IETF
saag
saag@jabber.ietf.org
Thursday, July 21, 2016< ^ >
sftcd has set the subject to: SAAG at IETF95: https://datatracker.ietf.org/meeting/95/agenda/saag/
Room Configuration
Room Occupants

GMT+0
[11:44:43] Yoav Nir joins the room
[11:47:16] Meetecho joins the room
[11:52:53] ilari.liusvaara joins the room
[11:57:37] m&m joins the room
[11:58:25] m&m has set the subject to: SAAG at IETF96: https://datatracker.ietf.org/meeting/96/agenda/saag/
[11:58:48] Barry Leiba joins the room
[12:00:23] Ben Kaduk joins the room
[12:00:46] <m&m> Hello all, I'll be your Jabber scribe for this session.  If you have anything to bring to the microphone, please prefix it with "mic:" — Thanks!
[12:01:23] Stefan Santesson joins the room
[12:01:44] cw-ietf joins the room
[12:02:13] Hajime Watanabe joins the room
[12:02:13] Magnus Westerlund joins the room
[12:02:40] Valery Smyslov joins the room
[12:02:45] <m&m> agenda
[12:03:45] JoeHallCDT joins the room
[12:04:27] wseltzer@jabber.org joins the room
[12:08:10] Justin Richer joins the room
[12:08:15] <m&m> presentation: TRON
[12:08:24] S. Huque joins the room
[12:09:06] Kathleen Moriarty joins the room
[12:09:47] Adam Montville joins the room
[12:10:24] Samuel Jero joins the room
[12:10:26] <m&m> p2: Support of TLS versions
[12:10:39] <Barry Leiba> Any remoties?  Can you hear the speaker OK?
[12:10:47] <Ben Kaduk> yup, load and clear
[12:10:51] <Barry Leiba> kewl
[12:11:16] rsalz joins the room
[12:11:17] <Justin Richer> Maybe if we renamed it to TLS-98-SE...
[12:11:18] <m&m> p3: RSA-PKCS#1 v1.5 Enc
[12:11:38] <rsalz> @justin ++
[12:11:47] <Barry Leiba> C'mon, "Bleichenbacher" rolls nicely off the tongue.
[12:12:12] <Ben Kaduk> Yeah, but RSA-PKCS#1 v1.5 is a real twister.
[12:12:41] berndtdasbrot joins the room
[12:12:42] <m&m> p4: Bleichenbacher attacks over and over …
[12:13:07] <Barry Leiba> He does, indeed.
[12:13:48] Kathleen Moriarty leaves the room
[12:14:02] <m&m> p5: Typical use of TL 1.3 in practice
[12:15:23] <Justin Richer> I like the photo of Bleichenbacher in this slide
[12:15:34] <m&m> p6: High-level Attack Description
[12:15:55] JeffH joins the room
[12:17:36] <m&m> p7: Practical Impact
[12:19:06] <m&m> p8: The difficulty of preventing such attacks (example)
[12:20:12] <m&m> p9: ""
[12:20:49] <m&m> p10: Further difficulties
[12:20:57] Magnus Westerlund leaves the room
[12:21:08] Karen O'Donoghue joins the room
[12:22:41] <m&m> p11: summary and recommendations
[12:24:03] <m&m> Paul Wouters
[12:24:40] <m&m> Rob Austein
[12:24:44] <rsalz> Rob Austen
[12:24:58] <m&m> Yoav Nir
[12:25:16] Derek Atkins joins the room
[12:25:22] <Stefan Santesson> Something to bring up in Lamps?
[12:25:46] <m&m> Viktor Duhkovni (sp?)
[12:25:59] <Ben Kaduk> "Is it in-charter for lamps?"
[12:26:00] <Yoav Nir> *Dukhovni
[12:26:02] <rsalz> Dukhovni  (That one I know:)
[12:26:10] derek joins the room
[12:26:14] magnus joins the room
[12:26:17] <m&m> ?? Berk? (NO BADGE!!!)
