IntArea WG Minutes
IETF 101 - London
15:50-17:20 Monday January 19, Afternoon Session II, Sandringham 

Chairs:
Juan Carlos Zuniga (JCZ) (SIGFOX)
Wassim Haddad (WH) (Ericsson)
Minutes - Ian Farrer (IF)


1. Agenda Bashing, WG & Document Status Updates (Chairs) 
   10 minutes

Suresh Krishnan (SK) Discussion oin IESG for logging with ports (CGN logging). The recommendations on whether it is practical, inventory of what's in servers.
It'll be presented at the end. I'd apprecitate it if you would pay attention and see if we should update the BCP.
=============


2. Discovering Provisioning Domain Names and Data, Eric Vyncke (EV)
   15 minutes
   draft-ietf-intarea-provisioning-domains-01

Volunteers to review the current version of the draft:
Tim Chown, Ted Lemon, Mikael Abrahamsson, Ian Farrer

No questions.

JCZ - We have asked the Security Area directorate to provide a review. Hopefully, we'll get something back from them.
==============


3. IP Tunnels in the Interent Architecture, M. Townsley (MT)
   10 minutes
   draft-ietf-intarea-tunnels-08

Not presented.
==============


4. Generic UDP Encapsulation and Extensions, Tom Herbert (TH)
   10 minutes
   draft-ietf-intarea-gue-05 
   draft-ietf-intarea-gue-extensions-03 

Gorry Fairhurst (GF) - I'm curious about why you need 3 CRC formats?
TH - It's s 2-bit field so there's 3 combinations. THe argument is that CRC-32 is expensive, so CRC-16. I couldn't find consensus on what is preferred in the IETF communiti
GF - This is creating options for the sake of it. We used CRC-32c in the SCTP community. Theres a doc that discusses the difference. Computationally it's not that much more expensive.
TH - They all have a length field, so it's optional. I don't have a strong opinion.

David Black (DB) - if you want ot use more more than one format, let me give you another option. I-SCSI CRC-32c are implmented in hsrdware and so are cheap. I suggest two stages:
    1, get rid of CRC16 
    2, require CRC-32c
If you stop at step 1, I won't complain
    
GF - Why not ask in TSVWG? The transport area can give you some feedback.
=============


5. Identifier-locator Addressing for IPv6, Tom Herbert (TH)
   10 minutes
   draft-herbert-intarea-ila-00

JCZ - People with comments and/or interest are encouraged to attend the BoF meeting later this week.
==============


6. Privacy and Network Address Assignment, Tom Herbert (TH)
   5 minutes
   draft-herbert-ipv6-prefix-address-privacy-00
   
   
Tim Chown (TC) - 1, I think this is useful. Compared to privacy of hosts as it stands, you might want public and private prefixes.
TH - We would do a block allocation for priviacy.
TC - If something was allocated from an ISP, then a rotating prefix and a stable prefix would be good. Rather than renumbering.
TH - I'mn not sure it's rotasting. They could be requested on demand.
TC - This shares lot of problems that we have with CGNs. Users use VPNs for privacy. We're looking for more subltle privacy. I'd like stability for services.
TH - I'd imagine there was a lot of legacy
TC - I think there's some more pragmatic things that need to be considered.

Lorenzo Colitti -(LC) - I think stating these goals is misleading. You said it's out of scope of what an ISP can do for provicay, but declaring it out of scope doesn't make it so.
The fact of the matter is the ISP has to maintain a log of everything you did. If they just give you a prefix that rotates, they don't have to keep all of that information. I don't
think that's a full solution.
TH - What you do with NAT is the same. ISPs have to keep this information.
LC - I don't know that's true.
TH - It's not clear to me why that is. The NAT logs should be enough to for law enforcement.
LC - The server may not hold the source port information
I think basically declaring it out of scope is an error. Any solution that gives the ISP all of the information. You dont' have to track every connection
TH - You don't have to do that here either
LC - One proposal was a different address, so this would need to be logged.
TH - If I assign 1 address and it's used for one connection, the you have to track that. NAT knows more than that (the port).
LC - I'm talking about the goal. We have to provide privacy. One solution under your scheme is that the ISP logs every 5-tupler

Kyle Larose (KL) - If I give millions of IPs to every host, can the ISP run out of addresss?
TH - They're blocks of /128s.

Dave O'Reilly (DO) - The law enforcement perspective from people that I've worked with is if there's any illegal activity, the focus of interest will be on who was controlling the IP address at the time?
ISP's are required, almost everywhere, under regulation to identify subscribers - so the proposed privacy measures will need to take this into account.
The other point I wanted to make is that connection logging is a terrible idea. The risk of the loss of that data is huge. If it gets out you can see everything that I was broswing. The volume of logging generated is also prohibitive.
If there was some alternative, then I would like to see it.
TH - It's a good point. But, this solution is not connection logging. It's address allocation tracking. I'm assuming law enforcement had... (missed)
   
Nick Doty (ND) - If we have too many rotating identifiers at once we may lose the privacy if they aren't rotated in a coordinated way.
TH - The client has control over this. Please look at the draft. Maybe the attackers haven't got to this level yet, but it's going to be a problem.
ND - I'll follow up.
===================

7. IP Fragmentation Considered Fragile, Ron Bonica
   15 minutes
   draft-bonica-intarea-frag-fragile-01

JCZ - How many people have read the draft?
(10 or so hands)

DB - I'm here to help! Please make sure that what you do here is aligned with the intarea tunnels draft. There's fragmentation text in there so make sure they match up.
===================

8. SOCKS v6, Vladimir Oltenau
   10 minutes
   draft-olteanu-intarea-socks-6-02

JCZ who has read any version of the draft
(c. 10 people)
I encourage people to read this version and provide comments.
==================

9. Availability of Information in Criminal
   Investigations Involving Large-Scale 
   IP Address Sharing Technologies, David O'Reilly (remote) (DO)
   5 minutes
   draft-daveor-cgn-logging-02

Chritian Huitema (CH) - Clarification question. Are you asking for this log in the network or in the ANT
It's the servers that are logging. Most people running a NAT have to provide logging in accordance with their national regulations. For CGN, if there is no time or source port, the ISP can't query the logs, even if they have them. Therefore there's an information gap in some CGN scenarios.
If your website got hacked and you don't have the source port and time, you've go no chance.

Alain Durand (AD) -  I was one of the original 6302 authors, I take your point. We could have an offline conversation about an updated version of the document.

DO - The scope could be exteded to provide guidance to implementors of server software.
There's cases where peolple writing in house software may use this as well.

Michael Abrahamsson (MA) - I've done this and provided lists of 16 sddresses for PBA. This is enough.
DO - I believe in Belgium, 16 is mandated somehow.

SK - I want to gauge if there's Is there interst in updating RFC6302.

EV - In Belgium, it's a volutary thing
==================