IETF 60 Plenary Thursday Meeting Minutes
IRTF presentation: ASRG Report (John Levine)Have broken problem domain into pieces, some closer to IETF than others
Working on drafts for BCPs for ISPs that want to do the right thing (DNSBL/DNSWL, port 25 blocking), but we've never written down our best current practices before
Looking at filtering rule exchange, looking at formats for abuse reports
Would like to develop common interfaces for reputation systems
Not defining SPAM, not doing challenge/response, not doing e-postage, not doing replacements for SMTP
Something like 34 anti-SPAM groups working now, including ITU-T - and the standards process comparison is scary...
SPAM is bad, solutions are hard, we can make incremental progress
Dave Crocker - there's a spec in CSV proposal on reputation systems - can people look at it and comment?
ASRG website is available at http://asrg.sp.am
Brian Carpenter - fixing SPAM in two years? How long, really?
John - we'll never solve the SPAM problem, but in two years we could have a handle on it - all the way to never, of course, but in five years, people will have given up on e-mail
Scott Bradner - ITU-T asking how they can cooperate with us
IAB Security workshop retrospective - Bernard Aboba, Pete Resnick, Eric RescolaThanks to Steve Bellovin, who actually ATTENDED the workshop :-}
In 1997 - two years before the CERT rate of increase went vertical
Trends then - rate of attacks increasing, attackers getting smarter
Common wisdom - build in security, get more serious about security, IPsec not a panacea - but no mechanisms
Trends now - scope and sophistication of attacks continues to grow, money now a motivator, peer-to-peer and multi-party protocols on the rise, authorization matters now, most vulnerabilities are now application-level - threat model is evolving
Can an attacker make money? Can an attacker cause havoc on regional/national scale?
Core mechanisms have not fared well (DNSSEC, IPsec/ISAKMP, S/MIME) - non-core mechanisms more successful
Ease of use is significant, especially ease of deployment - SASL, EAP easier for developers
Coordination requirement makes it harder to deploy a mechanism, even within a company
Don't repeat lessons of ISAKMP with GSS-API, EAP, SASL
1997 missing pieces were object security, secure e-mail, routing security. Missing pieces now are peer-to-peer, multiparty, DDoS, Phishing
Look past today's problem, document your dependencies, understand large-scale risks
Financial crimes (credit card theft, etc.)
Spammers paying bounty on compromised systems
Paying for an arbitrary attack
Spammers are trying to sell things with spambots, too
Eliot Lear - smart card reader, smart card, contract, and PIN for just one account - problem has usability and API issues, users are awash in keys. Broader than IETF, how to make progress?
Ted Hardie - DDoS categories - now there IS a different between slash-dot and DDoS - behaving like legitimate users, SYN flooding isn't legitimate, but some attacks are - include attack detection profiles in protocol definitions?
Eric - we do need to give a different type of security guidance
Hilary - Threat model hasn't changed - it's always about money, the IETF could usefully take security seriously and focus on infrastructure security. We aren't going to fix application security in the IETF (we've known about buffer overflows for a while now) - attackers aren't attacking you, they're now attacking regions and nations
Pete Resnick - security issues have moved into applications, when they weren't there before. Perfectly valid SMTP clients are doing a lot of the damage.
Bill Summerfeld - Zombie armies give attackers a lot more resources than you think
Dave Crocker - scaling is the only problem on the Internet, what does that mean in this situation? This is complex and we don't have a good track record on complex problems. How do we get a dialog going? IPsec and DNSSEC haven't lived up to expectations - why not? Where's the lessons learned, so we learn lessons? - deployment does matter - will IPsec and DNSSEC ever live up to expectations? - People here have been saying APIs would help a lot, maybe they're right
In the mid-1980s, no one had a clue about DNS at all, much less about security, we think we got it right this time, three designs later.
Operator involvement will be critical, because we didn't have it the first two times. And we tried.
People still ignore security advisors today. - Sometimes laziness is rational.
Putting stuff into standards isn't implementing it. IETF solution diversity is amazing, but they have been designed piecemeal.
Application security has been around for a long time, we've just ignored it. Operational information needs to come down the stack.
Derek Atkins (?) - Application security problems have been around, it's just starting to hurt. Abstract interfaces are defined for the successful mechanisms. IPsec doesn't have an abstract interface.
Bernard - IPsec doesn't have protocol problems, it has API problems.
IETF Reorg: Status report - Harald AlvestrandWhat we want the IETF to be doesn't change from meeting to meeting - mission statement is now approved by IETF
PROTO, ICAR, NEWTRK are making progress, and some small things are done
Five procedural BCPs and an Experimental RFC approved since Seoul
IESG is becoming more effective - more focus on "critical" issues, better edit cycles, better throughput
Still working to improve the process
Change efforts quieting down - are people giving up, becoming happier, or going back to technical work?
Will focus on IESG processing (tracker toolmaking, reasons to block, WG chair shepherding) and ICAR (looking for volunteers, THIS MEANS YOU)
How to measure the effects of what we've done? even subjectively
Dave Crocker - things are getting better, this is good, two years ago things were not good. Can we check on how people are feeling?
Scott Bradner - will discussion on "why to block publication" be public? Harald - yes, but we won't promise a date
Brian Carpenter - customer satisfaction survey would be nice but annoying. We need to tell the world we think our problems are getting smaller
Attendance drop-off has stopped dropping
Spencer Dawkins - thank you (to the current and former members of the IESG) who have made our processes run a little closer to what we said they are, and are continuing to do so, even when it's a lot of work to make process improvements (and people applauded)Fred Baker - we're at the size of the Adelaide meeting in 2000, and the average meeting size in 1998 - plenaries involve less vegetable-throwing now, and plenaries started with a LOT of vegetable-throwing post-Kobe. The IETF is moving beyond many of the problems we've had.
