[03:08:41] lellel leaves the room
[03:16:32] lellel joins the room
[03:22:22] lellel leaves the room
[04:36:36] lellel joins the room
[04:37:22] lellel leaves the room
[04:45:13] lellel joins the room
[04:53:00] lellel leaves the room
[04:53:20] lellel joins the room
[04:53:59] chi.jiun.su joins the room
[05:00:55] lellel leaves the room
[05:00:56] lellel joins the room
[05:01:38] lellel leaves the room
[05:06:27] lellel joins the room
[05:07:54] lellel leaves the room
[05:29:14] lellel joins the room
[05:30:26] lellel leaves the room
[05:34:57] ash joins the room
[05:39:49] lellel joins the room
[05:41:25] lellel leaves the room
[05:46:13] lellel joins the room
[05:46:57] lellel leaves the room
[05:50:39] lellel joins the room
[05:51:17] lellel leaves the room
[05:58:59] lellel joins the room
[05:59:42] lellel leaves the room
[06:05:31] lellel joins the room
[06:06:30] lellel leaves the room
[07:32:57] chi.jiun.su leaves the room
[08:31:30] rikard.hoglund joins the room
[08:37:30] Meetecho joins the room
[08:50:03] Ken Takayama joins the room
[08:50:03] Daniel Gillmor joins the room
[08:50:03] Alessandro Toppi joins the room
[08:50:03] Ash Wilson joins the room
[08:50:03] Ahmed Bashandy joins the room
[08:50:03] Éric Vyncke joins the room
[08:50:03] Jan-Frederik Rieckers joins the room
[08:50:03] Ted Hardie joins the room
[08:50:03] Tobia Castaldi joins the room
[08:50:03] Dave joins the room
[08:50:03] Bernie Hoeneisen joins the room
[08:50:03] Francesca Palombini joins the room
[08:50:03] Thomas Hardjono joins the room
[08:50:03] Martin Hargreaves joins the room
[08:50:43] Kathleen joins the room
[08:50:51] Jonathan Hammell joins the room
[08:51:00] Kathleen Moriarty joins the room
[08:51:29] Mark McFadden joins the room
[08:51:44] <Daniel Gillmor> we can hear
[08:51:46] Stephen Farrell joins the room
[08:52:03] <Daniel Gillmor> morning!
[08:52:07] <Daniel Gillmor> or night, or whatever
[08:52:14] Christian Amsüss joins the room
[08:52:25] sftcd joins the room
[08:52:32] Patrick Tarpey joins the room
[08:52:47] Mike Boyle joins the room
[08:52:51] Riccardo Nanni joins the room
[08:52:55] Bob  Moskowitz joins the room
[08:52:57] francesca joins the room
[08:53:05] Russ Housley joins the room
[08:53:09] <Daniel Gillmor> i can handle minutes
[08:53:24] Robert Moskowitz joins the room
[08:53:26] <Daniel Gillmor> i'm doing them in https://codimd.ietf.org/notes-ietf-109-secdispatch and if anyone wants to join that's fine
[08:53:26] Jan-Frederik Rieckers leaves the room
[08:53:32] Jan-Frederik Rieckers joins the room
[08:53:41] Deb Cooley joins the room
[08:53:54] Marco Tiloca joins the room
[08:54:04] Richard Barnes joins the room
[08:54:27] marco.tiloca joins the room
[08:54:28] Roman Danyliw joins the room
[08:54:51] Phillip Hallam-Baker joins the room
[08:55:25] Roman Danyliw/jabber joins the room
[08:55:38] Yoav Nir joins the room
[08:55:43] <Kathleen Moriarty> Chair slides
[08:55:45] <Daniel Gillmor> my goal will be to record discussion that comes up by voice.  i presume jabber has its own log
[08:55:46] tim costello joins the room
[08:55:54] fightingnemo joins the room
[08:55:57] Takahiro Nemoto joins the room
[08:56:02] <Richard Barnes> thanks @daniel
[08:56:16] Ahmed Bashandy leaves the room
[08:56:19] Peter Koch joins the room
[08:56:23] Jessica Fitzgerald-McKay joins the room
[08:56:24] Ahmed Bashandy joins the room
[08:56:39] Luke Riley joins the room
[08:56:50] Ahmed Bashandy leaves the room
[08:56:52] Dominique Lazanski joins the room
[08:57:00] Joseph Salowey joins the room
[08:57:06] Alissa Cooper joins the room
[08:57:19] Corinne Cath joins the room
[08:57:25] Ahmed Bashandy joins the room
[08:57:32] synp joins the room
[08:57:41] Dave leaves the room
[08:57:49] Dave joins the room
[08:57:57] Jonathan Hoyland joins the room
[08:58:10] Scott Rose joins the room
[08:58:12] Ahmed Bashandy leaves the room
[08:58:15] Ahmed Bashandy joins the room
[08:58:16] James Galvin joins the room
[08:58:20] Wes Hardaker joins the room
[08:58:28] Tero Kivinen joins the room
[08:58:34] Ahmed Bashandy leaves the room
[08:58:37] synp has set the subject to: SecDispatch @ IETF 109 - https://datatracker.ietf.org/meeting/109/materials/agenda-109-secdispatch-00
[08:58:44] Ahmed Bashandy joins the room
[08:58:47] John Border joins the room
[08:58:51] Valery Smyslov joins the room
[08:58:54] Kazunori Fujiwara joins the room
[08:58:55] Evana DiPietro joins the room
[08:59:11] Roland Jesske joins the room
[08:59:18] alex-meetecho joins the room
[08:59:26] Mohit Sethi joins the room
[08:59:37] David Lawrence joins the room
[08:59:39] Benjamin Kaduk joins the room
[08:59:50] Stefan Santesson joins the room
[08:59:59] Nancy Cam-Winget joins the room
[09:00:07] Nicklas Pousette joins the room
[09:00:14] Michael Richardson joins the room
[09:00:29] Monika Ermert joins the room
[09:00:37] Shumon Huque joins the room
[09:00:37] mcr joins the room
[09:00:47] Guy Fedorkow joins the room
[09:00:48] Jaime Jimenez joins the room
[09:00:57] Yaron Sheffer joins the room
[09:01:27] Olle Johansson joins the room
[09:01:32] Cullen Jennings joins the room
[09:01:36] Andrew Campling joins the room
[09:01:39] Zaid AlBanna joins the room
[09:01:54] kaduk@jabber.org/barnowl joins the room
[09:01:57] Tommy C joins the room
[09:02:03] Kirsty P joins the room
[09:02:05] Eric Rescorla joins the room
[09:02:17] Leif Johansson joins the room
[09:02:20] Ned Smith joins the room
[09:02:41] <kaduk@jabber.org/barnowl> dkg: yes, jabber is captured at
https://www.ietf.org/jabber/logs/secdispatch/2020-11-16.html
[09:02:43] Jie Yang joins the room
[09:02:47] <Kathleen Moriarty> IETF Notewell
[09:03:01] Roberto Polli joins the room
[09:03:02] Corey Bonnell joins the room
[09:03:28] <Daniel Gillmor> legacy http:// link alert!
[09:03:44] Simon Hicks joins the room
[09:03:46] Robert Wilton joins the room
[09:03:49] 藤﨑 智宏 joins the room
[09:04:17] <Kathleen Moriarty> Thanks, Daniel!
[09:04:22] ekr@jabber.org joins the room
[09:04:57] Tadahiko Ito joins the room
[09:05:01] Corinne Cath leaves the room
[09:05:07] Kohei Isobe joins the room
[09:05:09] Chonggang Wang joins the room
[09:05:16] Gurshabad Grover joins the room
[09:05:18] <Shumon Huque> My name was pronounced corrrectly! :)
[09:05:24] Wei Pan joins the room
[09:05:37] Kohei Isobe leaves the room
[09:05:42] Kohei Isobe joins the room
[09:05:54] Göran Selander joins the room
[09:06:03] <ekr@jabber.org> Uh, we dispatched it to a list.
[09:06:24] Stanislav Smyshlyaev joins the room
[09:06:24] ko-isobe joins the room
[09:06:25] <ekr@jabber.org> It seems like if a list wasn't created, then that kinda answers the question about interest
[09:06:27] Roland Jesske leaves the room
[09:06:40] Roland Jesske joins the room
[09:07:00] Robert Moskowitz leaves the room
[09:07:12] Robert Moskowitz joins the room
[09:07:20] Jim Reid joins the room
[09:07:23] Robert Moskowitz leaves the room
[09:07:26] Robert Moskowitz joins the room
[09:07:38] Rafael Belchior joins the room
[09:07:48] Alexey Melnikov joins the room
[09:08:22] Bron Gondwana joins the room
[09:08:22] <Ahmed Bashandy> The slides are not available. The link to the slides says "The requested URL was not found on this server. "
[09:08:42] Roberto Polli leaves the room
[09:08:45] Roberto Polli joins the room
[09:09:26] <Ahmed Bashandy> Never mind. The link in the meetecho "meeting material" is not correct
[09:09:34] Roland Jesske leaves the room
[09:09:55] <Meetecho> Ahmed Bashandy: mh that issue should have been fixed
[09:10:31] <Meetecho> Argh it's still there, apologies for that
[09:10:39] <Meetecho> There's a typo, we'll fix in for the next session
[09:10:55] <kaduk@jabber.org/barnowl> Here's the link to what we need to make a new (non-WG) mail list:
https://www.ietf.org/how/lists/nonwglist-guidelines/
Yes, some of the questions don't make sense to answer before the list
actually exists, so those can be left blank
[09:10:58] <Meetecho> If you click the "open in a new tab" it will show the correct links
[09:11:11] <synp> Chair slides: https://datatracker.ietf.org/doc/slides-109-secdispatch-chairs/
[09:11:59] <synp> Thomas slides: https://datatracker.ietf.org/doc/slides-109-secdispatch-draft-hardjono-blockchain-interop-arch/
[09:12:07] <Kathleen Moriarty> Thomas Harjorno - Interoperability architecture for blockchain/DLT Gateways
[09:13:05] Andrew Campling leaves the room
[09:13:43] <mcr> clarification on "DLT" TLA?