[12:26:24] <Barry Leiba> Hanno Böck
[12:26:29] <m&m> danke
[12:27:16] JeffH leaves the room
[12:27:18] <Stefan Santesson> It is not explicitly mentioned in Lamps charter
[12:28:18] <m&m> Presentation: Port Scanning & WebSockets
[12:28:41] JoeHallCDT leaves the room
[12:29:20] <m&m> p1: Overview
[12:29:22] <m&m> p3: Background
[12:29:31] <m&m> that should be "p2: Background"
[12:29:41] <m&m> p3: ""
[12:30:03] <m&m> p4: ""
[12:30:31] <m&m> p5: Generally How this Works
[12:31:11] <m&m> p6: A More Detailed Look
[12:31:44] Alexandra Kulikova joins the room
[12:31:57] <m&m> p7: Browser Mitigations
[12:32:08] sftcd joins the room
[12:32:37] <sftcd> I'm just uploading the next pressie, should be there shortly once the n/w behhaves
[12:32:40] <m&m> Alex Mayrohfer
[12:32:53] Karen O'Donoghue leaves the room: Replaced by new connection
[12:33:05] Karen O'Donoghue joins the room
[12:34:05] <m&m> Richard Barnes
[12:34:48] <Yoav Nir> @sftcd: the slides are trimmed on the right on the screen, but the file seems OK
[12:35:00] <m&m> p8: Mitigation Limitations
[12:36:41] <sftcd> yeah, that's K's laptop, will switch back to mine in a bit
[12:37:10] <m&m> p9: WebSockets/WebWorkers
[12:37:20] Renzo Navas joins the room
[12:37:45] JoeHallCDT joins the room
[12:38:06] <m&m> p10: Proposed Mitigations
[12:38:44] <JoeHallCDT> some rather ironic scanning of the 5GHz nw is happening during this preso
[12:38:45] <sftcd> having an issue uploading the next pressie, will fix later, sorry
[12:39:16] <m&m> p11: Proposal Disadvantages
[12:39:51] Yoav Nir joins the room
[12:40:02] Yoav Nir leaves the room
[12:40:06] <m&m> p12: Mitigation Results
[12:40:12] <sftcd> next pressie is temporarily at https://down.dsg.cs.tcd.ie/ITU-T_SG17_IETF96.pdf
[12:40:36] Yoav Nir joins the room
[12:40:43] <m&m> p13: What's Next?
[12:41:29] <JoeHallCDT> https://datatracker.ietf.org/doc/draft-gallagher-hybiwebsocketenhancement/
[12:41:42] Francis Dupont joins the room
[12:41:46] <m&m> Flemming Andreasen
[12:42:32] JeffH joins the room
[12:42:44] <m&m> Patrick McManus
[12:42:51] sftcd leaves the room
[12:43:18] Karen O'Donoghue leaves the room
[12:43:47] Karen O'Donoghue joins the room
[12:44:16] <JoeHallCDT> viktor
[12:44:29] m&m leaves the room: Disconnected: Replaced by new connection
[12:44:31] m&m joins the room
[12:44:53] <m&m> Richard Barnes
[12:46:41] <m&m> presentation: ITU-T SG/17
[12:46:55] nllz joins the room
[12:47:14] Kyle Rose joins the room
[12:47:44] Karen O'Donoghue leaves the room: Replaced by new connection
[12:47:55] Karen O'Donoghue joins the room
[12:48:28] <m&m> p6: Question 2/17 Security Architecture & Framework
[12:48:31] Hajime Watanabe leaves the room
[12:48:52] <m&m> (I give up (-: )
[12:48:54] <Francis Dupont> I like the 60 at the left bottom of slides
[12:49:19] <JoeHallCDT> I bet
[12:49:51] deb cooley joins the room
[12:50:22] JeffH leaves the room
[12:51:48] <rsalz> @m&m: why do you hate ITU?