Sue Hares - I'm still concerned about some of the changes coming. Chairs are still editors. We still have problems. A lot of the reason people are still working has to do with the caliber of people.
IETF AdminRest: Status report and introduction - Leslie Daigle and HaraldWe need to grow up and take on our own responsibilities, and we really appreciate CNRI for shielding us from having to grow up for a very long time!
We had a vision at IETF 59 for what Administrative Restructuring would mean...
Carl Malamud is drafting a specific implementation proposal as a consultant to IETF. Expect a document in a few weeks. Working on getting from principles to details
Proposal will be discussed on the IETF list
Administrative entity will be positioned so that it is responsible to and responsive to the IETF community - a different relationship than the IETF has with ISOC
This isn't an announcement, it's not even a proposal. It will be implemented over time, if it is implemented. But the first question is, are we headed in the right direction? We aren't even ready to ask for consensus yet.
Not sure whether administrative entity should be independent of ISOC or part of ISOC - still wondering, and this has a lot of impact on the governance structure we end up with.
We expect to establish a transition leadership team, find and hire the first employee who will do the work, run an open RFP process for support functions - as soon as we have the consensus to support it. We would like to be running by yearend.
Henry Sennrich - why do we need to mess around with something that seems to work well? Secretariat gets kudos every meeting. Haven't read RFC, but don't understand.
April Marine - in general, the correct way to go. Thank you for thanking the people who have supported us for so long. What does "responsible to the IETF community" actually mean? Who is the boss of the administrative entity? This is an improvement, but it's entirely new.
Fred Baker - there is a chain of command. The person could be an ISOC employee who reports to me, not to Harald. But that's not a great plan. The ISOC will provide an office and a paycheck, but the person will report to the IETF. Leslie - "reporting to the 20,000 people who subscribe to IETF mailing lists..."
Carl Malamud - we're making proposals - please read the drafts! and be brutally honest.
Spencer Dawkins - where will these proposals be discussed?
Harald - on the IETF list.
Joe Hildebrand - is one person enough to cover these tasks? especially if we need to do more PR and marketing?
Harald - I'd like to separate jobs, so we probably won't dump a whole lot on one person at once.
Jonne - we're not going to move forward until consensus - does this mean IETF Last Call? - Harald - yes
Bob Kahn - CNRI really is involved in the current scenario - we should be on the slide. Along with ISI, we turned the IETF to a premier standards organization. We've been working with Foretec as a way to save money. We've stayed out of the way in standards production. Thanks to Foretec for your support, so far. CNRI also helped to start ISOC. A lot is at stake here - nothing less than the ability of the Internet architecture to evolve in the public interest. We aren't to the filling-out-details stage yet. We've been able to support the IETF with meeting fees and other funds, with no government funding or involvement, since 1998. There was a MoU at that time. I gave Harald and Leslie a list of my concerns last December. We haven't worked these concerns out yet. CNRI has offered to help create a separate non-profit to carry out this work, and we haven't had any subsequent discussion - only being informed last Monday that a decision had been made to move forward with an administrative entity. Your input is important for many reasons. One major concern is the composition of the board of directors. Wiser heads have always worked things out in a crisis at the IETF. CNRI would like to support this effort and see it succeed, but the IETF community needs to provide input. Undue delay is bad, but so is premature action. Go in with your eyes open, and have an open and public discussion. This goes far beyond CNRI's interests, is not a small administrative matter, and is about the future of the Internet. The future isn't assured. Ask the hard questions - they haven't been asked yet.
Ted Hardie - it hasn't just been CNRI, a lot of your "we"s have been "you". (applause) You're saying we should be paying attention, and we ought to be scared, and we have a path forward. We've learned that we can count on individuals, you, Vint, and Jon, but we've also learned we need a structure that lasts longer than Harald, Leslie, Fred ... Bob - Harald and Leslie are working hard on these interests, but we need more input.
Fundraising and staffing have been the biggest challenges during a period of economic downturn and reduced attendance. Vint and Phil Gross were CNRI employees during their IETF leadership years.
Hillarie - this is a very serious issue - we don't want to be 802.IETF in two years.
Dave Crocker - I'm trying to imagine being the staff of Foretec, the RFC Editor, the IANA seeing these slides. (applause) But there are a lot of rumors this week. Has the decision been made? - Harald/Leslie (?) No. IESG and IAB expect to do a transition by yearend, but the transition is to a formalized relationship.
Harald - we know this is scary stuff in a lot of ways. We haven't talked much about it in public because we didn't need to scare people with decisions we hadn't made. Now we've put this idea forward, so it's time to move forward to a stable resolution.
Scott Bradner - current secretariat will run DC meeting? - Yes
Brian Carpenter - couldn't believe IETF had three major relationships (CNRI, RFC Editor, IANA), with only one governed by a contract (RFC Editor). We've done IANA now, we need to do CNRI. It's time. For companies contributing with ISOC fees, we don't want to see a gap between ISOC and the administrative entity that will confuse contributors writing checks.
Harald - think there is some distance that's good, with fundraising in one place and administration in another (ISOC gets, IETF spends) - but it's largely meeting fees, anyway.
Donald Eastlake - happy with secretariat, doing the right thing - should NOMCOM help with board of trustees?
Bernard - keep our eyes on what needs improving. Get a sense of priorities in a week or two and work on high-runners. Concentrate on what makes a difference in the way we work around here.
Gregory - remember how we move from one protocol to another in this transition. We don't immediately deprecate the old one until we have a lot of experience with the new one.
Harald - it's more like IANA registration - we can only have one set of procedures at a time. Anyway, what Bob said - read the documents and tell us what you think.