[09:13:53] <Daniel Gillmor> distributed ledger tech
[09:14:21] <synp> @Daniel Gilmor: tnx
[09:14:24] <Bron Gondwana> https://en.wikipedia.org/wiki/Distributed_ledger
[09:14:27] <mcr> ah. So, not between Blockchain and non-blockchain, but from Branded Blockchain and non-branded Blockchain :-)
[09:15:12] <sftcd> i had thought those exchanges were mostly to upscale wallet theft, guess I got that one wrong:-)
[09:15:29] <mcr> sftcd: you are not even wrong.
[09:15:34] <Daniel Gillmor> these diagrams assume an understanding of what these graphs are
[09:16:12] <Daniel Gillmor> are the graphs what are being transferred?  or are the nodes being transferred?
[09:16:35] Stefans joins the room
[09:16:41] <mcr> The slides keep swipping up/down/left right.?
[09:16:42] <Daniel Gillmor> the screenshare is really flickering and flashing for me
[09:16:45] <synp> Why do we need gateways in a distributed ledger?
[09:16:46] <Jonathan Hoyland> Neither. The nodes are participants in the blockchain.
[09:17:03] <kaduk@jabber.org/barnowl> The screenshare is flickering a lot for me as well
[09:17:04] <Daniel Gillmor> what are the G's vs. the N's ?
[09:17:11] <Martin Hargreaves> Gateway vs Node
[09:17:25] <kaduk@jabber.org/barnowl> Gs are Ns that are willing to participate in the gateway protocol,
AIUI
[09:17:35] <Daniel Gillmor> so the fact that the graphs were identical on both sides of the earlier slide was an accident?
[09:17:43] <Martin Hargreaves> Yes
[09:17:47] <francesca> sorry about the flickering, my fault probably :/ will stop
[09:18:07] <Deb Cooley> I've seen no flickering....
[09:18:07] <Jonathan Hoyland> I think it's probably more just lazy graphics ;p
[09:18:19] <Bron Gondwana> I've seen flickering
[09:18:40] <Daniel Gillmor> that kind of laziness sort of defeats the purpose of using graphics to communicate an idea more clearly :/
[09:18:44] <kaduk@jabber.org/barnowl> Too bad "IP" is already taken for the internetworking protocol, so the
interblockchain protocol will need to come up with a different acronym
[09:18:55] <synp> Are L1 and L2 two copies of the same ledger, or are they separate ledgers?  Are they intended to contain the same or different entries?
[09:18:57] <Bron Gondwana> IBP?
[09:19:07] <Martin Hargreaves> Two separate ledgers, different entries
[09:19:22] <Daniel Gillmor> inter cryptocurrency protocol -- because we need more ICP
[09:19:53] <Daniel Gillmor> slides are still blinking intermittently for me :/
[09:20:10] <Jonathan Hoyland> Ditto, slides still flickering.
[09:20:20] <Richard Barnes> weird, i am not seeing flickering
[09:20:30] <Alissa Cooper> there was https://datatracker.ietf.org/doc/html/draft-thomas-interledger-00 back in the day
[09:20:59] <Richard Barnes> @Alissa - yeah, that thought occurred to me as well.  and that's much more mature work.
[09:21:17] <kaduk@jabber.org/barnowl> When did 2016 become BITD?
[09:21:34] <Olle Johansson> discovery - how does G1 find a trusted path to G2
[09:21:36] <Alissa Cooper> when COVID started? ;-)
[09:22:00] <Deb Cooley> fair
[09:22:07] <kaduk@jabber.org/barnowl> > when COVID started
point conceded
[09:22:08] <mcr> the flickering seems to be something occuring on the sending system, as if the screen is moving around.
[09:22:10] <Jonathan Hoyland> @Olle, if it's over TLS 1.3 does the path matter?
[09:22:13] <Deb Cooley> fair
[09:22:29] <synp> So the "assets" going over this proposed protocol are not currency or even cryptocurrency, but real assets like pizza or representation thereof
[09:22:35] <kaduk@jabber.org/barnowl> The path can matter if G1 and G2 are supposed to be self-discovered
arbitrary nodes in the respective graphs.
[09:22:44] jhoyla joins the room
[09:22:46] <francesca> mcr: I think it might be when i tab back into the chrome tab that has slides (on my second screen)
[09:23:04] <mcr> yes, I think so.
[09:23:12] <kaduk@jabber.org/barnowl> But even establishing a TLS 1.3 channel could be challenging since you
have to have a name with which to authenticate the other party, and
I'm not sure what you can latch on to in order to get the right name
[09:23:35] <ekr@jabber.org> @kaduk I think it would be fine with TLS 1.4
[09:23:40] <sftcd> given that in/out of scope description, is this just secure-RPC?
[09:23:52] <kaduk@jabber.org/barnowl> francesca: maybe if you use a mouse click to change focus rather than
tabbing, if the window manager is doing some popup thing during
tabbing?
[09:23:52] <jhoyla> I assumed that the person initiating the transfer would be providing the name ...
[09:24:02] <jhoyla> Otherwise where is it transferring it to.
[09:24:27] <francesca> I do use mouse click Ben :/ I try to keep the windows switching to a minimum
[09:24:30] Ahmed Bashandy leaves the room
[09:24:36] <kaduk@jabber.org/barnowl> The person initiating the transfer knows what the destination network
is, but it's not clear that they know a particular node in the
destination network.
[09:25:07] <jhoyla> I guess you'd handle it through DNS?
[09:25:11] <kaduk@jabber.org/barnowl> sftcd: secure RPC with some additional constraints, maybe
[09:25:39] <Olle Johansson> Coming from SIP DNS Naptr/SRV is always a way for discovery...
[09:25:52] <Martin Hargreaves> synp: can be cryptocurrency, tokenised real currency or real assets digital representations
[09:25:58] <Ted Hardie> So application/dlt-mumblefratz inside an S/MIME message using SMTP over TLS seems to meet all those requirements and avoid all of those "not going to talk about it" areas.  But I sense this is not what is wanted here, so it would be useful to know if there are constraints on the type of solution that will have a hope of deployment here.
[09:26:17] <sftcd> +1 to Ted
[09:26:34] <sftcd> I also wondered if the thing envisaged has any utility other than for blockchains etc
[09:26:54] <ekr@jabber.org> @Ted: my understanding is that this has to define all kind of semantics in the message
[09:27:06] <ekr@jabber.org> Looking at these principles.
[09:27:28] <Richard Barnes> https://www.ietf.org/proceedings/96/ledger.html
[09:27:30] Dave Thaler joins the room
[09:27:40] <Richard Barnes> https://www.ietf.org/proceedings/96/ledger.html
[09:27:55] <Ted Hardie> (Okay, I was wrong.  You'd need multiple messages to get the commit process done.  But the larger question of "what type of solution" still applies).
[09:28:06] <Daniel Gillmor> i'm not sure i understand how either of two disparate DLTs can make any guarantees about double-spending in the other DLT
[09:28:20] <Bron Gondwana> exactly-once, everybody's favourite transactional guarantee
[09:28:25] <Richard Barnes> https://www.ietf.org/proceedings/96/slides/slides-96-ledger-1.pdf
[09:28:26] <jhoyla> Do these principles imply commoditisation / fungibility?
[09:28:51] <sftcd> oops, active attack from competition:-)
[09:28:52] <synp> @Martin Hargreaves: Cryptocurrencies don't move unless it's recorded in the ledger, so they can't be on two separate ledgers
[09:29:00] dkg joins the room
[09:29:20] <synp> Otherwise, you can't guarantee single-spending, like DKG said
[09:29:57] <kaduk@jabber.org/barnowl> My intuition is having a hard time seeing how the requirements can all
be met without requiring the gateways to understand the internal
structure of the DLTs on both sides of the transfer.  Maybe I'm just
insufficiently creative...
[09:30:18] <Richard Barnes> test?  i think chat is no longer appearing for me
[09:30:24] <kaduk@jabber.org/barnowl> Barnes: ack
[09:30:25] Cullen Jennings leaves the room
[09:30:33] <sftcd> @kaduk: yep, that or else, it's only secure RPC
[09:30:35] <dkg> it's working in jabber, but the feed in the webberface is delayed
[09:30:50] <jhoyla> @Kaduk, it could just require trusting the other Gateway.
[09:30:54] <dkg> i occasionally get batches of text chat in the webberface
[09:31:16] <dkg> Meetecho: can you take a look at the chat stream web-interface stream in secdispatch?
