IETF
saag
saag@jabber.ietf.org
Thursday, July 19, 2018< ^ >
synp has set the subject to: SAAG AT IETF101 https://datatracker.ietf.org/meeting/101/materials/agenda-101-saag-01
Room Configuration
Room Occupants

GMT+0
[17:15:19] UuhULqIX joins the room
[17:16:31] Meetecho joins the room
[17:21:30] Yoshiro Yoneya joins the room
[17:22:39] Melinda joins the room
[17:25:09] Sam Farthing joins the room
[17:25:09] Edward Lopez joins the room
[17:25:09] Ellie Daw joins the room
[17:25:10] Marco Tiloca joins the room
[17:27:17] cw-ietf joins the room
[17:27:47] Yoav Nir joins the room
[17:28:31] <Melinda> Hi there - I'll be your Jabber scribe this afternoon.
[17:28:52] <Melinda> Please prefix anything you'd like relayed into the room with "mic: "
[17:29:09] Daniel Kaiser joins the room
[17:29:12] <Yoav Nir> Bless you!  (whoever that was)
[17:29:35] Henry B Hotz joins the room
[17:29:54] Peter Koch joins the room
[17:31:06] wseltzer@jabber.org joins the room
[17:32:12] Sean Turner joins the room
[17:32:23] sftcd joins the room
[17:33:07] <Sean Turner> minutes here: https://etherpad.tools.ietf.org/p/notes-ietf-102-saag?useMonospaceFont=true
[17:33:11] <Sean Turner> feel free to thelp
[17:33:36] <Melinda> wg reports
[17:35:25] Martin Thomson joins the room
[17:35:56] Satoru Kanno joins the room
[17:36:16] Martin Thomson has set the subject to: SAAG AT IETF102 https://datatracker.ietf.org/meeting/102/materials/agenda-102-saag-01
[17:36:36] Samuel Weiler joins the room
[17:40:05] wseltzer@jabber.org leaves the room
[17:40:34] Tommy Charles joins the room
[17:40:34] Taiji Kimura joins the room
[17:40:40] <Melinda> https://datatracker.ietf.org/meeting/102/materials/slides-102-saag-acvp-00
[17:42:30] <Melinda> slide 2
[17:42:46] ken carlberg joins the room
[17:42:49] <Martin Thomson> kaduk: hit the fill button on the page (you need to use the mouse) and then the f4
[17:43:23] kaduk@jabber.org/barnowl joins the room
[17:44:23] <Martin Thomson> that should work :) thanks
[17:44:26] <kaduk@jabber.org/barnowl> I guess I only did that when I was testing that the slides worked and
not in all of the presentations
[17:44:32] <kaduk@jabber.org/barnowl> Thanks for the reminder :)
[17:44:41] <Melinda> slide 3
[17:45:51] m&m joins the room
[17:45:59] fenton joins the room
[17:46:20] <Yoav Nir> That moment when you realise that a buffer overrun that allows an attacker to take over your product is not "security relevant"
[17:46:34] <Melinda> slide 4
[17:48:14] <Melinda> slide 5
[17:51:06] Peter Koch leaves the room
[17:52:11] David Waltermire joins the room
[17:52:25] <Melinda> slide 6
[17:52:45] rlb joins the room
[17:53:01] <Melinda> slide 7
[17:53:08] <kaduk@jabber.org/barnowl> I guess I should have asked who is remote, earlier.
Hopefully all such are getting a working stream!
[17:53:58] <Melinda> slide 8
[17:54:48] wseltzer joins the room
[17:54:56] <Henry B Hotz> meetecho dropout?
[17:55:01] <Yoav Nir> Video just dropped
[17:55:03] David Waltermire leaves the room
[17:55:03] Taiji Kimura leaves the room
[17:55:12] Samuel Weiler leaves the room: Replaced by new connection
[17:55:14] <Yoav Nir> Trying to reconnect...
