Minutes - XMPP IETF 80 - Tuesday 29 April 2011 - Prague, CZ Summary: --Status: - Trilogy in Auth48 REF state [Note: Published later in week as RFCs 6120, 6121, and 6122.] - Need to update milestone states - Need to add milestone for i18n update, since that was tabled for RFC 6122. Chairs will discuss with ADs -- Internationalization -- Peter presented input from XMPP to PRECIS. We expect XMPP to ultimately reuse the output of PRECIS -- DNA - Richard presented slides on using DNSSEC. There was significant disagreement from Eric Rescorla concerning the use of DNSSEC. Authors, Peter, and Ekr agreed to discuss offline and report back. -- Chairs asked for continued discussion on list -- we need to move this forward. -- End to End Encryption - Ekr presented JSMS. - Workgroup to monitor status of WOES effort to see if it looks like it will bear fruit. -- XMPP-SIP interworking -- Peter presented reminders about his drafts on the subject -- Simo presented SIXPAC goals -- Poll did not generate significant interest in working on XMPP-SIP interworking. Chairs will confirm on list, then discuss removal of the milestone with the ADs. Raw notes from Peter Musgrave and Cary Bran follow (Thanks guys!): = XMPP = Minutes by Peter Musgrave Agenda slides & milestone discussion - some milestone dates being moved out - sip-xmpp interworking is an open item I18N Issues (Peter Saint-Andre) - had interim meeting in Brussels in Feb - slide 8 has a bug NFC does not do compatibility decamp. [Dave@Jabber] There are passwords in XEP-0045 [JoeH] Are full-half width Asian characters consider compatibility equivalents? (Slide 14)? Yes. [Dan Burrnet] Can directionality change in a sequence with spaces (if spaces were allowed) [P S-A]Space was previously dis-allowed, rough agreement in past is not to allow it now. [Dave] We might want to casefold nick names in chat rooms… [PSA] In some usages may want to case fold - which subclasses a subclass but we need to consider how far we want to go here. [JoeH] Is there any discussion on interoperability between apps (Slide 21 email vs IM account) then need to have discussion between different communities [Bernard] Where could these issues occur? Seems like a lot of places, email, JID, SIP URI etc. Can we come to an agreement of the things we care about [Joe] PRECIS might be able to prohibit characters in some protocols but to be interoperable would need to be % escaped. And would need to go into LDAP etc. [Bernard] Worth looking at bidi cases e.g. mix Arabic with numbers and weird things start to happier. [Joe] Yes you can - is this likely in a senate? Need answer from domeone in culture [MartinT] Of course use of numbers will happen. [MartinS] Arabic numerals are L to R Please go to PRECIS session Domain Names Assertions [DNA] (Richard Barnes) High-Level Solution Slide [Bernard] Do we need all the records for the routing table at the start? Can be done incrementally and built up over time. [P S-A]Servers today do build them up over time - so this seems reasonable (and people do not need to do them all up front) [DAve] Worth noting dial back is equivalent to "I authorize you as being" [Ekr] How are SRV handled now in XMPP.  SRV lookup matrix, A DNSSEC signed yes/no are columns, rows points to same place or not  What in certificate tells me I am looking for a different name. [RB] If signed with DNSSEC can validate either input or target. Rows are the same. [Ekr] HTTPS originally allowed only one host, then extended to add virtual hosting 10 years ok. Only recently deployed. This seems hard to deploy since we need DNSSEC plus this lookup stuff. [PSA] Servers which care will deploy quickly since this can be a big pain point [Ekr] As son as this is turned on whoever is not upgraded will get TLS connection errors [Joe] We are getting these errors today. [Joe] Server to server TLS is just not working today. e.g. GoogleTalk plus Joe's company [Ekr] What fraction of servers have this problem? [Bernard] There are different deployment solutions. In some scenarios the client comes from the same service - so not fully analogous to the browser case. [Dave] We are using dialback with TLS optional. [PSA] We have about 5000 server to server connections at any one time, I believe very few are TLS protected at this time. Would be a good thing to secure these. [Ekr] But we are depending on DNSSEC and this is not widely deployed. Is this really going to be deployable given everything which needs to be rolled out. [PSA] There have been other designs which were too complex - so we decided to wait for DNSSEC. [Jabber] DNSSEC is only used to add records - so we are no worse off. [Joe] There is no consensus on this so far, we are still designing… [Ekr] I think this a bad idea. I might be able to do better. [Joe] Please do. [PSA] There is a role for this - maybe 10 large hosting providers who will want this. Smaller servers will likely not bother. But it will be more secure than any other proposal we've seen. [Bernard] Worth thinking about who should review