[09:31:28] ekr@jabber.org leaves the room
[09:31:39] <Meetecho> dkg: we've been notified that it seems to be lagging behind, looking into it
[09:31:44] <dkg> thanks!
[09:31:55] Robert Moskowitz leaves the room
[09:31:55] Jessica Fitzgerald-McKay leaves the room
[09:31:55] Dominique Lazanski leaves the room
[09:31:55] Bernie Hoeneisen leaves the room
[09:31:55] Daniel Gillmor leaves the room
[09:31:55] Stephen Farrell leaves the room
[09:31:55] Dave leaves the room
[09:31:55] Chonggang Wang leaves the room
[09:31:55] Eric Rescorla leaves the room
[09:31:55] Marco Tiloca leaves the room
[09:31:55] Gurshabad Grover leaves the room
[09:31:55] Göran Selander leaves the room
[09:31:55] Jie Yang leaves the room
[09:31:55] Leif Johansson leaves the room
[09:31:55] Tobia Castaldi leaves the room
[09:31:55] Robert Wilton leaves the room
[09:31:55] Wei Pan leaves the room
[09:31:55] Joseph Salowey leaves the room
[09:31:55] Yaron Sheffer leaves the room
[09:31:55] James Galvin leaves the room
[09:31:55] Ted Hardie leaves the room
[09:31:55] Nicklas Pousette leaves the room
[09:31:55] Nancy Cam-Winget leaves the room
[09:31:55] Mike Boyle leaves the room
[09:31:55] Zaid AlBanna leaves the room
[09:31:55] Deb Cooley leaves the room
[09:31:55] Peter Koch leaves the room
[09:31:55] Thomas Hardjono leaves the room
[09:31:55] Olle Johansson leaves the room
[09:31:55] Roman Danyliw leaves the room
[09:31:55] Christian Amsüss leaves the room
[09:31:55] David Lawrence leaves the room
[09:31:55] Michael Richardson leaves the room
[09:31:55] Simon Hicks leaves the room
[09:31:55] Roberto Polli leaves the room
[09:31:55] Evana DiPietro leaves the room
[09:31:55] Phillip Hallam-Baker leaves the room
[09:31:55] Riccardo Nanni leaves the room
[09:31:55] Guy Fedorkow leaves the room
[09:31:55] 藤﨑 智宏 leaves the room
[09:31:55] Kohei Isobe leaves the room
[09:31:55] Monika Ermert leaves the room
[09:31:55] Éric Vyncke leaves the room
[09:31:55] Alissa Cooper leaves the room
[09:31:55] Kathleen Moriarty leaves the room
[09:31:55] Luke Riley leaves the room
[09:31:55] Rafael Belchior leaves the room
[09:31:55] Jonathan Hoyland leaves the room
[09:31:55] Jaime Jimenez leaves the room
[09:31:55] Tadahiko Ito leaves the room
[09:31:55] Martin Hargreaves leaves the room
[09:31:55] Jim Reid leaves the room
[09:31:55] Richard Barnes leaves the room
[09:31:55] Corey Bonnell leaves the room
[09:31:55] John Border leaves the room
[09:31:55] Francesca Palombini leaves the room
[09:31:55] Alessandro Toppi leaves the room
[09:31:55] Benjamin Kaduk leaves the room
[09:31:55] Jonathan Hammell leaves the room
[09:31:55] Jan-Frederik Rieckers leaves the room
[09:31:55] Valery Smyslov leaves the room
[09:31:55] Takahiro Nemoto leaves the room
[09:31:55] Kirsty P leaves the room
[09:31:55] Ned Smith leaves the room
[09:31:55] Stanislav Smyshlyaev leaves the room
[09:31:55] tim costello leaves the room
[09:31:55] Ash Wilson leaves the room
[09:31:55] Bron Gondwana leaves the room
[09:31:55] Wes Hardaker leaves the room
[09:31:55] Ken Takayama leaves the room
[09:31:55] Stefan Santesson leaves the room
[09:31:55] Shumon Huque leaves the room
[09:31:55] Scott Rose leaves the room
[09:31:55] Mark McFadden leaves the room
[09:31:55] Tero Kivinen leaves the room
[09:31:55] Tommy C leaves the room
[09:31:55] Kazunori Fujiwara leaves the room
[09:31:55] Mohit Sethi leaves the room
[09:31:55] Russ Housley leaves the room
[09:31:55] Patrick Tarpey leaves the room
[09:31:55] Yoav Nir leaves the room
[09:31:57] <kaduk@jabber.org/barnowl> IIUC we're experimentally mirroring chat to a bunch of different
technologies this time; I wonder if one of the mirroring things can be
a serialization point
[09:31:59] <dkg> sending works, even if the stream is lagging
[09:32:24] <dkg> if only we had a distributed chat gateway interoperability protocol
[09:32:26] <jhoyla> You could access multiple independent gateways on each network and double check you get a consistent view.
[09:33:07] <synp> Seems like all our Meetecho personas have been kicked off
[09:33:13] <sftcd> I like the title of that slide except it doesn't the "the IETF" part;_)
[09:33:48] <francesca> yes. I'll make sure to mention that comments need to be brought to the mic to make sure they are heard
[09:34:02] <Meetecho> Investigating
[09:35:03] <mcr> [as a datapoint: I see no issue; I'm connected directly to jabber, not via meetecho.]
[09:35:22] <dkg> mcr: agreed, jabber seems ok directly
[09:35:28] metricamerica joins the room
[09:35:45] <jhoyla> +1 MCR & DKG
[09:36:08] <synp> Yeah.  But all the participants representing Meetecho logins are gone
[09:37:15] Göran joins the room
[09:38:23] Nasrul joins the room
[09:38:45] <Meetecho> synp: that's because there's an issue preventing them to rejoin, we're working on a fix as I type
[09:39:19] rikard.hoglund joins the room
[09:40:53] <synp> There's no interop between dollars and Euros except through an exchange (often a bank working as an exchange).  Why is that not acceptable here?
[09:44:14] <sftcd> fwiw, I'm as confused as dkg (normally I'm more confused, so that's a plus for me:-)
[09:45:52] <sftcd> which DLTs allow for destroying assets?
[09:46:16] <dkg> and, how does the receiving DLT verify that the asset was actually destroyed?
[09:46:35] hardie joins the room
[09:46:53] <Dave Thaler> Meetecho won't seem to let me join any session this slot (was fine earlier today), anyone else having problems?  I'd like to hear this discussion but can't ("unable to retrieve room's information
you will be redirect to the events list page in a few seconds")
[09:47:10] <Meetecho> Dave Thaler: we know, sorry, currently investigating
[09:47:31] <hardie> FYI, it started as a jabber issue for me, but turned into a loop, which pushes you back to the datatracker.; I've filed a ticket
[09:47:36] <metricamerica> I can't get in either. I can hear the Audio-only (accessible from the agenda).
[09:47:47] <kaduk@jabber.org/barnowl> Oh, gateways are particular legal entities, interesting.
[09:47:52] <francesca> metricamerica could you link the audio only stream?
[09:47:54] <Meetecho> Yes, there's an issue in the auth-service so you won'tm be ble to rejoin if you reload the page
[09:48:04] <Dave Thaler> what app are you using to hear the audio?  I need to install one on my Windows laptop
[09:48:04] <Meetecho> If audio/video is working,stay in the room
[09:48:07] <synp> I had a short outage.  Are they destroying the assets on one side?  Or locking them up in some escrow?
[09:48:17] <metricamerica> http://mp3.conf.meetecho.com/ietf109/secdispatch/1.m3u
[09:48:19] <Meetecho> There's a separate audio stream for those locked out on the agenda
[09:49:25] <francesca> thanks metricamerica. I'll post it to the mailing list
[09:49:26] rikard.hoglund leaves the room
[09:49:38] rikard.hoglund joins the room
[09:50:46] <kaduk@jabber.org/barnowl> .oO(is there an email outage as well?)
[09:51:13] <dkg> seems like there is a ton of domain-specific knowledge about the requirements here that i just don't have
[09:51:46] <kaduk@jabber.org/barnowl> cf ekr's "we don't know how this works"
[09:52:18] rstory joins the room
[09:52:20] <sftcd> if, approved, that'll be an "amusing" bof @ ietf110
[09:52:33] <sftcd> they already have a list
[09:52:43] <synp> That's true of pretty much every document in the routing area.  Question is if they can get the people who do.
[09:53:34] <sftcd> from Jay "There is a problem with an authenticsation VM that means it needs a reboot, which will kill all sessions for five minutes or so.  Please announce this in any session you are in and we will reboot in two minutes"
[09:53:56] <synp> Now that central banks are involved, ther's likely going to be a ton of regulation involved.
[09:54:05] Dan York joins the room
[09:54:24] <synp> At least the Jabber room will survive the reboot, no?
[09:54:40] <sftcd> guess we'll find out
[09:54:54] <kaduk@jabber.org/barnowl> Time to experiment with gather.town and meetecho in parallel...