[17:55:16] Samuel Weiler joins the room
[17:55:21] Melinda leaves the room: Disconnected: Replaced by new connection
[17:55:33] Melinda joins the room
[17:55:43] <Melinda> For those remote, power to the room dropped
[17:55:48] Yoav Nir leaves the room
[17:55:49] Henry B Hotz leaves the room
[17:55:50] <Melinda> Like, completely
[17:55:50] Yoav Nir joins the room
[17:55:51] Henry B Hotz joins the room
[17:55:55] <Melinda> But it's back
[17:55:59] <Daniel Kaiser> oh
[17:56:08] Satoru Kanno leaves the room
[17:56:18] <Yoav Nir> The video isn't...
[17:56:22] <Yoav Nir> (yet)
[17:56:28] Edward Lopez leaves the room
[17:56:28] <Henry B Hotz> ditto
[17:56:31] <Melinda> However, power to the stage appears to be out still
[17:56:32] <Yoav Nir> @meetecho - not getting any video
[17:56:33] <wseltzer> emergency lighting only
[17:56:39] <Daniel Kaiser> I thought it was my connection
[17:56:52] <cw-ietf> no audio either
[17:57:13] <wseltzer> we've got no power in the room
[17:57:18] Yoshiro Yoneya joins the room
[17:57:46] Meetecho leaves the room
[17:57:46] Meetecho joins the room
[17:57:59] <Meetecho> AC died here, working to restore
[17:58:11] Sam Farthing leaves the room
[17:58:12] Sam Farthing joins the room
[17:58:14] <Yoav Nir> The hazards of participating remotely...
[17:58:31] Samuel Weiler leaves the room: Replaced by new connection
[17:58:32] Samuel Weiler joins the room
[17:58:39] <Samuel Weiler> hey, look, net!
[17:58:48] ken carlberg leaves the room
[17:59:28] Samuel Weiler leaves the room
[17:59:35] <wseltzer> we haven't yet had a mass stampede in the room
[18:00:06] <Meetecho> :)
[18:00:20] fenton joins the room
[18:00:53] Melinda leaves the room: Disconnected: closed
[18:00:57] <fenton> I guess it was a power SAAG.
[18:01:13] Melinda joins the room
[18:01:25] <Henry B Hotz> *groan*
[18:02:14] Yoav Nir leaves the room
[18:02:16] Yoav Nir joins the room
[18:02:18] Sean Turner leaves the room
[18:02:34] sftcd joins the room
[18:02:39] Melinda leaves the room: Disconnected: Replaced by new connection
[18:02:40] Sean Turner joins the room
[18:02:40] Melinda joins the room
[18:03:09] Sam Farthing leaves the room
[18:03:10] Sam Farthing joins the room
[18:03:43] Martin Thomson leaves the room: Stream closed by us: Replaced by new connection (conflict)
[18:03:53] Jeff Johnson joins the room
[18:03:55] Martin Thomson joins the room
[18:04:01] Sean Turner leaves the room
[18:05:35] sftcd leaves the room
[18:05:37] Sean Turner joins the room
[18:06:03] Henry B Hotz leaves the room
[18:06:42] <Yoav Nir> My backchannel says that now the wifi in the room is gone as well
[18:08:41] Martin Thomson leaves the room
[18:08:43] <kaduk@jabber.org/barnowl> Since the network is back in the room, people should be able to access
slides on their laptops
[18:09:11] Yoshiro Yoneya joins the room
[18:09:13] <kaduk@jabber.org/barnowl> I expect we can probably start back up fairly soon, so that we can get
a bit further through our agenda.
[18:10:23] Tommy Charles leaves the room
[18:10:25] Tommy Charles joins the room
[18:11:04] <Melinda> And, we're back
[18:11:04] rlb leaves the room
[18:11:05] fenton leaves the room
[18:11:05] <fenton> And the power returns!