this. e.g. some people in US military [PSA] We look at attribute certificates and went down that path. (Ekr thinks this might be marginally better) [PSA] Do need to think more about backward compatibility. Need to assess this draft soon. Please participant on the list. Java Script Message Syntax (Ekr) [PSA] Natural to use xmpp philosophy of dumb clients, could ask server to check cert. Agreed. [Joe] At bar-BOF asserted this is something xmpp people could implement. (missed some discussion here) Please join WOES mailer and see if WG gets formed. Pushed off end-to-end charter milestones to see if WOS will bear fruit. SIP-XMPP Mapping (Peter Saint-Andre) - is there energy to retrieve some of the expired work and restart it? [RjS] Close to done observation. These may not be quite as done as we remember. Some soft/hard state issues, state exhaustion attacks. Some of this will need to be polished. Agreed. [Joe] There has been some implementation experience which has shown some issues and work arounds. [Ben-Chair] Is there energy? What do people want to work on? Most of this is based on server to server interworking. Work item says we will develop a framework. [Joe as Chair] Please express interest. [Bernard] There is a specific use case: making a 911 call. XMPP on one side and a PSAP running SIMPLE. Since SIMPLE is the only one with a 911 service defined. NINA e.g. only authorizes SIMPLE. [RichardBarnes] But should we just add XMPP to emergency calling? [Justin] There are some large Jingle deployments - want to have a better spec. for how to gateway Jingle to SIP. Poster child would be GoolgeTalk/FaceTime interop. [Bernard] Justin Mentioned RTCWEB. Are you saying RTCWEB will go this way? [Justin] May be able to map RTCWEB media description and Jingle. Might be able to use same idea? [Joe] Would RTCWEB do something Jingle-like [Justin] I hope not. I would avoid key value pairs and XML next time around. Dual-Stack (SIXPAC) (Simo Veikkolainen) (will need to be co-ordinated with dispatch) - not in scope for xmpp, asked to provide an update here - this is not about inter-working [Justin] Is conferencing in scope? Not at this point. [Joe] You mean XCON? [Justin} Yes, group chat coupled with SIP voice bridging Idea was first to tackle the 1-1 cases [Joe] As individual, conferencing is interesting [Justin] 1-1 solution feels like a bit of a hack. Might be better to just have a better gateway solution. Especially in conference case. Want to know more about why gateways would not work. [Joe-Ind.] People with existing audio SIP mixers may want to re-use that. [Bernard] From RTCWEB perspective you might never need something like this. [John Elwell] Idea of gateway requires changes in infrastructure. Simo is saying just change EPs. Still could be relevant in RTCWEB where people have a separate XMPP client. [Justin] Need to be careful since propagating dual-stack will eventually become painful. [PSA] There are thick client which do this already. Would be nice to have a few things here - but not try to take it too far. [Simo] Dual stack has been implemented (Gizmo5) but would like to reach more clients. Changes are modest. [Justin] Agree scope needs to be carefully defined. Should agree not to do large things. Conclusions: - where do we go with these two bodies of work? [RjS] Third alternative is go and solve specifically identified industry gateway issues. [Bernard] RTCWEB with integrated IM will have E911 allocation - need to figure that out. Is there energy to work on this. How many are interested in working on server to server gateway for XMPP/SIP interworking. For IM/presence (1 strong hands, 4 half-hearted + offer to help from P S-A) For voice/video (7 or 8 hands, more than for IM/presence) How many are interested in SIXPAC? (about 4) This is not really a lot on any of these. [RjS] Suggest if anyone is burning to do this. Who is going to suffer if this is not done? [Adrien] My implementation is following some existing specs. in XMPP Is anyone feeling big pain over any of these issues? ("thunderous silence") [PSA] There is some interest from a community which does this. (missed the name). Have had some conversations here about it. There is one thing deployed which is a possible solution. --------------------------------- XMPP (IETF 80 - Prague) - Tuesday, 29 March 2011 1520-1810 http://tools.ietf.org/wg/xmpp/ Status and Agenda Bashing – Joe Hildebrand and Ben Campbell Slides: http://www.ietf.org/proceedings/80/slides/xmpp-0.pdf * Note Well Overview * Group Information - Mailing list xmpp@ietf.org * A round of applause was given to the meeting minutes takers * RFC 6120, RFC 6121 and RFC 6122 are in auth48 state * Discussed late milestones and proposed updates (see slides 7-8) ***************************************************************** Internationalization Issues - Peter St. Andre Slides: http://www.ietf.org/proceedings/80/slides/xmpp-1.pdf Draft: http://tools.ietf.org/html/draft-saintandre-xmpp-i18n-03 AI – Add i18n to the XMPP charter – Joe