[09:55:14] <synp> We're not very good with dealing with financial regulation
[09:57:14] <dkg> i kind of felt like the slides for that last one were deliberately underselling what needs to happen for a standard to emerge here.  there was a lot of "don't worry about authentication, we'll just use pre-existing stuff like oauth"
[09:57:39] <dkg> but of course, worrying about *how* to use oauth is exactly the kind of work needed (and might not have any obvious consensus answers)
[09:57:45] Luke Riley joins the room
[09:57:45] Mohit Sethi joins the room
[09:57:45] Luke Riley leaves the room
[09:57:45] Mohit Sethi leaves the room
[09:57:48] Leif Johansson joins the room
[09:57:48] Leif Johansson leaves the room
[09:57:49] Nancy Cam-Winget joins the room
[09:57:49] Nancy Cam-Winget leaves the room
[09:57:53] Leif Johansson joins the room
[09:57:53] Leif Johansson leaves the room
[09:57:58] Kathleen leaves the room
[09:57:58] Robert Wilton joins the room
[09:57:59] Stephen Farrell joins the room
[09:57:59] Robert Wilton leaves the room
[09:57:59] Stephen Farrell leaves the room
[09:57:59] Jan-Frederik Rieckers joins the room
[09:57:59] Peter Koch joins the room
[09:57:59] Jan-Frederik Rieckers leaves the room
[09:57:59] Peter Koch leaves the room
[09:57:59] Stefan Santesson joins the room
[09:57:59] Stefan Santesson leaves the room
[09:58:00] Gurshabad Grover joins the room
[09:58:00] Gurshabad Grover leaves the room
[09:58:00] Kohei Isobe joins the room
[09:58:00] Kohei Isobe leaves the room
[09:58:01] Mike Boyle joins the room
[09:58:01] Mike Boyle leaves the room
[09:58:02] Tobia Castaldi joins the room
[09:58:02] Tobia Castaldi leaves the room
[09:58:02] Tadahiko Ito joins the room
[09:58:02] Tadahiko Ito leaves the room
[09:58:03] Shumon Huque joins the room
[09:58:03] Alissa Cooper joins the room
[09:58:03] Shumon Huque leaves the room
[09:58:03] Alissa Cooper leaves the room
[09:58:04] Yaron Sheffer joins the room
[09:58:04] Yaron Sheffer leaves the room
[09:58:05] Ned Smith joins the room
[09:58:05] Ned Smith leaves the room
[09:58:06] Jonathan Hoyland joins the room
[09:58:06] Jonathan Hoyland leaves the room
[09:58:06] Zaid AlBanna joins the room
[09:58:06] Zaid AlBanna leaves the room
[09:58:06] Dave joins the room
[09:58:06] Dave leaves the room
[09:58:07] tim costello joins the room
[09:58:07] tim costello leaves the room
[09:58:07] Francesca Palombini joins the room
[09:58:07] Francesca Palombini leaves the room
[09:58:08] 藤﨑 智宏 joins the room
[09:58:08] 藤﨑 智宏 leaves the room
[09:58:08] Michael Richardson joins the room
[09:58:08] Michael Richardson leaves the room
[09:58:10] Jie Yang joins the room
[09:58:10] Jie Yang leaves the room
[09:58:11] Ash Wilson joins the room
[09:58:11] Ash Wilson leaves the room
[09:58:12] Simon Hicks joins the room
[09:58:12] Simon Hicks leaves the room
[09:58:12] John Border joins the room
[09:58:12] John Border leaves the room
[09:58:14] Bernie Hoeneisen joins the room
[09:58:14] Bernie Hoeneisen leaves the room
[09:58:14] Ken Takayama joins the room
[09:58:14] Ken Takayama leaves the room
[09:58:16] Roman Danyliw joins the room
[09:58:16] Roman Danyliw leaves the room
[09:58:18] David Lawrence joins the room
[09:58:18] David Lawrence leaves the room
[09:58:19] Chonggang Wang joins the room
[09:58:19] Chonggang Wang leaves the room
[09:58:20] Evana DiPietro joins the room
[09:58:20] Evana DiPietro leaves the room
[09:58:21] Martin Hargreaves joins the room
[09:58:21] Martin Hargreaves leaves the room
[09:58:22] Marco Tiloca joins the room
[09:58:22] Marco Tiloca leaves the room
[09:58:23] <francesca> sounds like lots of discussion needs to happen on the mailing list...
[09:58:24] Éric Vyncke joins the room
[09:58:24] Éric Vyncke leaves the room
[09:58:25] Christian Amsüss joins the room
[09:58:25] Christian Amsüss leaves the room
[09:58:25] Jim Reid joins the room
[09:58:25] Jim Reid leaves the room
[09:58:27] Takahiro Nemoto joins the room
[09:58:27] Takahiro Nemoto leaves the room
[09:58:27] Benjamin Kaduk joins the room
[09:58:27] Benjamin Kaduk leaves the room
[09:58:27] Göran Selander joins the room
[09:58:27] Göran Selander leaves the room
[09:58:28] Alessandro Toppi joins the room
[09:58:28] Alessandro Toppi leaves the room
[09:58:34] Olle Johansson joins the room
[09:58:34] Olle Johansson leaves the room
[09:58:35] Kazunori Fujiwara joins the room
[09:58:35] Kazunori Fujiwara leaves the room
[09:58:36] tim_costello joins the room
[09:59:10] Corey Bonnell joins the room
[09:59:10] Guy Fedorkow joins the room
[09:59:11] Roberto Polli joins the room
[09:59:24] Tero Kivinen joins the room
[09:59:25] Tobia Castaldi joins the room
[09:59:33] Alessandro Toppi joins the room
[09:59:34] Wei Pan joins the room
[09:59:34] Daniel Gillmor joins the room
[09:59:36] James Galvin joins the room
[09:59:37] Roman Danyliw joins the room
[09:59:37] Greg Wood joins the room
[09:59:40] Kirsty P joins the room
[09:59:42] Ash Wilson joins the room
[09:59:42] Joseph Salowey joins the room
[09:59:43] Luigi Iannone joins the room
[09:59:53] Bron Gondwana joins the room
[09:59:53] tim costello joins the room
[09:59:57] tim costello leaves the room
[09:59:57] Eric Rescorla joins the room
[09:59:58] Nicklas Pousette joins the room
[10:00:01] Phillip Hallam-Baker joins the room
[10:00:05] tim costello joins the room
[10:00:06] Ted Hardie joins the room
[10:00:11] <Meetecho> It should be working again now, truly sorry for the issue...
[10:00:13] Göran Selander joins the room
[10:00:16] Alissa Cooper joins the room
[10:00:17] Yoav Nir joins the room
[10:00:18] Dominique Lazanski joins the room
[10:00:18] <Roman Danyliw/jabber> back?
[10:00:20] Kathleen joins the room
[10:00:22] Jan-Frederik Rieckers joins the room
[10:00:27] <hardie> Seems to be.
[10:00:30] <Eric Rescorla> I'm kind of surprised that their is an "authentication VM"
[10:00:31] <Dan York> [Side note: with our integration of chat systems, if I give dkg 's last comment a "thumbs up" in Matrix... does that mean anything for other chat systems? Does that get replicated/translated?  Or is that (as I suspect) just additional data that remains only in Matrix?]
[10:00:31] <dkg> thanks for resuscitating it, Meetecho!
[10:00:38] Dave Thaler_470 joins the room
[10:00:42] Michael Jenkins joins the room
[10:00:43] Kathleen Moriarty joins the room
[10:00:46] Jonathan Hammell joins the room
[10:00:46] Phillip Hallam-Baker leaves the room
[10:00:50] Phillip Hallam-Baker joins the room
[10:00:50] Livio Sgier joins the room
[10:00:51] Luigi Iannone leaves the room
[10:00:56] Luigi Iannone joins the room
[10:00:57] <dkg> Dan, i don't see any thumbs up in either jabber or in the meetecho mirror
[10:00:59] Göran Selander leaves the room
[10:01:03] Robert Story joins the room
[10:01:03] Göran Selander joins the room
[10:01:13] Jonathan Hoyland joins the room
[10:01:16] Michael Richardson joins the room
[10:01:17] Robert Wilton joins the room
[10:01:18] Jie Yang joins the room
[10:01:18] Phillip Hallam-Baker leaves the room
[10:01:19] Riccardo Nanni joins the room
[10:01:19] <dkg> maybe we're not so good at distributed gateway systems after all 😛
[10:01:21] Dan York_629 joins the room
[10:01:22] Phillip Hallam-Baker joins the room
[10:01:23] Nancy Cam-Winget joins the room
[10:01:28] Mark McFadden joins the room
[10:01:34] Deb Cooley joins the room
[10:01:38] Patrick Tarpey joins the room
[10:01:41] <kaduk@jabber.org/barnowl> I assume it's just in Matrix
[10:01:43] <mcr> no audio from the meetecho yet?
[10:01:46] Satoru Kanno joins the room
[10:01:48] <francesca> still trying to reconnect..
[10:01:59] <Phillip Hallam-Baker> Can't get audio or slides
[10:02:02] <Dan York> Good to know. Probably that there is no standard for those "reactions" between messaging systems.
[10:02:03] <Jonathan Hoyland> I have audio.
[10:02:06] Richard Barnes joins the room
[10:02:08] <Phillip Hallam-Baker> Got audio
[10:02:13] <mcr> just heard Kathleen.
[10:02:13] <Meetecho> You may need to close the tab and open from the agenda again
[10:02:14] Wes Hardaker joins the room
[10:02:20] Valery Smyslov joins the room
[10:02:23] <Phillip Hallam-Baker> Did I miss much?