[18:11:10] m&m leaves the room: Disconnected: closed
[18:11:26] rlb joins the room
[18:11:27] <fenton> Wonder how long before all the infrastructure like Meetecho is back
[18:11:28] sftcd leaves the room
[18:11:28] Yoshiro Yoneya leaves the room
[18:11:29] Tommy Charles leaves the room
[18:11:34] <kaduk@jabber.org/barnowl> Do we have a remote stream at all, though?
[18:12:26] <Yoav Nir> Currently the chat works (it never stopped working) but the video stream shows a blue Meetecho logo
[18:12:47] Tommy Charles joins the room
[18:13:47] <Meetecho> Going to start our streamers ASAP now that the power seems to be back
[18:14:22] <Meetecho> It might take a bit as we need the switches in the rooms to come back
[18:14:36] melinda.shore joins the room
[18:14:45] <Yoav Nir> Bits are what we do here (there?) at the IETF
[18:14:45] Henry B Hotz joins the room
[18:15:06] <melinda.shore> The network is still down in the meeting room
[18:15:46] Sam Farthing leaves the room
[18:15:47] Sam Farthing joins the room
[18:15:47] Samuel Weiler joins the room
[18:16:33] Melinda leaves the room: Disconnected: closed
[18:16:36] Melinda joins the room
[18:16:40] <melinda.shore> Slide 10
[18:16:46] Stephanie Huguenin joins the room
[18:16:47] rlb joins the room
[18:16:55] melinda.shore leaves the room
[18:17:05] rlb leaves the room
[18:17:35] wseltzer leaves the room
[18:17:37] <Samuel Weiler> @Meetecho: we have the sound reinforcement back up in Place du Canada, so your streamer should be getting an audio feed, at least.
[18:17:49] Meetecho leaves the room
[18:17:56] Meetecho joins the room
[18:17:57] <Melinda> Questions?
[18:18:04] melinda.shore joins the room
[18:18:46] Martin Thomson joins the room
[18:18:49] <Henry B Hotz> No audio yet.
[18:18:50] sftcd joins the room
[18:19:08] wseltzer joins the room
[18:19:09] <Henry B Hotz> Just go video though.
[18:19:10] Melinda leaves the room: Disconnected: Replaced by new connection
[18:19:11] Melinda joins the room
[18:19:17] slm joins the room
[18:19:30] <Jeff Johnson> Yes I have just gotten video - no audio though
[18:19:41] Sean Turner leaves the room
[18:19:42] <kaduk@jabber.org/barnowl> Paul Hoffman asks about how we can tie this to module testing and make
that experience less bad
[18:19:47] <kaduk@jabber.org/barnowl> Apparently, as an audience plant
[18:20:00] Richard Barnes joins the room
[18:20:00] Sandra Murphy joins the room
[18:20:12] Samuel Weiler leaves the room: Replaced by new connection
[18:20:13] Samuel Weiler joins the room
[18:21:13] <Yoav Nir> audio is back
[18:21:21] <kaduk@jabber.org/barnowl> Yaron: want to understand scope better; are longer-term goals
general-purpose crypto testing?  My product is using a lot of
off-the-shelf crypto and the specific pieces that we use ourselves are
not covered by the NIST stuff (HKDF, SIV).
[18:22:12] melinda.shore leaves the room
[18:22:14] <Meetecho> Everything should be back now
[18:22:33] Stefan Santesson joins the room
[18:22:35] Yoshiro Yoneya leaves the room
[18:22:39] Richard Barnes joins the room
[18:23:47] <Henry B Hotz> Yep :)
[18:24:53] Satoru Kanno joins the room
[18:25:05] Yoshiro Yoneya leaves the room
[18:25:15] <Melinda> Clusters of Re-used Keys
[18:25:18] <Melinda> https://datatracker.ietf.org/meeting/102/materials/slides-102-saag-clusters-of-re-used-keys-00
[18:25:24] Henry B Hotz leaves the room
[18:25:37] <Melinda> slide 2
[18:25:37] <Richard Barnes> missed opportunity: Clusters of Re-Used iNternet Keys (CRUNK)
[18:25:55] <kaduk@jabber.org/barnowl> That can be the RG name?