[12:52:06] Yoav Nir leaves the room
[12:52:22] m&m leaves the room: Disconnected: Replaced by new connection
[12:52:34] m&m joins the room
[12:52:34] <wseltzer@jabber.org> he's early for the pecha kucha session
[12:53:40] <m&m> Paul Hoffman
[12:55:04] <m&m> Karen O'Donoghue
[12:55:19] Paul Hoffman joins the room
[12:55:22] <Kyle Rose> not anymore! Now the secret's out
[12:55:25] <m&m> I didn't think Blackhat was here
[12:55:55] <m&m> presentation: GCM nonce reuse bugs
[12:56:27] JeffH joins the room
[12:56:48] <m&m> p3: NONCE
[12:56:57] Paul Hoffman leaves the room
[12:57:36] <m&m> p4: How to select nonce?
[12:58:56] <m&m> p5: The Spec (RFC5288 / TLS 1.2)
[12:59:25] <m&m> p6: Bad Spec
[12:59:43] <m&m> Kenny Paterson
[13:00:01] Stefan Santesson leaves the room
[13:00:11] <JoeHallCDT> bad spec! bad bad spec!
[13:00:27] <m&m> p7: Internet-wide Scan
[13:00:30] Stefan Santesson joins the room
[13:00:44] <derek> mic: a specification is about interoperability.  when two players are communicating it doesn't matter HOW the nonce is created by one side.   It could get put into the security considerations on multiple approaches, but the HOW does not belong in the core of the specification.
[13:01:06] <m&m> p9: What to do?
[13:01:30] <m&m> p10: SIC
[13:01:40] <m&m> SIV even
[13:01:43] <Yoav Nir> Good idea. Maybe we should do this for IPsec...
[13:01:57] <Yoav Nir> (the implicit IV, I mean)
[13:02:22] <m&m> p11: Conclusion
[13:02:33] JeffH leaves the room
[13:02:48] Kathleen Moriarty joins the room
[13:03:52] <m&m> Fernando Gont
[13:05:52] Karen O'Donoghue leaves the room: Replaced by new connection
[13:06:04] Karen O'Donoghue joins the room
[13:06:24] m&m leaves the room: Disconnected: Replaced by new connection
[13:06:30] m&m joins the room
[13:07:05] <m&m> p3: Important Changes
[13:09:20] nllz joins the room
[13:09:29] magnus leaves the room
[13:09:32] <m&m> p4: What next?
[13:09:32] nllz leaves the room
[13:09:50] Kathleen Moriarty leaves the room
[13:09:57] <Francis Dupont> Cache poisoning test is wrong (both the author and Stephane Bortzmeyer know so it shall be fixed soon)
[13:10:18] <Francis Dupont> s/test/text/ (of course)
[13:10:39] Adam Montville leaves the room
[13:10:51] Kathleen Moriarty joins the room
[13:12:18] <m&m> how many have read it?
[13:12:29] <m&m> how many think it's useful?