[10:02:24] Monika Ermert joins the room
[10:02:27] Livio Sgier leaves the room
[10:02:27] <mcr> nothing.
[10:02:28] Thomas Hardjono joins the room
[10:02:33] <Meetecho> The previous page is probably stuck
[10:02:41] Olle Johansson joins the room
[10:02:47] Francesca Palombini joins the room
[10:02:50] <francesca> thanks Meetecho1
[10:02:57] <sftcd> I just left my browser alone and am now back hearing audio
[10:03:06] Jessica Fitzgerald-McKay joins the room
[10:03:07] <Dan York> I am hearing audio
[10:03:08] Christian Amsüss joins the room
[10:03:19] Yaron Sheffer joins the room
[10:03:19] <metricamerica> ooh, multipath audio
[10:03:24] Satoru Kanno leaves the room
[10:03:26] <synp> Slides at https://datatracker.ietf.org/doc/slides-109-secdispatch-dane-for-iot/
[10:03:30] Satoru Kanno joins the room
[10:03:37] Michael Jenkins leaves the room
[10:03:40] <Jonathan Hoyland> Not getting any video.
[10:03:55] <Wes Hardaker> @metricamerica: it's called multi(broad)cast
[10:04:00] <Jonathan Hoyland> But not sure if that's because no-one is sending any ...
[10:04:03] <Richard Barnes> looks like screen share is being attempted but not succeeding
[10:04:07] Kipras Krasauskas joins the room
[10:04:08] <Richard Barnes> there we go, receiving now
[10:04:12] rstory leaves the room
[10:04:13] <Tobia Castaldi> Jonathan Hoyland: nobody is sending their video
[10:04:24] <Meetecho> Screen sharing shows a placeholder until who shares decide what to share
[10:04:26] Russ Housley joins the room
[10:04:27] <Roman Danyliw/jabber> I see slides.
[10:04:34] Nasrul Zikri joins the room
[10:04:46] Michael Jenkins joins the room
[10:04:55] Robert Moskowitz joins the room
[10:05:21] Ken Takayama joins the room
[10:05:24] Tadahiko Ito joins the room
[10:05:37] <francesca> flickering incoming... (sorry about that)
[10:05:50] Éric Vyncke joins the room
[10:06:08] Scott Rose joins the room
[10:06:10] Quang-Huy Nguyen joins the room
[10:06:53] Dave Thaler_470 leaves the room
[10:06:59] Dave Thaler_630 joins the room
[10:07:17] Fraser Tweedale joins the room
[10:07:29] Leif Johansson joins the room
[10:07:58] Eliot Lear joins the room
[10:08:24] <dkg> SECDISPATCH Chairs: i don't know that i captured the conclusion of the previous session: i've just got it that we're sticking with the mailing list for now and we'll keep an eye on that list for activity.  if there's any extra conclusions that belong in the notes, please let me know.
[10:08:44] <francesca> that sounds good dkg, thanks.
[10:08:50] Eliot Lear leaves the room
[10:08:53] Eliot Lear joins the room
[10:09:01] <dkg> 👍
[10:09:16] Robert Wilton leaves the room
[10:09:20] Kipras Krasauskas leaves the room
[10:11:32] <Richard Barnes> my usual question: what vendors are supportive?
[10:11:58] <sftcd> and what small devices have DNS names (outside the enterprise/factory environment)
[10:12:02] <jhoyla> What's the significance of the lowercase `d` in "dNSName"?
[10:12:15] <Richard Barnes> @jhoyla - ASN.1-ism
[10:12:18] <dkg> asn.1 idiosyncrasies
[10:12:18] <kaduk@jabber.org/barnowl> ASN.1 field names and types start with lower vs uppercase letters
[10:12:18] <sftcd> inherited from x.509
[10:12:33] <mcr> X509v3 Subject Alt Name's have mixed case like that.  dNSName, iPAddress, etc.
[10:13:01] Sergey Myasoedov joins the room
[10:13:03] <mcr> It's what inspired Steve Jobs' marketing department.
[10:13:10] <kaduk@jabber.org/barnowl> Gah, it's too late here; I should have said minuscule vs majuscule
letters.
[10:13:20] Jaime Jimenez joins the room
[10:13:22] <jhoyla> Thanks all :blush:
[10:13:31] Leif Johansson leaves the room
[10:13:44] Alexey Melnikov_273 joins the room
[10:15:31] <mcr> size of certdata.txt, which is how you authenticate the server to the client, doesn't really feel relevant to me.  For the classic device->manufacturer-cloud use case we see now, the vendor can pick one or two specific CAs, or use  a private one.
[10:15:37] Gilbert Verdian joins the room
[10:15:40] <Eric Rescorla> What MCR said
[10:16:06] <mcr> For pretty much all over uses, where there is cross-device, or local stuff,.... yes, you need onboarding, like BRSKI, and we don't need certdata.
[10:16:26] Gilbert Verdian leaves the room
[10:16:41] <Eliot Lear> i think we're agreeing on the general need ;-)
[10:16:45] Shumon Huque joins the room
[10:16:47] Leif Johansson joins the room
[10:17:11] <sftcd> but little things don't have entries in zone files, or do they?
[10:17:14] Rüdiger Volk joins the room
[10:17:45] <mcr> For browser->device, where the enterprise and/or home user would like to authenticate the device using the manufacturer installed credential, this would work if someone could get a DANE validator into a stock browser.  sftcd, so, yes, all the little things could have entries in the zone file.
[10:17:51] <kaduk@jabber.org/barnowl> Do you have an "operating system" per se on the 4MB-RAM SOC?
[10:17:53] <mcr> But, DANE validator.
[10:18:06] <sftcd> @mcr: what zone file?
[10:18:07] <mcr> kaduk, FreeRTOS, RIOT-OS, Contiki.
[10:18:21] <Eric Rescorla> @mcr: when we've looked at this, the problem was less about DANE validation than about these devices not having meaningful names.
[10:18:23] <Eliot Lear> @sfcd +1.  Even zone discovery can be hard
[10:18:24] <mcr> sftcd, n12347435.devices.manufactures.example
[10:18:26] <dkg> kaduk, my first computer had much less than that, and it had an operating system :P
[10:18:32] <Eric Rescorla> If you have meaningful names, they can just get WebPKI certs, usually
[10:18:44] Rüdiger Volk leaves the room
[10:18:58] <Eric Rescorla> but the problem is that there are a zillion clients named "printer.local"
[10:19:05] <mcr> yes, Eric, you can. And IPv6 AAAA ULA records can link things up [I have running code]
[10:20:06] <mcr> http://printer.local is a 301 redirect to https://printer-12334545.devices.manufacturer.com/  provided you can resolve that to the real IP address. Easy for home routers, harder for printers, but doable.
[10:20:24] Quang-Huy Nguyen leaves the room
[10:20:44] <Eric Rescorla> sure, but the thing you present to the user is "printer.local" and so how do you persuade yourself that that mapping to printer-12334545.devices.manufacturer.com is right
[10:21:10] <sftcd> esp when manufacturer.com decides to switch off that service
[10:21:24] <mcr> yup. because http:// across IPv6-LL can certainly be spoofed by an attacker!
[10:21:30] Corinne Cath joins the room
[10:21:34] <mcr> (that wasn't sarcasm)
[10:21:47] <Bron Gondwana> (we can tell by the lack of NOT)
[10:22:02] <dkg> the point is that there isn't an unambiguous trust anchor when printing "printer.local"
[10:22:07] <jhoyla> @ekr, is there a slot for a subject AltName?
[10:22:14] <Eric Rescorla> @jhoyla: where?
[10:22:25] oej joins the room
[10:22:41] <jhoyla> In the printer certificate, so it could have printer.local _and_ printer-12334545.devices.manufacturer.com/
[10:22:49] Eric Rescorla leaves the room
[10:23:36] <dkg> jhoyla: would you trust a certificate that says sAN: printer.local ?
[10:23:43] <mcr> jhoyla, you can't have a certificate that says printer.local, because it's ambiguous.
[10:23:46] <dkg> surely every printer would ship with such a cert
[10:23:51] <mcr> and sometimes, it's printer-2.local
[10:23:52] <kaduk@jabber.org/barnowl> Would you trust a CA that would issue such a cert?
[10:23:56] Henk Birkholz joins the room
[10:24:06] <jhoyla> As much as I would trust a printer with _just_ printer.local.
[10:24:07] <dkg> kaduk: you might already be doing so :(
[10:24:12] Dave Thaler_630 leaves the room
[10:24:12] <Eliot Lear> i think .local is a bit of a red herring.  you clearly can't stick that in a cert
[10:24:41] Dave Thaler_394 joins the room
[10:24:42] <mcr> can't put it in a CABForum certificate. Stupid to put in a private-CA certificate.
[10:24:54] Tommy C joins the room
[10:24:59] <dkg> eliot: but that's just the point: if the user is connecting to its IoT via that label, we don't have a good way of proving it
[10:25:34] <Eliot Lear> If you are talking about service discovery, you need to tease that out from names
[10:25:44] Dave Thaler leaves the room
[10:25:54] <Fraser Tweedale> TLSA in mDNS can give you privacy, but not reliable authentication, because of how name conflict resolution "works"
[10:25:58] <sftcd> fwiw, I'd have no objection to someone defining a DANE based TLS client auth thing, but I still don't get that it'd get used if we did
[10:26:08] <mcr> so, in theory, the mDNS reply can actually tell you a longer label to connect with. But, to date, no software supports that.  We (CIRALabs SHG), recently worked around that by putting the FQDN label into the TXT as an attribute.