Hildebrand AI – Add i18n updates to RFC 3920 – Joe Hildebrand Overview of possible XMPP WG input into PRECIS WG * Unicode Recap Note: Bug in table on slide 8 – Unicode Recap (6) - NFC – does NOT do Compatibility Decomposition * PRECIS Recap * String Classes Of interest to XMPP: Nameythings, Stringythings, Wordythings, Domaineythings AI: “wordythings” - white space is not allowed, opinion has not been solicited to the mailing list, should this question be taken to the mailing list? – Peter St. Andre Dave Cridland: Comment on “wordythings” (see slide 12) – re: already having passwords in some XMPP extensions, such as XEP-0045. Dave Cridland: Comment on “stringythings” (see slide 17) – re: Brussels discussion on imposing more chatroom nickname restrictions; might casefold nicknames for chatrooms, currently not done. AI: Discuss should nicknames be case folded? - WG * NFD * Subclassing Joe Hildebrand: Question on XMPP interoperability for email and IM. AI – Discuss interop with email and IM WGs – Joe Hildebrand * PRECIS Open Issues * XMPP Open Issues Dave Cridland: Question on internationalized JID resolution – e.g. actual JID is "saint-andré", user types in “saint-andre” how does this get resolved. AI: Send email to list to discuss above issue. Should this be solved using a remote normalization/canonicalization protocol, or else having the server rationalize the typography of the jid. – Dave Cridland * Q&A Session: Discussion between Bernard Aboba, Joe Hildebrand, Martin Thompsan, Peter St. Andrea - Can you mix Arabic and numbers? AI: for PRECIS working session determine if users want to combine ASCII-7 numerals with Unicode – example a Hebrew name + 124. ***************************************************************** Domain Name Assertions - Richard Barnes Slides: http://www.ietf.org/proceedings/80/slides/xmpp-2.pdf Draft: http://tools.ietf.org/html/draft-ietf-xmpp-dna-01 * Problem Overview * High Level Solution * DNSSEC * Routing Table Correction to slides – the receiving packet is swapped * Overall Flow AI: via Dave Cridland, Overall flow, update “Request permission to send for delegated domains”; sending the “verify” explicitly authorizes sending the other way. – Richard Barnes Group had debate around TLS and DNSSEC and proposed flow. * Status AI: Start work on the security backward compatibility issue - Peter St. Andre and draft authors There are some major security issues to address and it appears that DNA is not ready to move forward yet. ***************************************************************** End to End Encryption (JSMS) - Eric Rescorla Slides: http://www.ietf.org/proceedings/80/slides/apparea-6.pdf Draft: https://tools.ietf.org/html/draft-rescorla-jsms-00 * Overview 3/28/2011 - Bar BOF good level of support/interest – generally positive feedback WOES@ietf.org - mailing list * Current Efforts * Basic Idea * Sample Workflow * Content Objects * Signed Objects * PKIX AI: Determine how stanzas (RFC 3923) fit into this model – Peter St. Andre ***************************************************************** SIP interoperability – Peter St. Andre Slides: http://www.ietf.org/proceedings/80/slides/xmpp-4.pdf * SIP-XMPP Mappings * Core * Presence * IM * Chat * Groupchat * Media * Restart this work? Robert Sparks: Commented that there are unresolved pain points for the core, presence and IM specs. These pain points would have to be brought back for discussion. Ben Campbell/Joe Hildebrand: Asked for people to speak up if they wanted to continue this work. Bernard Aboba: Describe his interest in a user case for making a 911 call where XMPP is on one side, PSAP running SIMPLE on the other. ***************************************************************** SIXPAC - Simo Veikkolainen Slides: http://www.ietf.org/proceedings/80/slides/xmpp-5.pdf * Goals Client integration of SIP/XMPP – e.g. packaging a “Dual Stack” into the client * Tech Requirements * Protocol Extensions * Status of the work * Next Steps * Questions: Justin Ubreti: Is conferencing in scope for this work? Simo Veikkolainen: No – Multiparty conferencing was discussed – but has not been added to the scope Justin Ubreti: Could gateways or tunneling be a better approach to solving the conferencing problem? AI: Explain the reasons behind why not to gateway – Simo Veikkolainen ***************************************************************** Milestone Scope – Ben Campbell Ben Campbell: Called for support going forward with these proposals. * Support for server-to-server approach SIP/IM/Presence 3 strong hands raised 1 weak hand raised * Server-to-server Approach SIP/Streaming 8 strong hands raised 1 weak hand raised * Dual Stack Client 4 “determined” hands raised Robert Sparks: Asked the floor if anyone is burning to do the work or writing the specs. Followed by a question if there anyone was experiencing a pain point that these areas of work could address. No interest to work on these proposals. ***************************************************************** Meeting Adjourned