[18:26:15] <Melinda> Slide 10
[18:26:27] <Melinda> slide 11
[18:26:44] Sam Farthing leaves the room
[18:27:04] <Melinda> slide 13
[18:27:29] <kaduk@jabber.org/barnowl> (These are the numbers on the slides; the actual pdf pages seem to be
different)
[18:27:40] <Melinda> slide 19
[18:28:04] <Melinda> slide 25
[18:28:26] <Melinda> slide 27
[18:28:58] Meetecho leaves the room
[18:28:58] Meetecho joins the room
[18:29:04] <Melinda> slide 28
[18:29:25] <Melinda> slide 30
[18:29:48] <Melinda> slide 31
[18:30:09] Ellie Daw leaves the room
[18:30:22] <Melinda> slide 32
[18:30:27] <Melinda> slide 33
[18:31:00] <Melinda> slide 36 (of 33)
[18:31:31] ted.h joins the room
[18:31:38] <Melinda> slide 38
[18:31:46] <Melinda> slide 40
[18:32:00] David Waltermire joins the room
[18:32:02] <Melinda> slide 41
[18:32:07] <Melinda> slide 42
[18:32:10] <Yoav Nir> slide 42 out of 33 ???????
[18:32:31] <Melinda> I think the total count is of actual pages
[18:32:37] <Melinda> slide 44
[18:32:39] Jeff Johnson leaves the room
[18:33:02] <Melinda> slide 46
[18:33:18] <Melinda> slide 47
[18:33:40] <Melinda> akusw 48
[18:33:48] <Stefan Santesson> Irish can't add
[18:34:05] <Melinda> slide, rather
[18:34:14] <Melinda> slide 49
[18:34:35] rlb leaves the room
[18:34:45] <Melinda> slide 50
[18:35:51] <Melinda> slide 53
[18:37:10] <Melinda> slide 54
[18:37:35] Richard Barnes leaves the room
[18:37:38] <Melinda> Questions?
[18:38:35] fenton joins the room
[18:39:46] metricamerica joins the room
[18:41:05] fenton leaves the room
[18:41:59] ted.h leaves the room
[18:43:41] <Martin Thomson> I want the proposed service to tell me who has the other key
[18:43:59] <wseltzer> heh
[18:44:02] <Yoav Nir> mic: If the CA is using ACME, it can reject the key with badCSR. That would presumably be followed by the client generating a new key.
[18:44:44] <Martin Thomson> badCSR might be interpreted as an encoding problem, which would be very annoying to debug
[18:45:32] <Melinda> Are CAs generating keypairs?
[18:45:32] Richard Barnes leaves the room
[18:45:37] <Yoav Nir> Extension with a new error code?  Whatever.
[18:45:39] <kaduk@jabber.org/barnowl> Sometimes
[18:45:39] <fenton> What if you're using ACME to renew a cert with the same public key?
[18:46:09] <Martin Thomson> fenton: I assume that the CA would know that you used this key before
[18:46:37] <Yoav Nir> CAs are not supposed to be generating keys today.  If your RNG is so bad you can't come up with 16 bytes that are not the same as somebody else's, you really need to fix your system
[18:46:41] ted.h joins the room
[18:47:01] dsibold joins the room
[18:47:04] Satoru Kanno leaves the room
[18:47:05] Satoru Kanno joins the room
[18:47:31] <Melinda> Next talk: Cyber Defence
[18:47:32] <Melinda> https://datatracker.ietf.org/meeting/102/materials/slides-102-saag-cyber-defence-00
[18:47:44] ted.h leaves the room
[18:47:49] ted.h joins the room
[18:47:49] <fenton> Martin Thomson: Yeah. But it's often hard to figure out entities that might have "cousin domains".