[10:26:22] <kaduk@jabber.org/barnowl> object security and DANE feels like a bit of a mismatch, since DANE
queries are about "what is currently valid" but you may want "what was
valid when the object was created"
[10:26:45] <mcr> okay, so what do to with this?
[10:26:53] <Eliot Lear> one issue is that many iot environments don't have DNS at all
[10:26:57] <francesca> thanks mcr :)
[10:27:01] <dkg> isn't the point that if we're "discovering" the service dynamically, we don't have a reliable name that we can anchor our trust on in the first place?
[10:27:04] <francesca> any opinion on dispatching?
[10:27:17] <Eliot Lear> iotops?
[10:27:20] <Eliot Lear> ;-)
[10:27:26] <mcr> Me, I'd punt to the IOTOPS proposed WG, but right now the charter for it wouldn't accept it anyway.  
[10:27:27] <jhoyla> Is resurrect DANE an option?
[10:27:37] <Richard Barnes> this doesn't sound like ops
[10:27:40] <jhoyla> (Not suggesting it, just asking about the process)
[10:27:46] <sftcd> if this were realistic, it ought be done in TLS, but I suspect it'd not get enough interest
[10:27:47] <mcr> (no work at all is really allowed in IOTOPS)
[10:27:55] <francesca> resurrecting would be an option if ADs are ok with it?
[10:27:56] <Eliot Lear> ANIMA?
[10:27:58] <Richard Barnes> a small, focused WG seems right to me IF we are going to do anything
[10:28:09] hardie leaves the room
[10:28:30] <Deb Cooley> is DANE the right tool for the job?
[10:28:31] <Phillip Hallam-Baker> This presentation assumes the problem is with the CAs. The problem is that PKIX is really not designed for devices. And moving to DNS doesn't really help much
[10:28:37] <mcr> Richard, your original question about what vendors would apply.
[10:28:49] <Eliot Lear> @rlb disagree: we have zillions of these concepts flying around.  Need to consolidate them into one place
[10:29:27] <mcr> a small focused WG would only work if we were sure that this solution was right.  It's close, but just not quite.  So we actually need to take this as a problem statement.
[10:29:31] <Richard Barnes> @eliot - great, let's have a BoF
[10:30:01] <mcr> no TLS.
[10:30:04] <Eliot Lear> I wonder if we should use iotops for that, to then further dispatch
[10:30:06] <mcr> do not reboot DANE.
[10:30:07] <Ted Hardie> These devices have colliding names all the time.  Anything trying to assure you of the device identity use that name is giving you a very different message than the assurance about non-colliding names.
[10:30:12] <mcr> UTA... maybe for part of it.
[10:30:16] <sftcd> dnsop? good luck with that:-)
[10:30:28] <Wei Pan> agree with Eliot, I think the whole picture of how to use DANE in IoT needs to be discussed
[10:30:46] <mcr> the only word we got was "Working?"
[10:30:54] mcr giggles.
[10:31:00] mcr been awake too long.
[10:31:03] <Christian Amsüss> phil, we don't hear you
[10:31:11] <jhoyla> :joy: That was _hilarious_.
[10:31:19] <Christian Amsüss> (all we heard was "does this work?")
[10:31:29] <francesca> sorry Phil we can't hear you :(
[10:32:05] <kaduk@jabber.org/barnowl> I am rather puzzled at what chain of events had to occur in order for
us to *only* hear Phill saying "is it working" and nothing else
[10:32:14] <Phillip Hallam-Baker> Devices really don't fit into the PKIX/X.509 model and DANE doesn't help very much.
[10:32:27] <mcr> kaduk, enemy action.
[10:32:37] <Phillip Hallam-Baker> @kaduk, I always assume hostile forces.
[10:32:47] <Deb Cooley> but who is the enemy
[10:32:49] <mcr> also, Phillip, we most see your wall, rather than your face.
[10:33:01] Brendan Moran joins the room
[10:33:04] <Deb Cooley> that's better
[10:33:26] <dkg> otoh, we heard phillip's wall just fine 😛
[10:33:33] <jhoyla> ACE and LAKE seem to be related to IoT auth, no?
[10:33:37] Jiankang Yao joins the room
[10:33:42] <mcr> LAKE too narrowly scoped.
[10:33:50] <kaduk@jabber.org/barnowl> ACE already committed to something else
[10:33:57] <sftcd> *everything* is related to iot-auth
[10:34:16] <sftcd> once you start in, it seems every possible tool is needed
[10:34:20] Sergey Myasoedov leaves the room
[10:34:51] Wes Hardaker leaves the room
[10:34:52] <Phillip Hallam-Baker> Is there a discussion list?
[10:35:02] <Eliot Lear> let's use iot-onboarding@ietf.org
[10:35:06] <sftcd> what's the bof topic?
[10:35:07] <mcr> I propose to use iot-onboarding!
[10:35:11] <mcr> or iotops@
[10:35:12] <Phillip Hallam-Baker> Threshold allows a very powerful apporach here
[10:35:23] <mcr> yes, Threshold is relevant too!
[10:35:24] <Phillip Hallam-Baker> Get rid of the need for DNSSEC and CAs
[10:35:57] <mcr> It's a non-WG forming BOF to understand the problem space, and also some of the details of what this solution proposes.
[10:36:08] stf joins the room
[10:36:50] Nasrul leaves the room: Disconnected: BOSH client silent for over 60 seconds
[10:36:55] <mcr> not sure who "you" is. Richard?
[10:36:58] <Henk Birkholz> thanks for the clarifiation, Michael
[10:37:12] <sftcd> I don't have related work (unless I've forgotten it overnight:-)
[10:37:37] Nasrul Zikri leaves the room
[10:37:38] <synp> I thought everything is related work
[10:37:41] <Phillip Hallam-Baker> SECDispatch interim... all day focused on this topid???
[10:37:43] Nasrul Zikri joins the room
[10:37:53] <sftcd> @synp: fair cop
[10:37:57] <francesca> we dont *DO* work, we only dispatch it Phil :)
[10:38:02] <mcr> Phillip, don't joke about such things.
[10:38:15] Roman Danyliw leaves the room
[10:38:22] Gilbert Verdian joins the room
[10:38:32] Gilbert Verdian leaves the room
[10:38:36] <mcr> there are a bunch of things in this space beyond printer.local problem. (not that isn't a problem, but there are many places where this is not a problem)
[10:38:51] <Eliot Lear> I still think getting this into IOTOPS wouldn't be a bad thing
[10:39:15] <mcr> I'm still hoping that some IESG types will answer my question about the objections to the charter.
[10:39:28] <mcr> I feel that we are shadow boxing on the IOTOPS Charter.
[10:39:31] <kaduk@jabber.org/barnowl> mcr: I think I missed that question
[10:40:11] Jan-Frederik Rieckers leaves the room
[10:40:21] <Eliot Lear> i definitely want the discussion to continue.  just use iot-onboarding to start with
[10:40:23] Jan-Frederik Rieckers joins the room
[10:40:31] <Eliot Lear> and we can move around from there
[10:40:33] <mcr> Ben, within the https://mailarchive.ietf.org/arch/msg/iotops/Mo01TIYried_6e3Ht5eiDqOhNJ0/ <https://mailarchive.ietf.org/arch/msg/iotops/Mo01TIYried_6e3Ht5eiDqOhNJ0/> thread, https://mailarchive.ietf.org/arch/msg/iotops/R958HALsZktdA5UERQyvn3r1o24/
[10:40:39] <Eliot Lear> and that gives us an opportunity to get into the principles
[10:40:45] <Eliot Lear> iot-onboading@ietf.org
[10:41:06] <Eliot Lear> thanks for the presentation
[10:41:14] Roman Danyliw joins the room
[10:41:23] Jiankang Yao leaves the room
[10:41:26] Jiankang Yao joins the room
[10:41:33] <Eliot Lear> yes
[10:41:35] Tommy C leaves the room
[10:41:47] <Eliot Lear> ok
[10:41:52] stf leaves the room
[10:41:54] Tommy C joins the room
[10:41:58] Eric Rescorla joins the room
[10:42:19] <mcr> Shumon, we should start on the list, and get something going.  I think that we can find enough willing ADs to let us schedule a virtual BOF, details/topics to be made clear.
[10:42:20] Roman Danyliw/jabber joins the room
[10:42:32] <Bob  Moskowitz> I would point out in DRIP we are looking to EPP for the DNS registration of the Unmanned Aircraft System components.
[10:42:50] <synp> Slides: https://datatracker.ietf.org/doc/slides-109-secdispatch-draft-santesson-svt/
[10:43:05] stf joins the room
[10:43:52] <Shumon Huque> Thanks @mcr - we'll start a discussion on the list. (Just catching up with jabber here ..)