[13:12:49] <Kathleen Moriarty> loads
[13:13:05] <m&m> presentation: RFC3552bis
[13:13:38] <m&m> p2: RFC 3552 (BCP 72)
[13:14:28] <m&m> p3: Updating RFC 3552
[13:15:11] Renzo Navas leaves the room
[13:15:56] <m&m> p4: Examples - Outdated Information
[13:16:29] <JoeHallCDT> since Ted isn't here: IAB PrivSec is thinking of putting the ongoing metadata insertion draft in 3552bis
[13:16:29] <JoeHallCDT> https://tools.ietf.org/html/draft-hardie-privsec-metadata-insertion-02
[13:17:15] <m&m> p5: Examples - Privacy
[13:17:51] deb cooley leaves the room
[13:18:03] <m&m> p6: Example - Change in Environment
[13:19:42] <m&m> p7: The Plan
[13:20:52] <m&m> Barry Leiba
[13:21:40] <m&m> Paul Hoffman
[13:22:21] <m&m> Rich Aalz
[13:22:23] <m&m> salz
[13:22:42] <m&m> Wendy S
[13:23:06] <m&m> will anyone read and comment? (several hands)
[13:23:30] dkg joins the room
[13:23:44] <JoeHallCDT> hopefully the trick isn't base64
[13:23:56] <m&m> open mic
[13:24:16] <m&m> Karen O'D
[13:24:22] kivinen joins the room
[13:24:28] Barry Leiba leaves the room
[13:25:19] berndtdasbrot leaves the room
[13:25:22] JeffH joins the room
[13:25:31] Stefan Santesson leaves the room
[13:26:01] <m&m> Viktor D
[13:26:01] Alexandra Kulikova leaves the room
[13:26:06] Samuel Jero leaves the room
[13:26:14] <m&m> (and m&m before that)
[13:26:29] <Karen O'Donoghue> cryptech.is
[13:26:51] Stefan Santesson joins the room
[13:27:03] <m&m> Yaron S
[13:27:43] Kyle Rose leaves the room
[13:27:47] m&m leaves the room
[13:27:49] kivinen leaves the room
[13:27:49] Yoav Nir leaves the room
[13:27:49] magnus joins the room
[13:28:09] wseltzer@jabber.org leaves the room
[13:28:11] Karen O'Donoghue leaves the room
[13:28:14] Francis Dupont leaves the room: Computer went to sleep
[13:28:15] Kathleen Moriarty leaves the room
[13:28:45] rsalz leaves the room
[13:28:46] Valery Smyslov leaves the room
[13:28:56] Ben Kaduk leaves the room
[13:28:57] S. Huque leaves the room
[13:29:07] Stefan Santesson leaves the room
[13:29:32] Justin Richer leaves the room
[13:29:58] JeffH leaves the room
[13:30:29] Randy Turner joins the room
[13:30:30] derek leaves the room
[13:31:27] Derek Atkins leaves the room
[13:33:09] Randy Turner leaves the room
[13:34:09] JoeHallCDT leaves the room
[13:35:34] magnus leaves the room: Replaced by new connection
[13:35:35] magnus joins the room
[13:38:57] wseltzer joins the room
[13:43:09] wseltzer leaves the room
[13:46:09] nllz leaves the room
[13:52:37] cw-ietf leaves the room
[13:56:05] Kyle Rose joins the room
[13:58:13] Meetecho leaves the room
[14:00:13] JeffH joins the room
[14:05:34] JeffH leaves the room
[14:12:41] magnus leaves the room
[14:20:00] Barry Leiba joins the room
[14:20:18] Barry Leiba leaves the room
[14:22:35] wseltzer joins the room
[14:23:24] JoeHallCDT joins the room
[14:24:23] JoeHallCDT leaves the room: Replaced by new connection
[14:24:26] JoeHallCDT joins the room
[14:25:20] nllz joins the room
[14:25:57] richsalz joins the room
[14:26:17] nllz leaves the room
[14:28:37] Karen O'Donoghue joins the room
[14:37:24] Karen O'Donoghue leaves the room
[14:39:37] Kathleen Moriarty joins the room
[14:42:28] wseltzer leaves the room
[14:49:59] richsalz leaves the room
[15:10:36] Kyle Rose leaves the room
[15:16:27] Kathleen Moriarty leaves the room
[15:32:16] magnus joins the room
[15:36:43] Kathleen Moriarty joins the room
[15:40:49] Kathleen Moriarty leaves the room
[16:23:11] JoeHallCDT leaves the room
[16:37:56] magnus leaves the room
[16:39:33] JoeHallCDT joins the room
[16:50:11] JoeHallCDT leaves the room
[20:57:22] magnus joins the room
[20:59:52] magnus leaves the room: Replaced by new connection
[20:59:53] magnus joins the room
[21:22:29] magnus leaves the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!