Technical Plenary 1. Welcome and introduction (Leslie Daigle) 2. IAB Chair Report (Leslie Daigle) see slides 3. IRTF Report (Aaron Falk) see slides 4. Technical Presentations: 4a. Highlights from draft-iab-net-transparent (Bernard Aboba) see slides Eliot Lear: there are barriers in terms of renumbering for large corporations and networks. Points renumbering RFC (RFC 4192?). 4b. Readout from Unwanted Traffic Workshop (Danny McPherson & Loa Andersson) see slides Sam Hartman: not sure how such an interesting workshop got quite such a boring summary? He wants to encourage everyone to read the actual report. This is important. It may be old news to you, but it has not started reaching protocol design yet. Bob Briscoe: the solutions do not mention congestion control. Dave Crocker: glad Sam made that comment. Threats have been known for quite a few years. To my knowledge, there are no known solutions (misleading term), only suggestions. The thing that is saving us so far is that the bad guys want the Internet to be running, too. Not sure what the purpose of this workshop was. Leslie: the goal of the workshop and of the report is primarily consciousness raising. Bob Braden: did you consider the flip side of this problem: the solutions can be used by governments to surpress and tap information Danny: yes, we did consider that. Stewart Bryant: how much of this is actually in the Operating System? Danny: everyone has to do their parts, the IETF, the OS developers etc. Stewart: if we could achieve the OSes to be less vulnerable, that might help. Eliot: would like to ask the IAB where they think the gaps are several years out. Merike Kaeo: teaches on security. Nobody wants to pay for it. A huge part is education. Even at the ietf, there are protocols being designed without security being included. Security is often added later as an add-on. It needs to be an integral part from the start. There are also a lot of security mechanisms out that are not deployed. Security needs to be addressed at all levels: vendor, user, education, protocol design. Bob Hinden: we should not spend too much time making things perfect. we shpuld ship things faster and make deployment easier. Eric Burger: if we don't help fix it, governments will fix it and we might not want that. Loa Andersson: doesn't think thsat all this is old news. We need to raise awareness in the entire community. It is a community issue. Eric Rescorla: does security for a living. He came out of the workshop pretty pessimistic. Merike had it right: the situation is far worse than what he was aware of. This was an elightning experience. We should be afraid. Bernard Aboba: the resources that are available to the 'bad guys' are amazing. Vast criminal conglomerate where spam was just one business, phishing and DDOS are others, etc. Paul Ferguson: did the workshop come up with ideas on how to move forward on these actionable items? He is a co-author on RFC 2827 and would be happy to pick this up again. 4c. Readout from the Routing & Addressing Workshop (Dave Meyer & Chris Morrow) see slides Heated discussion about the growth curve: is really exponential or polynomial or linear growth. Dave Meyer: in the defense of those looking at he growth and producing these graphs and statistics: it is not an easy task to analyse the data and then project the growth and produce these graphs. Vince Fuller: if everyone is switching on IPv6, the growth of the routing table is really very significant Alain Durand: but not everyone is switching it on at once. Margaret Wasserman: questions the assumption that everyone will keep running IPv4 and IPv6 in parallel. Part of the reason that we have been developing and deploying IPv6 was to reduce the use of IPv4. Chris ??: IPv4 routability will have to be provided for a very long time Peter Lothberg: solution would be not to deploy IPv6 Brian Carpenter: somewhere v4 deployment will stop, because we are running out of the v4 addresses. Also, things might be done differently in the future. Dave Meyer: there is clearly disagreemnt about this point. This is fine. We are trying to find out if there are other issues that need to be taken into account when making these projections. Alain: refers to RFC1380 - at that time there were 16,000 routes in the routing table and the sky was falling. Vince: yes, but that was before CIDR! Peter Lothberg: there are things that we cannot do with today's architecture. This limits the functionality for users. ??: believes addressing should become before routing. we should maybe look at addressing mechanisms and those will then determine routing mechanisms. Leslie presents her slides -- proposals for where from here. Sam: likes to remind people of previous work on this: a presentation given by Radia Perlman (http://www3.ietf.org/proceedings/02mar/slides/plenary-3/index.html) on how we can all work better together. He finds this is important because much of the previouis work was coloured by ROUGH consensus. Some people dropped out of the process because of that. He believes we need to commit to working together and listening to each other and to expect everyone in the process would do the same. If someone has a new draft or suggestion don't just dismiss it because it has been brought up before. We should make sure we don't drive constituencies away. Bob Hinden: is pleased that we are starting to work on routing again in a serious way. Honestly, the routing is not that different between IPv4 and IPv6. When we approach this problem we shold not restrict ourselves to how we handle things today and how routers work today. We probably need to replace BGP. Chris Morrow: we're not trying to propse that BGP is the right answer. At the workshop we said: maybe BGP is not the right answer. Ross Callon: this topic could touch on a number of very different issues: who would be interested in participating in such a BoF (show of hands) (many hands go up) Ross: looks like there should be a Plenary size BoF. People seem to like that idea. Erik Nordmark: how can we go deal with the fact that this might cover very diverse issues and transition mechanisms. Has this been thought about? Leslie: that was Ross' point that this will actually affect others than just routing experts. Margaret: I think that this is a very real problem, not in 2011, but today. There are a lot of different places where we can work on this problem. The IETF only owns part of the problem space. Important to continue to talk with ISPs. Enterprise managers also need to be involved. Dave Meyer: thinks that while some people believe GSE is a potential candidate solution, there is a realisation that this was a very drafty idea and clearly needs to be thought more through. Leslie: pointers to previous work will be included on the IAB pages Ted Hardie: we might lose basic characteristics of the Internet we care about if we don't ge this right. We might have to do radical changes. If we really want e2e with smart end-points and a dumb middle, we might want to make the end-points recognise where they are in the routing system. 5. IAB open Mic Peter Lothberg: [on unwanted traffic topic] we're talking about people misusing the network and about mechanisms how to take care of it. There are things that can be done to the network today that would make it go away and technology cannot prevent that. Why are we trying to solve everything with technology? A lot of this are social issues or police issues. Bernard: we need to think of it (the network) as a right and not a privilege Kurtis Lindqvist: there should be a legal system where we can track down people that do bad things on the Internet. Mostly these bad actions are not even illegal. Would be nice if the Internet Governance discussions would address that. Ross Callon: there was a suggestion to extend the BCP on source address filtering. BCPs for securing the network are in preparation in the OPS area. People said that it is a good thing that those bad guys have an interest in having the Internet up and running, because they make money on it. But there might be people who are interested in making the network go away and just don't have the technical skills yet to do that. Bernard: you can find that capability on the net today! Lixia Zhang: education is key towards reducing the problems in a larger scale. Ileana Leuca: agrees with Ted. Rapporteuer between IETF and OMA. Thanks individuals in the IETF to finalise more than 15 RFCs and I-Ds in the area of terminal security etc. Dave Nelson: suggests we improve the Internet protocols to make it more expensive to abuse the system. Craig ??: we are leaders and we need to use that influence on other communities to deploy good mechanisms. Maybe we need more BCPs. Elwyn: ultimately we need to reduce the value to those bad guys. |