[10:44:01] <mcr> DRIP's EPP registration could certainly result in a unique name on a device, and a TLS extension could leverage that.  [but again, unlikely a desktop browser will ever connect. APIs? no problem]
[10:44:38] Christian Amsüss leaves the room
[10:45:17] <jhoyla> This sounds similar to Compound authentication, where you can prove historic ownership of keys, even if the key has been compromised.
[10:45:46] <dkg> jhoyla: right, but "ownership of keys" doesn't mean "signature remains valid"
[10:46:16] <jhoyla> @dkg The idea would be proof of "signature was valid at the time".
[10:46:16] <Roman Danyliw/jabber> IOT Ops = https://datatracker.ietf.org/wg/iotops/about/
[10:46:19] <dkg> you have to also get a timestamp on the signature from some reliable, still-valid source
[10:46:30] Scott Rose leaves the room
[10:47:40] Jan-Frederik Rieckers leaves the room
[10:47:54] <Leif Johansson> @dkg trust chain for timestamps is an interesting question in itself. sometimes it would be useful to track a timestamp back to a time-lab (eg UTC source)
[10:48:05] <dkg> or have some other proof that the signature was valid at the given time
[10:48:34] stf leaves the room
[10:48:36] <kaduk@jabber.org/barnowl> I think Phill has an scheme for a cross-signing network of timestamp
authorities
[10:48:49] Dave Thaler_394 leaves the room
[10:48:52] <Leif Johansson> phil as in phb?
[10:48:58] Michael Richardson leaves the room
[10:48:58] <kaduk@jabber.org/barnowl> yes
[10:49:09] <jhoyla> Just so long as no-one says blockchain.
[10:49:09] rikard.hoglund leaves the room
[10:49:14] <Leif Johansson> nooo
[10:49:21] <Roberto Polli> Q: are those requirements related to eIDAS Regulation?
[10:49:26] <kaduk@jabber.org/barnowl> jhoyla: some bad news for you -- you just said it
[10:49:34] <dkg> but if you work from some sort of first-principles, amnesiac assumption (wake up fresh at time D, observe signature that claims to be made at time B by signer X, try to figure out whether the sig is valid) is really tough
[10:49:46] <Leif Johansson> @roberto - eidas talks about signature formats mostly
[10:49:51] <Tadahiko Ito> If it were with timestamp, wouldn't it be similar to Evidence Record Syntax (RFC4998)?
[10:51:03] <Deb Cooley> why does he have two cursors?
[10:51:05] Dave Thaler joins the room
[10:51:09] <Leif Johansson> @roberto and also about trust chains
[10:51:13] <Deb Cooley> and which is the real cursor?
[10:51:26] <dkg> Deb, i think we're seeing screensharing artifacts
[10:51:43] <Deb Cooley> bizarre
[10:51:47] <Kathleen Moriarty> Deb - I think the top one, but it was effectively pointing to both things that he wanted to
[10:52:04] <dkg> i'm also seeing pixel trails from the cursor(s)
[10:52:09] <dkg> but maybe i'm just real tired
[10:52:13] <kaduk@jabber.org/barnowl> same here
[10:52:15] <Leif Johansson> @dkg yeah - thats turtles all the way down. svs is about picking a turtle to stand on
[10:52:15] <Deb Cooley> no, you are.
[10:52:26] <francesca> 8 more minutes guys :)
[10:52:38] <Kathleen Moriarty> Yes, I tried to clean my screen - I'm tired
[10:52:56] <jhoyla> Does the authority need to resign the tokens every so often, to avoid losing the final point of trust.
[10:52:59] <jhoyla> ?*
[10:53:22] <Russ Housley> @Tadahiko Ito: This is not the same as the LTANS approach
[10:53:50] <Leif Johansson> @jhoyla yeah you can do that - or some other SVS authority can sign based on trust in the first one
[10:53:54] tim_costello leaves the room
[10:53:57] <Richard Barnes> not clear to me why this is an IETF problem
[10:54:02] Roman Danyliw/jabber leaves the room: Disconnected: Broken pipe
[10:54:09] <Roberto Polli> @Leif yes, eIDAS has both principles (it is a Regulation) and implementation (cades, pades). Recently I've been told ETSI started working on a JSON (jades) profile with a set of associated claims.
[10:54:35] <francesca> Stefan heard you, Richard
[10:54:35] <Leif Johansson> @roberto yeah I'm sure
[10:54:43] Eliot Lear leaves the room
[10:54:46] <Eric Rescorla> The fact that nobody else is working on it is not really an argument that we should
[10:54:49] Eliot Lear joins the room
[10:55:23] <jhoyla> @Leif Johansson, but do tokens _have to_ get periodically resigned / grow over time?
[10:55:45] <Roberto Polli> @Leif @Eric other are working on this (ETSI). I suggested them to interact with IETF but I don't know if that happened
[10:55:52] mohit joins the room
[10:56:02] <kaduk@jabber.org/barnowl> Francesca just said it, yes, but some of this should go to the mic
[10:56:08] stf joins the room
[10:56:30] <Leif Johansson> @jhoyla yes
[10:56:38] Eliot Lear leaves the room
[10:56:47] Eliot Lear joins the room
[10:56:48] <jhoyla> Happy to go to the mic, but I think my comments are unrelated to dispatch.
[10:57:06] <kaduk@jabber.org/barnowl> I was looking at Richard and Eric, I think
[10:57:56] <Roberto Polli> I think we should aim at a single spec.
[10:58:07] Ash Wilson leaves the room
[10:58:51] <Fraser Tweedale> lamps does not seem like correct WG to me; this is not a PKIX mechanism, even if it does make use or reference of some PKIX mechanisms.
[10:59:02] <francesca> thanks Fraser
[10:59:16] <Fraser Tweedale> (if it is to go a WG at all)
[10:59:21] <kaduk@jabber.org/barnowl> Fraser: you didn't rule out the S/MIME part of LAMPS ;)
[10:59:24] <Eric Rescorla> I agree it doesn't belong in LAMPS
[10:59:31] Roberto Polli leaves the room
[10:59:34] Roberto Polli joins the room
[10:59:40] <Eric Rescorla> This seems like it would need a new WG
[11:00:16] <jhoyla> But if the certificate used gets compromised then I can forge a signature for any document I choose!?
[11:00:21] Eric Rescorla leaves the room
[11:00:39] <sftcd> +1 for not-LAMPS
[11:00:44] metricamerica leaves the room
[11:01:02] <kaduk@jabber.org/barnowl> The link again is https://www.ietf.org/how/lists/nonwglist-guidelines/
with the information needed for a new mailing list
[11:01:23] Jie Yang leaves the room
[11:01:26] <synp> Reanimated LTANS?
[11:01:36] <Tadahiko Ito> @Russ thanks, I see that is non-LTANS approach.
[11:01:46] <sftcd> if the session is ended like LAKE was you'll need to summarise more quickly maybe:-)
[11:01:58] <Kathleen Moriarty> ha
[11:02:10] <Eliot Lear> thank you chairs
[11:02:10] Tommy C leaves the room
[11:02:13] Jaime Jimenez leaves the room
[11:02:15] <dkg> thanks all
[11:02:15] Luigi Iannone leaves the room
[11:02:16] Joseph Salowey leaves the room
[11:02:17] <Roberto Polli> thx++
[11:02:17] <Fraser Tweedale> thanks!
[11:02:17] Dominique Lazanski leaves the room
[11:02:17] Alissa Cooper leaves the room
[11:02:17] Valery Smyslov leaves the room
[11:02:17] Corey Bonnell leaves the room
[11:02:18] Jessica Fitzgerald-McKay leaves the room
[11:02:18] Mark McFadden leaves the room
[11:02:18] Richard Barnes leaves the room
[11:02:19] Riccardo Nanni leaves the room
[11:02:20] Éric Vyncke leaves the room
[11:02:21] <Jonathan Hoyland> Thanks all
[11:02:22] Yaron Sheffer leaves the room
[11:02:22] Patrick Tarpey leaves the room
[11:02:22] Dave Thaler leaves the room
[11:02:24] mohit leaves the room
[11:02:26] Robert Moskowitz leaves the room
[11:02:26] Leif Johansson leaves the room
[11:02:27] Thomas Hardjono leaves the room
[11:02:27] Michael Jenkins leaves the room
[11:02:27] Kirsty P leaves the room
[11:02:27] Henk Birkholz leaves the room
[11:02:28] Göran Selander leaves the room
[11:02:29] Eliot Lear leaves the room
[11:02:29] Nicklas Pousette leaves the room
[11:02:29] stf leaves the room
[11:02:30] Nasrul Zikri leaves the room
[11:02:30] Greg Wood leaves the room
[11:02:31] Bron Gondwana leaves the room
[11:02:33] Jonathan Hoyland leaves the room
[11:02:33] Alexey Melnikov_273 leaves the room
[11:02:35] Nancy Cam-Winget leaves the room
[11:02:36] Olle Johansson leaves the room
[11:02:37] James Galvin leaves the room
[11:02:38] Wei Pan leaves the room
[11:02:39] marco.tiloca leaves the room
[11:02:39] Yoav Nir leaves the room
[11:02:40] Fraser Tweedale leaves the room
[11:02:45] Deb Cooley leaves the room
[11:02:47] Stefans leaves the room
[11:02:47] Tero Kivinen leaves the room
[11:02:48] <dkg> do i need to do anything else with the notes?
