Agenda IETF103: hotrfc
agenda-103-hotrfc-09
Meeting Agenda | Hot RFC Lightning Talks (hotrfc) Team | |
---|---|---|
Date and time | 2018-11-04 11:00 | |
Title | Agenda IETF103: hotrfc | |
State | Active | |
Other versions | plain text | |
Last updated | 2018-11-04 |
agenda-103-hotrfc-09
=========================================================================== Paper #1: Stopping Malware and Researching Threats (SMART) --------------------------------------------------------------------------- Authors: Kirsty Paine (NCSC) Kathleen Moriarty (Dell) --------------------------------------------------------------------------- Stopping Malware and Researching Threats [SMART] is a proposed new IRTF research group, and will be having a planning meeting at IETF 103. The group aims to investigate and publish research on a range of cyber attacks (including malware, botnets, phishing and DDoS) and how they can be detected and defended against in a world of encrypted data. In this short talk, I'll explain what the group is about and encourage people from a variety of backgrounds to attend the meeting and plan our first steps. We have a mailing list for discussion now, and for follow-up after the meeting; we welcome and encourage brainstorming contributions from new and regular IETF participants, academics and industry representatives. =========================================================================== Paper #2: Collaborative Automated Course of Action Operations (CACAO) for Cyber Security --------------------------------------------------------------------------- Authors: Bret Jordan --------------------------------------------------------------------------- Threat Actors and Intrusion Sets are constantly advancing at an increasing rate relative to cyber defense. Further, cyber defenders typically have to manually identify and process prevention, mitigation, and remediation steps in order to protect their systems and networks and address and contain problems identified during and after an incident response. This talk will highlight the need and possible requirements and solutions to enable cyber defenders to use a standardized language for mitigating and remediating cyber threats in machine relevant time. =========================================================================== Paper #3: It is time to re-consider "computing in the networks" --------------------------------------------------------------------------- Authors: Jianfei(Jeffrey) HE (Mr) Marie-José Montpetit (Dr.) Lijuan(Rachel) CHEN (Ms) --------------------------------------------------------------------------- 20 years have elapsed since the debate between Active Networking and End-To-End Arguments in 1998. Now, programmable data planes are rising, for examples, the programmable switch with P4 language in DCN area and the virtual network devices in context of NFV in both DCN and carrier’s network. Recent research has shown that in-network caching/computing can greatly improve the performance of distributed systems in various applications inside DC: DNN(Deep Neural Network) training, frontend K-V(Key-Value) caching for skewed and dynamic workload, and high performance consensus systems(such as PaxOS). In the wider scope of networks outside DCs, edge/pervasive computing may also benefit from the holistic optimization of network and compute, for example, to address the dynamic service placement or load balancing among a large number of edge-computing nodes. In-network caching and computing and their potential impact on network and application performance have already generated a large amount of research and development.Will these new technologies and their potential "gains" justify in-network caching/computing? If yes, what are the impacts to the network architecture and protocol designs? We believe that the IRTF should address this emerging field that is important for the future of the Internet. We are proposing a new RG called COIN, computing in the network, and will hold a side meeting during IETF 103 at 10am on Friday November 9. =========================================================================== Paper #4: Multicast Ingest Platform --------------------------------------------------------------------------- Authors: Jake Holland (Akamai) Kyle Rose (Akamai) --------------------------------------------------------------------------- We're putting together a reference image that can respond to local source-specific multicast signaling by discovering source info from remote networks with DNS and pulling the right traffic in, using AMT for transport and AMBI for data integrity. The goal is to securely ingest multicast traffic from a remote source network with no peering required, and no new config needed in the source network to send traffic into the new receiving network, even when no multicast-enabled backbone connects them. =========================================================================== Paper #5: FlexIP --------------------------------------------------------------------------- Authors: Robert Moskowitz (HTT Consulting) Liguangpeng (Huawei) --------------------------------------------------------------------------- Flexible Internet addressing and Flexible routing. The Flexible Address Space is divided between an unbounded little endian Global Address Part and an unbounded big endian Local Address Part. This allows the public network to grow and route as needed and for the local or private networks to use addressing and that makes the most sense within each network. Privacy can be included in both parts by use of a MapID. Routing is managed in a Multi-Entrance-Trie. Sound like PIPv2? It is much more. Use cases will be presented; don't blink. =========================================================================== Paper #6: Nimble out-of-band authentication for EAP (EAP-NOOB) --------------------------------------------------------------------------- Authors: Tuomas Aura (Aalto University) --------------------------------------------------------------------------- EAP-NOOB is an EAP method where the authentication is based on a user-assisted out-of-band (OOB) channel between the server and peer. It is intended as a generic bootstrapping solution for Internet-of-Things devices which have no pre-configured authentication credentials and which are not yet registered on the authentication