Skip to main content

Minutes IETF115: anima
minutes-115-anima-01

Meeting Minutes Autonomic Networking Integrated Model and Approach (anima) WG
Date and time 2022-11-10 13:00
Title Minutes IETF115: anima
State Active
Other versions plain text
Last updated 2022-11-14

minutes-115-anima-01
IETF115 ANIMA WG Meeting Minutes

   Thursday, November 10th, Session II Mezzanine 10-11, 1300-1500 UTC (1:00 PM
   - 3 PM local time) Chaired by Toerless Eckert (local), Sheng Jiang (remote)

01 Chair slides 15:00 - 15:10
   Presenter: Toerless Eckert (local), Sheng Jiang (remote)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-01-chair-slides-00
   No slots requested WG documents
      draft-ietf-anima-brski-cloud-04 (unchanged from IETF114)
      draft-ietf-anima-grasp-distribution-05 (unchanged from IETF114)
         Authors working on enhanced next revision including demonstratable
         mechanism in text to explain how it works. Planning to be publishing
         for IETF116 (from Xun.Xiao@huawei.com)
      draft-ietf-anima-voucher-delegation-02 (unchanged from IETF114)
      draft-ietf-anima-rfc8366bis-00 (expired, no update since IETF113)
   Michael: BRSKI cloud waiting for WGC for 2 IETF
   Michael: voucher delegation may be irrelevant. Use cases came from number of
   different places, like OPCUA, but they moved on. Time has passed. What they
   (OPCUA) called voucher was not what we call voucher. They do have an
   interesting process to build assemblied though. Siemens may have different
   interet in voucher delegation, Micheal does not know what Siemens wants. If
   we do not figure out customer, then consider what to do (kill), otherwise
   enhance it accordingly to the customer demands (explaining upon question by
   Steffen Fries). rfc8366bis may be important, but low priority now for
   authors, will be raised in michaels queue when constrained stuff gets up in
   priority.

02 15:20 - 15:35 Status & next steps for draft-ietf-anima-constrained-voucher
(15 minutes)
   Draft: draft-ietf-anima-constrained-voucher-18 (unchanged from IETF114 -
   waiting for shepher review Toerless Eckert) Presenter: Esko Dijk (local)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-constrained-brski
   URL for recorded demo: (no recorded demo)
      Esko giving live demonstration starting pledges nad finish to do
      enrollment, testing concurrency of registrar behavior. This test is only
      using Eskos code forked from openthread project ¡°OpenThread-Registrar¡±.
      Does by default not test the other existing codebases. But could access
      other peoples code (via IPv6 connection). For this test, no discovery was
      done, no discovery code is implemented; but rather preconfigured address
      of registrar. Are all the > 1 year old issues of early review closed ?
      Yes, think so, where range of issues in github opened for those and
      should be resolved. Show of hand, who has read latest version: 2 hands.
   Chairs: reviews by more people is a next step.

03 15:10 - 15:20 Update on constrained BRSKI join proxy (10 minutes)
   Draft: draft-ietf-anima-constrained-join-proxy-13 (was -11 at IETF114)
   Presenter: Michael Richardson (local)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-constrained-join-proxy-status-00
   Main rewrite to now use CoAP header after longer discussion in IANA review
   by CoAP experts (due to CoAP discovery) Rob Wilton: does this need another
   WG last call ? Not quite clear ? Michael: Yes. Toerless: Yes. New version is
   out on datatracker, please compare. Toerless: Benefits ? Michael: Device is
   otherwise speaking CoAP, we removed non-CoAP code (special CDDL code), this
   code is also likely a lot more used than the enrolment code. Should result
   in more code stability/less bugs. Peter is now retired, Michael is only
   author left. Esko: Using CoAP does have some impact on behavior. How about
   response to request ? Do we create additional messages that are not needed
   e.g. ¡°2.04 Changed¡± response to POST request. Michael: We use
   non-confirmable. Esko: but even non-confirmable request will have a
   response. Don't want 2.04 response message coming back. Has no value here.
   The server could just suppress it. Michael: rfc9031 thought got it right ?
   rfc9031 got it wrong ?.. Rob: Please have more cross-review to solve issues
   like this! Rob did send document back to WG so it can go through another WG
   last-call.