[18:47:56] <kaduk@jabber.org/barnowl> There is still talk of server-generated keys for the constrained
device folks
[18:48:05] <Martin Thomson> fenton: the ACME account would be the same in that case
[18:48:11] <Melinda> slide 2
[18:48:17] <Martin Thomson> no point in allowing one account to use keys for another
[18:48:30] <fenton> Martin Thomson: +1
[18:48:49] <sftcd> do the cybermonkeys work for the other part of his organisation?
[18:48:51] <Yoav Nir> MT: mergers and aquisitions
[18:48:55] <Yoav Nir> But I agree
[18:49:49] Sean Turner joins the room
[18:49:51] <Melinda> slide 3
[18:50:45] <wseltzer> I thought only the US administration had "brands"
[18:51:00] <kaduk@jabber.org/barnowl> "brands", those are red-hot pieces of iron, right?
[18:51:35] metricamerica leaves the room
[18:51:41] <Melinda> slide 4
[18:52:10] metricamerica joins the room
[18:52:38] <Melinda> slide 5
[18:53:59] Samuel Weiler leaves the room
[18:54:12] Richard Barnes joins the room
[18:54:16] Samuel Weiler joins the room
[18:54:59] <Richard Barnes> is the password advice "don't"?
[18:55:07] <kaduk@jabber.org/barnowl> It could be...
[18:55:21] <Melinda> slide 6
[18:55:24] <Martin Thomson> Richard Barnes: that is a little trite, sadly
[18:55:37] <Martin Thomson> UX of alternatives can suck
[18:55:44] <Richard Barnes> i mean, if you have 2FA, password selection hardly matters
[18:56:11] <Martin Thomson> 2FA is sadly very poorly utilized
[18:56:12] ted.h leaves the room
[18:56:19] <fenton> And with 2FA, one of the factors is still a password (or someties a biometric).
[18:56:28] <kaduk@jabber.org/barnowl> There's also different "grades" if you will of 2FA
[18:56:45] <Yoav Nir> A password and a phone receiving an instant message
[18:56:57] <Melinda> slide 7
[18:57:01] ted.h joins the room
[18:57:13] <sftcd> I'd whine if we end up with cyberfeckinganything as a name
[18:57:16] <fenton> Yoav: No, there are far too many weaknesses in SMS.
[18:57:43] <Martin Thomson> https://duckduckgo.com/?q=define+cyber&t=ffab&ia=definition
[18:58:11] <Melinda> Questions?
[18:58:16] <Yoav Nir> Everyone has a phone. Everyone can remember a password. SMS+password is the thing that's easiest to deploy
[18:58:23] <sftcd> what's wrong with maprg for this?
[18:58:33] <kaduk@jabber.org/barnowl> stephen: say that at the mic!
[18:59:28] dsibold leaves the room
[18:59:41] dsibold joins the room
[19:00:28] dsibold leaves the room
[19:00:31] dsibold joins the room
[19:00:54] <fenton> Yoav Nir: Yes, but it's far too easy to hijack a mobile phone number and thereby get the messages.
[19:02:16] dsibold leaves the room
[19:02:20] dsibold joins the room
[19:02:26] Samuel Weiler leaves the room
[19:02:29] dsibold leaves the room
[19:02:42] dsibold joins the room
[19:02:59] <Yoav Nir> Ease of deployment wins, though. Your employer may provide you with some interesting second factor. Banks, healthcare providers, Internet services all use SMS + password.  Banks in Europe used to give customers a list of one-time passwords. No idea if they still do that, but it's not better than SMS+password
[19:03:05] ted.h leaves the room
[19:04:00] <Melinda> Open mic
[19:04:02] <Yoav Nir> In some places they replace the SMS with a specialty app, but it's still the phone as a factor
[19:04:28] Samuel Weiler joins the room
[19:04:37] Lucas Pardue joins the room
[19:04:43] Samuel Weiler leaves the room
[19:05:17] dsibold leaves the room
[19:05:27] sftcd leaves the room
[19:05:27] dsibold joins the room
[19:05:29] <Melinda> And we're done.