server. =========================================================================== Paper #7: DNS protocol police / DNS flag day 2019 --------------------------------------------------------------------------- Authors: Petr Špaček (CZ.NIC) --------------------------------------------------------------------------- As all IETF participants know, IETF itself is not a protocol police ... But protocol police might emerge from elsewhere! Major open-source DNS vendors are going to execute an experiment called "DNS flag day 2019" and to implement http://tools.ietf.org/html/draft-spacek-edns-camel-diet and push it to production right away. In this talk we very briefly introduce DNS flag day 2019 and its implications. Interested listeners will be encouraged to talk to dnsop and/or DNS vendors involved with the project. =========================================================================== Paper #9: Loss-latency trade-off (LLT) and the mobile network --------------------------------------------------------------------------- Authors: Thomas Fossati (Nokia / MAMI project) Mirja Kühlewind (ETH / MAMI project) Pedro Andres Aranda Gutierrez (UC3M / MAMI project) Diego Lopez (Telefonica R&D / MAMI project) --------------------------------------------------------------------------- The loss-latency signal proposed in [1] has several interesting properties: - An extremely simple semantics; - Incrementally deployability; - Participants have no incentive to lie, and therefore there is no need for the network to trust the signalling endpoints. One facet that has not yet been explored (to the best of our knowledge) is its impact on the mobile-network. At least on paper, the scheme looks like a perfect fit with the QoS model defined by 3GPP LTE [2] where the Lo and La markings have a straight mapping into the set of QoS class identifiers (QCI). On ingress in the mobile network, a trivial Traffic Flow Template (TFT) could route packets according to their DSCP marking into an appropriate (dedicated or default) EPS bearer. Eventually, the radio resource manager in the eNodeB would use this information to inform its scheduling decisions. This makes it particularly attractive for use on the mobile access network where today Internet-bound flows are typically bundled together into one "default bearer" whose QCI (typically, 9) has latency and loss rate targets (i.e., 300 ms and 10-6, respectively) that are incompatible with real-time traffic requirements. An additional application of LLT to the mobile network is its use on selecting the optimal strategy (lossless v seamless) on cell handover. We want to present a few preliminary results which we'll be working on before and during the hackathon to validate the core ideas and (time permitting) look at richer, realistic traffic mixes. [1] J. You et al., "Latency Loss Tradeoff PHB Group," Internet Engineering Task Force, 2016 [2] 3rd Generation Partnership Project, "Technical Specification Group Services and System Aspects; Policy and charging control architecture (Release 14)," 3rd Generation Partnership Project, Sophia Antipolis, 2017. =========================================================================== Paper #10: Internet Content Tagging and Distribution Protocol (ICTDP) --------------------------------------------------------------------------- Authors: Nalini Elkins (Inside Products) vittorio bertola (Open Exchange) Barry Shein (TheWorld.com) --------------------------------------------------------------------------- The recent years have seen content filtering by content providers as well as government for cultural acceptance, human rights and law compliance, but also for security (botnets, malware etc.) and for user-defined policies (parental control, corporate blocking of social networks during work time, etc.). Some governments, in particular, the European Union, are enacting legislation. Some large content providers, such as Facebook, Twitter, and Google (YouTube), are self-censoring. There are widely diverging opinions on whether, and under which conditions, this kind of filtering is appropriate and good for the Internet – this belongs to the realm of policy discussions. However, such filtering practices are a widespread fact that will not go away, and the document authors expect them to further increase in the coming years; governments and the public opinion expect that the Internet's technical and business community provides workable ways to keep unacceptable content out of the network, possibly for definitions of unacceptable content that vary by country and by context. We propose one idea of a potential solution: content tagging via a new protocol called the Internet Content Tag Distribution Protocol (ICTDP). The protocol would provide a standard methodology for those who may wish to distribute and filter on tags for content =========================================================================== Paper #11: Routing storm. A problem for aviation and IETF? --------------------------------------------------------------------------- Authors: Saulo da Silva (International Civil Aviation Organization) --------------------------------------------------------------------------- Aviation is staring to use the Internet for exchange of safety critical messages between ground systems, ground-air and air-air systems. The speed flown by an aircraft connected to the Internet may disrupt the Internet infrastructure through routing storm. Is this a problem that the aviation community and the Internet community should be worried? =========================================================================== Paper #12: Localized Optimizations On Path Segment (LOOPS) Discussion --------------------------------------------------------------------------- Authors: Carsten Bormann (Universitaet Bremen TZI) Yizhou Li (Huawei) --------------------------------------------------------------------------- Various overlays are used in networks including WAN, enterprise campus and others. End to end path are divided into multiple segments some of which are overlay encapsulated to achieve better path selection, lower latency and so on. Traditional end-to-end transport layer is not very responding to microburst and non-congestive packet loss especially over the long haul. With the multi-segment overlayed path used over WAN, it gives us an oppotunity to locally optimize a path segment to achieve better throughput. We want to illustrate