04 15:35 - 15:45 An Autonomic Mechanism for Resource-based Network Services
Auto-deployment (10 minutes)
   Draft: draft-ietf-anima-network-service-auto-deployment-03 (was -02 at
   IETF114) Presenter: Sheng Jiang (remote) Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-a-generic-autonomic-deployment-and-management-mechanism-for-resource-based-network-services-01
   Esko: Overall security model. All initators have to be authenticated. They
   are authenticated the moment they join the ACP. Toerless explaining how
   authentication is derived from ANI certificate (BRSKI), e.g.: via TLS or
   ACP. Sheng: how to do authentication for purpose of this document is out of
   scope.

05 15:55 - 16:05 Update on JWS voucher (5 minutes)
   Draft: draft-ietf-anima-jws-voucher-05 (was -04 at IETF114)
   Presenter: Thomas Werner (remote)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-update-on-jws-signed-vouchers-00
   Maybe ask authors of JWS RFC for review if we use this - JOSE WG. Send
   request for review to JOSE working group.

06 16:05 - 16:15 Update BRSKI with Pledge in Responder Mode (BRSKI-PRM) (10
minutes)
   Draft: draft-ietf-anima-brski-prm-05 (was -04 at IETF114)
   Presenter: Steffen Fries (remote)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-update-brski-with-pledge-in-responder-mode-brski-prm-00
   YANG augmentation is only open issue. Michael asked beginning of August,
   waiting in Michael who owns the process, applies to different odcuments. got
   something wrong in rfc8366 - can't combine things so far. Michael will
   repost tomorrow. SECDIR early review and also a YANG Doctor early review was
   proposed before WGLC. The YANG Doctor's review is intended once the YANG
   augmentation is solved. SECDIR review can be triggered immediately.

07 16:15 - 16:25 Update on BRSKI alternative enrollment (BRSKI-AE) (10 Minutes)
   Draft: draft-ietf-anima-brski-ae-03 (was -02 IETF114)
   Presenter: David von Oheimb (remote)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-update-on-brski-ae-alternative-enrollment-protocols-in-brski-00
   The WG chairs will align on potential early reviews, e.g., by SECDIR, before
   WGLC.

07.5 Hackathon - VPN:
   Michael Richardson: Trying to use IETF VPN for several years because BRSKI
   testing really requires VPN (l2 virtual connectivity). Has been a problem
   for a long time. Buy smallest router (vendor:) WiFi+ethernet virtually
   bridged L2 vi IETF then, also get IPv6 prefi. Caveat is that it only works
   except for 10 days around IETF, because the IETF headend is then
   moving/shipped and at IETF.

09 KIRA: Distributed Scalable ID-based Routing with Fast Forwarding
   Presenter: Roland Bless (local)
   Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-kira-anima-00
   URL: https://mailarchive.ietf.org/arch/msg/anima/M9VhjN_4XKMNdjZJjKvU_ZL_-H0
   Robust connectivity for control plane Michael: One issue of ACP is forming
   too many adjcencies when not needed. What we don't have in RPL is reasonable
   origin authentication. Routing protoccol (RPL) does not leverage the
   authentication/certificates we have with ACP/BRSKI.

Fell off agenda (again)

ANI Autoconfiguration via DNS (10 minutes)
   Draft: draft-eckert-anima-services-dns-autoconfig-04 (only refresh since
   IETF114) Draft: draft-eckert-anima-grasp-dnssd-02 (only refresh since
   IETF114) Presenter: Toerless Eckert (local) Slides:
   https://datatracker.ietf.org/meeting/115/materials/slides-115-anima-08-ani-autoconfiguration-via-dns-00
      Note: Fell off the agenda at IETF1114 due to running out of time

ToBe Done:
Now:
   Toerless: review ACP errata reported
   0. BRSKI-AE - WGLC first.
   1. Ask for early reviews from directorates for BRSKI prm: iotdir, security,
   - yang still open issue. 2. BRSKI cloud last call - been waiting longest ?!
   3. BRSKI-PRM WGLC ?! 4. ensure enough review has been done on constrained
   BRSKI proxy, then do WGLC.

Before IETF116:
   recheck what we want to do with voucher-delegation.