[19:05:30] Melinda leaves the room
[19:05:37] Meetecho leaves the room
[19:05:38] <fenton> Yoav Nir: Phone as a factor is fine if some app can establish securely enough that the user is indeed in possession of a specific "thing". But NIST is discouraging the use of SMS (See SP 800-63B)
[19:05:42] Stefan Santesson leaves the room
[19:05:47] <fenton> *SP 800-63B
[19:05:51] Yoav Nir leaves the room
[19:05:52] Martin Thomson leaves the room
[19:05:57] Satoru Kanno leaves the room
[19:05:57] Lucas Pardue leaves the room
[19:05:58] Tommy Charles leaves the room
[19:05:58] Daniel Kaiser leaves the room
[19:05:58] Stephanie Huguenin leaves the room
[19:05:58] Sandra Murphy leaves the room
[19:05:58] David Waltermire leaves the room
[19:05:58] Marco Tiloca leaves the room
[19:06:06] fenton leaves the room
[19:07:06] Sean Turner leaves the room
[19:09:40] dsibold leaves the room
[19:11:52] cw-ietf leaves the room
[19:18:05] metricamerica leaves the room
[19:19:05] Richard Barnes leaves the room
[19:21:35] wseltzer leaves the room
[19:25:57] Martin Thomson joins the room
[19:26:20] dsibold joins the room
[19:28:28] Martin Thomson leaves the room
[19:28:51] Sean Turner joins the room
[19:32:30] Sean Turner leaves the room
[19:34:16] m&m joins the room
[19:36:25] Samuel Weiler joins the room
[19:39:58] Sean Turner joins the room
[19:40:36] slm leaves the room: Disconnected: closed
[19:42:07] UuhULqIX leaves the room
[19:42:56] NuYdSeP2 joins the room
[19:45:37] NuYdSeP2 leaves the room
[19:48:51] Samuel Weiler leaves the room
[19:50:29] Stefan Santesson joins the room
[19:50:53] Martin Thomson joins the room
[19:50:58] metricamerica joins the room
[19:51:44] metricamerica leaves the room
[19:52:40] Samuel Weiler joins the room
[19:53:45] Samuel Weiler leaves the room
[19:55:34] Richard Barnes joins the room
[19:55:39] wseltzer@jabber.org joins the room
[20:01:24] kaduk@jabber.org/barnowl leaves the room
[20:04:00] Martin Thomson leaves the room
[20:24:14] Richard Barnes leaves the room
[20:33:30] Stefan Santesson leaves the room
[20:38:55] wseltzer@jabber.org leaves the room
[20:43:20] Stefan Santesson joins the room
[20:57:56] dsibold leaves the room
[21:01:07] dsibold joins the room
[21:08:00] m&m leaves the room: Disconnected: No route to host
[21:08:18] Stefan Santesson leaves the room
[21:13:23] dsibold leaves the room: Disconnected: Replaced by new connection
[21:13:23] dsibold joins the room
[21:15:56] dsibold leaves the room: Disconnected: Replaced by new connection
[21:15:57] dsibold joins the room
[21:19:39] Stefan Santesson joins the room
[21:26:27] dsibold leaves the room: Disconnected: Replaced by new connection
[21:45:46] Sean Turner leaves the room
[21:51:26] Stefan Santesson leaves the room: Disconnected: closed
[22:08:52] Stefan Santesson joins the room
[22:16:32] m&m joins the room
[22:59:16] m&m leaves the room: Disconnected: No route to host
[23:04:50] m&m joins the room
[23:16:00] Stefan Santesson leaves the room
[23:21:07] m&m leaves the room: Disconnected: No route to host
[23:26:33] Stefan Santesson joins the room
[23:34:17] Stefan Santesson leaves the room: Disconnected: closed
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!