the problems in some use cases and present a few preliminary solution ideas. Interested listeners are encouraged to join the side meeting for it (Tuesday 18:30-19:30). =========================================================================== Paper #17: Concise Identities --------------------------------------------------------------------------- Authors: Henk Birkholz (Fraunhofer SIT) Carsten Bormann (Universitaet Bremen TZI) Max Pritikin (Cisco) Robert Moskowitz (HTT Consult) --------------------------------------------------------------------------- The objective of using CWT as a basis for Identity Documents (signed claim sets) is to gain more flexibility and at the same time more rigorously defined semantics. In addition, the benefits of using CBOR, COSE, and the corresponding CWT structure accrue, including more compact encoding and a simpler implementation in contrast to classical ASN.1 (DER/BER/PEM) structures and the X.509 complexity and uncertainty that has accreted since X.509 was released 29 years ago. Areas where both the compactness and the definiteness are highly desirable is in Constrained-Node Networks [RFC7228] or scalable security automation between platforms, in general. =========================================================================== Paper #13: Configuring DNS using YANG+RESTCONF --------------------------------------------------------------------------- Authors: Petr Špaček (CZ.NIC) --------------------------------------------------------------------------- DNS is a well established protocol... but each implementation has totally different configuration. Is it feasible to invent a standardized configuration interface based on YANG+RESTCONF? In this talk we will report experimental results from IETF 103 hackaton: Were we able to hack up common interface for two independent DNS implementations? Interested people are encouraged to join dnsop WG for discussion about draft-lhotka-dnsop-iana-class-type-yang and further steps. =========================================================================== Paper #14: Structured Specifications in IETF Documents --------------------------------------------------------------------------- Authors: Stephen McQuistin (University of Glasgow) Colin Perkins (University of Glasgow) --------------------------------------------------------------------------- Standards documents have been slow to adopt structured specifications that go beyond the limited syntax that can be captured in ASCII art diagrams and prose descriptions. Before developing a new structured specification format, we must explore both the technical limitations of existing approaches, and the social and cultural barriers to their adoption. We will encourage interested listeners to discuss their experiences with us, and to share their feedback and ideas on our proposed approach. =========================================================================== Paper #15: Control Plane Telemetry: Network-wide Protocol Monitoring Framework --------------------------------------------------------------------------- Authors: Huamo Chen (Huawei) Yunan Gu (Huawei) Zhenbin Li (Huawei) --------------------------------------------------------------------------- The requirement for better network OAM approaches has been greatly driven by the network evolvement. The concept of network Telemetry has been proposed to meet the current and future OAM demands w.r.t., massive and real-time data storage, collection, process, exportion, and analysis, and an architectural framework of existing Telemetry approaches is introduced in [I-D.song-ntf]. Network Telemetry provides visibility to the network health conditions, and is beneficial for faster network troubleshooting, network OpEx (operating expenditure) reduction, and network optimization. Telemetry can be applied to the data plane, control plane and management plane. There have been various methods proposed for each plane: o Management plane: For example, SNMP (Simple Network Management Protocol) [RFC1157], NETCONF (Network Configuration Protocol) [RFC6241] and gNMI (gRPC Network Management Interface) [I-D.openconfig-rtgwg-gnmi-spec] are three typical widely adopted management plane Telemetry approaches. Various YANG modules are defined for network operational state retrieval and configuration management. Subscription to specific YANG datastore can be realized in combination with gRPC/NETCONF. o Data plane: For example, In-situ OAM (iOAM) [I-D.brockners-inband-oam-requirements] embeds an instruction header to the user data packets, and collects the requested data and adds it to the use packet at each network node along the forwarding path. Applications such as path verification, SLA (service-level agreement) assurance can be enabled with iOAM. o Control Plane: BGP monitoring protocol (BMP) [RFC7854] is proposed to monitor BGP sessions and intended to provide a convenient interface for obtaining BGP route views. Date collected using BMP can be further analyzed with big data platforms for network health condition visualization, diagnose and prediction applications. The general idea of most Telemetry approaches is to collect various information from devices and export to the centralized server for further analysis, and thus providing more network insight. This document identifies the problems that the current control plane telemetry is facing, and then illustrate and conduct the requirements and necessity of the Protocol Monitoring Protocol (PMP) framework through the discussion of specific use cases. =========================================================================== Paper #16: An Architecture for Collaborative Security and Proactive Defense against Internet of Things Botnets --------------------------------------------------------------------------- Authors: SYED MUHAMMAD SAJJAD (RISE RIPHAH PAKISTAN) MUHAMMAD YOUSAF (RISE RIPHAH PAKISTAN) --------------------------------------------------------------------------- This document proposes an architecture for collaborative security and proactive defence against Internet of Things botnets. The proposed architecture is based on the violation of the Manufacturer Usage Description policy. This architecture provides a means of sharing the attacker informations with the peers in order to not only achieve proactive defense against Internet of Things botnets but also mitigate them at its source end.