[11:02:49] Kathleen Moriarty leaves the room
[11:02:49] Ken Takayama leaves the room
[11:02:49] Ted Hardie leaves the room
[11:02:51] Brendan Moran leaves the room
[11:02:51] Jiankang Yao leaves the room
[11:02:51] <Roman Danyliw/jabber> Big thanks to Francesca, Kathleen and Richard.
[11:02:51] Kathleen leaves the room
[11:02:53] <dkg> or are they automatically ingested now?
[11:02:55] Bob  Moskowitz leaves the room
[11:02:57] Satoru Kanno leaves the room
[11:03:00] <dkg> (since they're on codimd)
[11:03:02] <francesca> Thank you!
[11:03:11] Jonathan Hammell leaves the room
[11:03:11] synp leaves the room
[11:03:15] <francesca> THANK YOU dkg for note taking!!
[11:03:16] sftcd leaves the room
[11:03:22] <francesca> Was too quick and forgot to say :/
[11:03:23] ThomasHardjono leaves the room
[11:03:26] Eberhard Lisse joins the room
[11:03:36] <francesca> I'll take care of them, from codimd. Thanks again!!
[11:03:37] Monika Ermert leaves the room
[11:03:39] Robert Story leaves the room
[11:03:44] tim costello leaves the room
[11:03:53] Roberto Polli leaves the room
[11:03:53] Roman Danyliw leaves the room
[11:03:53] Corinne Cath leaves the room
[11:03:53] Daniel Gillmor leaves the room
[11:03:53] Dan York_629 leaves the room
[11:03:53] Phillip Hallam-Baker leaves the room
[11:03:53] Russ Housley leaves the room
[11:03:53] Alessandro Toppi leaves the room
[11:03:53] Guy Fedorkow leaves the room
[11:03:53] Francesca Palombini leaves the room
[11:03:53] Eberhard Lisse leaves the room
[11:03:53] Tadahiko Ito leaves the room
[11:03:53] Tobia Castaldi leaves the room
[11:03:57] dkg leaves the room: leaving
[11:04:03] Kathleen joins the room
[11:04:03] Meetecho leaves the room
[11:04:29] Kathleen leaves the room
[11:05:01] francesca leaves the room
[11:05:29] Göran leaves the room
[11:11:09] tim_costello joins the room
[11:11:24] jhoyla leaves the room
[11:11:26] jhoyla joins the room
[11:16:10] rikard.hoglund joins the room
[11:18:25] jhoyla leaves the room
[11:18:26] rikard.hoglund leaves the room
[11:18:29] jhoyla joins the room
[11:24:22] ko-isobe leaves the room
[11:32:32] rikard.hoglund joins the room
[11:34:35] rikard.hoglund leaves the room
[11:35:41] Shumon Huque leaves the room
[11:37:31] rikard.hoglund joins the room
[11:43:42] rikard.hoglund leaves the room
[11:44:23] rikard.hoglund joins the room
[11:45:44] rikard.hoglund leaves the room
[11:59:35] rikard.hoglund joins the room
[12:00:07] oej leaves the room
[12:04:32] alex-meetecho leaves the room
[12:10:46] rikard.hoglund leaves the room
[12:14:26] rikard.hoglund joins the room
[12:16:24] rikard.hoglund leaves the room
[12:59:41] rikard.hoglund joins the room
[13:01:39] rikard.hoglund leaves the room
[13:02:20] tim_costello leaves the room
[13:02:43] tim_costello joins the room
[13:09:42] rikard.hoglund joins the room
[13:16:49] rikard.hoglund leaves the room
[13:17:03] Shumon Huque joins the room
[13:22:37] Shumon Huque leaves the room
[13:30:20] roman joins the room
[13:30:27] Shumon Huque joins the room
[13:30:37] Shumon Huque leaves the room
[13:44:26] rikard.hoglund joins the room
[13:46:33] rikard.hoglund leaves the room
[13:46:55] Roman Danyliw/jabber leaves the room: Disconnected: closed
[13:59:41] rikard.hoglund joins the room
[14:01:48] rikard.hoglund leaves the room
[14:05:16] roman leaves the room: Disconnected: Received SIGTERM
[14:05:29] roman joins the room
[14:05:58] roman leaves the room: Disconnected: Received SIGTERM
[14:06:59] roman joins the room
[14:06:59] roman leaves the room
[14:07:26] rikard.hoglund joins the room
[14:08:14] roman joins the room
[14:08:14] roman leaves the room
[14:23:36] rikard.hoglund leaves the room
[14:24:39] Kathleen joins the room
[14:24:55] rikard.hoglund joins the room
[14:26:58] rikard.hoglund leaves the room
[14:34:50] rikard.hoglund joins the room
[14:36:49] rikard.hoglund leaves the room
[14:40:54] ThomasHardjono joins the room
[14:44:52] ThomasHardjono leaves the room
[14:49:35] rikard.hoglund joins the room
[14:50:03] lellel joins the room
[14:51:26] lellel leaves the room
[14:56:04] rikard.hoglund leaves the room
[14:59:41] rikard.hoglund joins the room
[15:02:59] tim_costello leaves the room
[15:03:07] lellel joins the room
[15:07:39] rikard.hoglund leaves the room
[15:10:25] rikard.hoglund joins the room
[15:12:27] rikard.hoglund leaves the room
[15:20:35] rikard.hoglund joins the room
[15:25:29] lellel leaves the room
[15:29:49] lellel joins the room
[15:30:35] lellel leaves the room
[15:31:48] rikard.hoglund leaves the room
[15:34:02] Kathleen leaves the room
[15:34:50] rikard.hoglund joins the room
[15:36:50] rikard.hoglund leaves the room
[15:49:35] rikard.hoglund joins the room
[15:51:34] rikard.hoglund leaves the room
[15:54:22] Kathleen joins the room
[15:59:42] rikard.hoglund joins the room
[16:01:42] rikard.hoglund leaves the room
[16:10:28] rikard.hoglund joins the room
[16:29:36] rikard.hoglund leaves the room
[16:37:10] rikard.hoglund joins the room
[16:38:39] lellel joins the room
[16:39:24] lellel leaves the room
[16:40:39] rikard.hoglund leaves the room
[17:09:33] Kathleen leaves the room
[17:11:37] rikard.hoglund joins the room
[17:13:42] rikard.hoglund leaves the room
[17:31:31] jhoyla leaves the room
[17:36:18] lellel joins the room
[17:36:55] lellel leaves the room
[17:44:29] rikard.hoglund joins the room
[17:46:31] rikard.hoglund leaves the room
[17:55:28] rikard.hoglund joins the room
[17:57:27] rikard.hoglund leaves the room
[18:01:50] rikard.hoglund joins the room
[18:13:04] rikard.hoglund leaves the room
[18:16:44] rikard.hoglund joins the room
[18:18:44] rikard.hoglund leaves the room
[18:21:06] stf joins the room
[18:21:39] stf leaves the room
[18:27:39] rikard.hoglund joins the room
[18:36:02] rikard.hoglund leaves the room
[18:44:50] rikard.hoglund joins the room
[18:46:50] rikard.hoglund leaves the room
[18:52:37] rikard.hoglund joins the room
[18:53:36] rikard.hoglund leaves the room
[18:56:02] Kathleen joins the room
[19:01:39] bhoeneis joins the room
[19:09:40] rikard.hoglund leaves the room
[19:11:04] Kathleen leaves the room
[19:27:42] rikard.hoglund joins the room
[19:29:42] rikard.hoglund leaves the room
[19:39:17] Kathleen joins the room
[19:44:34] rikard.hoglund joins the room
[19:46:35] rikard.hoglund leaves the room
[19:53:35] Kathleen leaves the room
[19:54:32] rikard.hoglund joins the room
[20:05:45] rikard.hoglund leaves the room
[20:06:03] rikard.hoglund joins the room
[20:12:03] Alexey Melnikov leaves the room
[20:12:29] ash leaves the room
[20:17:03] Kathleen joins the room
[20:23:08] rikard.hoglund leaves the room
[20:29:36] Kathleen leaves the room
[20:54:36] rikard.hoglund joins the room
[20:56:36] rikard.hoglund leaves the room
[21:00:05] ash joins the room
[21:10:17] lellel joins the room
[21:10:28] rikard.hoglund joins the room
[21:10:47] lellel leaves the room
[21:11:15] Kathleen joins the room
[21:12:31] rikard.hoglund leaves the room
[21:13:10] c.amsuess leaves the room
[21:21:28] rikard.hoglund joins the room
[21:28:08] Kathleen leaves the room
[21:33:00] rikard.hoglund leaves the room
[21:34:54] rikard.hoglund joins the room
[21:36:54] rikard.hoglund leaves the room
[21:39:26] lellel joins the room
[21:46:37] rikard.hoglund joins the room
[21:52:54] lellel leaves the room
[22:05:05] rikard.hoglund leaves the room
[22:23:46] lellel joins the room
[22:24:22] lellel leaves the room
[22:53:26] lellel joins the room
[22:53:56] lellel leaves the room
[23:03:45] lellel joins the room
[23:04:17] lellel leaves the room
[23:36:30] ash leaves the room: Disconnected: read timeout
[23:49:58] rikard.hoglund joins the room
[23:56:44] rikard.hoglund leaves the room
[23:59:20] lellel joins the room
[23:59:51] lellel leaves the room