
[11:52:38] <nico> admin protocol
[11:53:10] <nico> draft-johansson-kerberos-model-02.txt
[11:53:21] <nico> who would be interested in working on it
[11:53:52] --- kdz has left
[11:54:13] <nico> leif: is it realistically going to have any impact?
[11:54:49] <nico> (so, yes?)
[11:55:14] <nico> leif: I think this should be done as a working group item to guarantee review
[11:56:09] <nico> /me asks why not ask for an IETF LC
[11:56:38] <nico> jeffh: well, the WG is meeting now, so we can ask whether we should take this and the schema work as working group items
[11:57:10] <nico> so the question is asked
[11:57:28] <nico> ppl who think we should do the admin protocol work
[11:57:32] <nico> at least 6 hands
[11:57:39] <nico> ppl who think this is work we should NOT do?
[11:57:44] <nico> no hands
[11:57:49] <nico> ppl who don't care
[11:57:50] <nico> one
[11:57:56] <nico> ppl who think they need more infor
[11:58:01] <nico> a couple of hands
[11:58:06] <nico> what kind of more information?
[11:58:26] <nico> larry: I want to understand why the LDAP model doesn't work
[11:58:35] <jis> Is this document on-line
[11:58:53] <jis> I couldn't find draft-johansson-kerberos-model-02.txt at the ID repository
[11:59:05] <tlyu@jis.mit.edu> that's the one
[11:59:13] <Simon Josefsson> http://tools.ietf.org/html/draft-johansson-kerberos-model-02
[11:59:19] <jis> I didn't find it at ftp.ietf.org
[11:59:21] <nico> /me: if you want to doc the MS model/schema as an RFC, go ahead
[11:59:25] <jis> Secretariat... grump
[11:59:38] <nico> leif: Larry has a good point, ... (I missed part of it)
[11:59:41] <tlyu@jis.mit.edu> i rsynced it ok
[12:00:01] <nico> jeffh: a variety of admin protocols
[12:00:47] <nico> leif: it seems like we may not be able to impact deployed systems
[12:00:52] --- r.szabo has joined
[12:00:59] * nico is falling behind
[12:01:17] <jis> Looks like it officially expired
[12:01:22] <jis> no matter
[12:01:29] <jis> Kerberos over SOAP anyone?
[12:01:41] --- r.szabo has left
[12:02:41] <Simon Josefsson> fwiw, shishi's kerberos database is based on earlier versions of draft-johansson-kerberos-model. there may be other implementations in the future. existing implementations might work towards this document too. so i'm for standardizing this.
[12:03:11] <jis> no argument from me
[12:03:48] <hartmans@jis.mit.edu/owl> There may be people interested in actually doing admin schema for mit ldap. Also, note that the existing draft did have some impact on MIT's current ldap database.
[12:04:34] --- tobias has joined
[12:05:48] --- JeffH has left
[12:06:30] <nico> larry: would like to review the data model
[12:06:49] <nico> jeffh: the discussion is whether we want to adtop work to do an admin document
[12:07:03] <nico> if not then we may not want to adopt the data model document
[12:07:14] <nico> (jeff: please review my scribing on this)
[12:07:26] <nico> larry: the WG is overloaded, so, do we want to do this?
[12:07:43] <nico> jeffh: we have a lot of docs that will be WGLCed very soon
[12:07:53] <nico> this is a work item that would start some time down the road
[12:07:59] <nico> and diff ppl appear to be involved
[12:08:14] <nico> so, I don't think this will impact the WG's productivity
[12:08:18] <nico> ...
[12:09:18] --- jis has left
[12:11:10] <nico> ...
[12:11:29] <nico> possibility of standardizing a reasonable subset of the schema
[12:11:40] <nico> ...
[12:11:59] <nico> how many implementors in the room?
[12:12:01] <nico> a few hands
[12:12:09] <Simon Josefsson> i would implement it (or have already done so, partially)
[12:12:16] <nico> how many implementors would implement a standardized schema?
[12:12:23] <nico> a few hands
[12:12:28] <nico> how many wouldn't?
[12:12:30] <nico> Larry
[12:12:45] <dmcbride> Hmm, interesting.
[12:12:50] <nico> even if it were a subset or close to yours?
[12:12:54] <nico> larry: even then
[12:13:06] <dmcbride> (Well, the obvious motivation is for interoperability..)
[12:13:17] <Simon Josefsson> i think this work is important in inhomogenous networks with multiple kdc implementation serving the same kerberos data
[12:13:20] <nico> larry: nico asked whether we would document our schema as an I-D
[12:14:47] <nico> larry: there is public documentation of our schema
[12:15:23] <nico> there are good reasons to have an I-D
[12:15:30] <nico> e.g., IPR disclosure
[12:15:51] <nico> paul: there isn't a lot of interest in helping
[12:15:59] <nico> and there are many bases to start with
[12:16:24] <nico> comments like "use ours" isn't useful if there's no interest in doing the work
[12:16:30] <nico> jeffh: will take this to the list
[12:16:42] <nico> if there's not enough interesting then there's no point
[12:16:54] <nico> ...
[12:17:05] <nico> jeffh: we're out of time
[12:17:09] <nico> one more item
[12:17:25] --- lzhu has left
[12:17:32] --- Simon Josefsson has left
[12:17:33] <nico> cross-realm problems, which we'll discuss tomorrow, along with the items we decided to defer
[12:17:34] <jaltman> Microsoft Code Samples for accessing Active Directory and Kerberos Services using LDAP http://msdn2.microsoft.com/en-us/library/ms808911.aspx
[12:17:42] <nico> which are:
[12:17:47] <nico> - cross-realm problems
[12:17:51] --- tobias has left
[12:17:55] <nico> - starttls
[12:18:12] <nico> the data model/schema question will be deferred to the list
[12:18:33] <nico> and the IPR issues with RFC3278 and ECC for PKINIT will go to the list
[12:19:03] <nico> done
[12:19:14] --- jaltman has left
[12:19:24] <dmcbride> Cheers.
[12:19:41] <lukeh> cheers
[12:19:45] --- nico has left
[12:19:51] --- nov has left
[12:20:37] --- tlyu@jis.mit.edu has left
[12:21:27] --- dmcbride has left
[12:22:35] --- kasumigaura has left
[12:23:03] --- kasumigaura has joined
[12:24:25] --- kasumigaura has left
[12:24:27] --- raeburn@mit.edu has left
[12:25:29] --- ietf-meeting has left: Disconnected
[12:27:35] --- ShoichiSakane has left
[12:38:54] --- jhutz@jis.mit.edu/owl has left: Disconnected
[16:51:37] --- lukeh has left: Replaced by new connection
[17:41:27] --- mrex has left
[17:41:36] --- mrex has joined
[17:43:00] --- mrex has left