Minutes IETF116: vcon: Wed 00:30
minutes-116-vcon-202303290030-00

Meeting Minutes Virtualized Conversations (vcon) WG
Date and time 2023-03-29 00:30
Title Minutes IETF116: vcon: Wed 00:30
State Active
Other versions markdown
Last updated 2023-04-05

minutes-116-vcon-202303290030-00

vCon BOF - IETF 116

Wednesday, 29 March, Rooms G412-G413

Chairs: Spencer Dawkins and
Brian Rosen

Notes: Stuart Card

Area: ART

Responsible AD: Murray Kucherawy

BOF proponents: Dan Petrie and Thomas
Howe

Meeting coordinates

Administrivia - Chairs, 10 minutes

Greetings and welcome from the chairs

  • The ritual capture of Notetakers:
    Stu Card foolishly volunteered (Stu's words), for which Spencer is
    extremely grateful (Spencer's words)!

  • The gentler recruiting of someone to watch Meetecho/Zulip chat for
    questions:

Agenda Bash

  • Any changes to the posted agenda, before we get started?

Overview - Chairs, 10 minutes

  • Spencer D.
    displayed the Note Well etc. & welcomed all. He briefly summarized
    the background of vCon inc. implementations, drafts, IETF BoF
    status, and most importantly the justification offered. He explained
    the working group forming BoF process.

Use Cases driving the BOF request and charter - Thomas McCarthy-Howe, 20 minutes

  • Thomas McC-H
    began by showing the tension between using AI/ML etc. and protecting
    privacy, esp. across security boundaries. He suggested that digital
    formats, esp. if standardized, could facilitate the use of software
    tools for (hopefully objective) assessment of the nature and extent,
    in conversations, of content elements that might require protection
    (or deletion, whatever). He asserted that integrating the different
    elements (of different data types) comprising conversations
    facilitates both privacy protection and data analysis. He mentioned
    the usefulness for staff (e.g. customer service) training. He
    briefly alluded to the major constituents of a vCon representation.
    He mentioned proposed charter) that benefit from cross-device and
    cross-application capture and forwarding.

  • In chat, Hans-Jorg H.
    wondered what the current gap in state of the art. how are things
    done right now and what does this imply for this work

  • In chat, Pete R.
    expressed concern that cross-device, cross-app, etc. sharing not
    expose everything to intermediaries.

Proposed charter walkthrough - Dan Petrie, 20 minutes

  • Dan P.
    introduced the concept of "conversational data" and reiterated that
    it involves not only the actual data of multiple types but also
    meta-data for multiple purposes. He stated the proposed charter
    goals of a vCon WG. He invited good concise summaries of other use
    cases that might or might not be inserted into the charter. He
    expounded on some but not all of the questions a WG might address,
    especially media types & corresponding container types.

  • Mallory K.
    asked why transport & storage are excluded from proposed scope as it
    appears that some of the proposed principal objectives cannot be
    addressed w/o getting into those aspects (esp. end-to-end encryption
    thereof). She suggested that "data minimization" should be made
    explicit.

  • Spencer D.
    requested that Mallory follow up with her specific concerns.

  • Thomas
    explained that vCon was focused more on knowing what you have
    captured so you can figure out what you must protect, not on how you
    might then protect it.

  • Jonathan R. (5-9)
    suggested that single vendor cases don't need IETF standardization
    but multi vendor cases (primarily involving data exchange) might
    justify it, esp. to supporting logging and audit. He distinguished
    between recording who transferred what to whom and protecting
    (typically encrypting) the data in motion. He inquired about a use
    case involving transfer of conversational data between an
    organization that captured it and another organization that analyzes
    it for training or workflow management purposes;

  • Thomas & Dan
    said yes, at least the first is in scope.

  • Spencer & Jonathan
    appeared to converge on the need for use cases in the charter that
    are more specific to enable clearer demarcation of the scope edges.

  • Cullen J.
    spoke to (cryptographically protected) differentiated access and how
    to express both requirements for it.

  • Spencer
    thanked everyone who had asked questions, made comments or suggested
    use cases and entreated everyone to follow up with written specific
    inputs.

Open Discussion - Chairs, 20 minutes

  • Sebastian B. (NYU Law)
    asked about "conversations" as such (typically involving social
    aspects) and mere collections of communications? He distinguished
    between "privacy" and "data protection" and highlighted the aspect
    of consent. He raised the issue of provenance, not only of complete
    recordings but also of excerpts.

  • Joris B.
    pointed us to JS-Contact (?).

  • Hans-Jorg H.
    asked how is this done now (w/o vCon)?

  • Chris W.
    suggested call center operators may want a narrower scope of
    identity vs broader privacy.

  • Jaime J.
    inquired if it is in scope to specify API components (rt,
    media_type, tokens...) if any?

  • Jonathan R.
    said the state of practice is [s]ftp transfer of WAV files w/names
    based on timestamps, and too often, "[s]ftp" is "ftp".

RFC 5434-Style Questions - Chairs with AD support, 20 minutes

  • Poll: is the problem headed toward being well defined, and well
    understood? 30Y+8N=38
  • Jari A.
    suggested that some of the No votes are likely due to some of the
    discussed use cases not yet being reflected in the charter.

  • Hans-Jorg H.
    suggested that clarity could be improved by documenting the current
    state of practice and the gaps therein that vCon proposes to
    address.

  • Poll: does the problem need solving? 35Y+0N=35

  • Poll: is the IETF the right place to solve it? 24Y+6N=30

  • Bron G.
    expressed concern that few of the intended users seem to be
    here in the room.
  • Hans-Jorg H.
    as this seems to have some domain-specific aspects, and even if
    there are some people in the room familar with that domain, would
    more people from the domain need to be involved / e.g. are there any
    relevant liaison organizations in this space?
  • Mallory K.
    inquired as to the presentation of this work in other SDOs?
    Also any portion of this being addressed elsewhere in IETF?

  • Thomas
    replied that he has heard informally from other organizations
    that they are interested but he is not currently formally proposing
    it to any other SDOs.

  • Poll: is the proposed charter (as amended) headed in the right
    direction? 16Y+6N=22

  • Poll: are the proposed deliverables (as amended) close enough to be
    useful? 15Y+6N=21

  • Stu Card
    belatedly expressed support for this work for a use case of air
    traffic controllers, pilots onboard crewed aircraft, remote pilots
    of uncrewed aircrart, etc., esp. for incidents necessitating
    subsequent inquests.

  • Poll: please indicate if you are willing to review vCon documents?
    9Y+11N=20

  • Poll: please indicate if you are willing to contribute to vCon
    documents? 9Y

  • If you are willing to help lead the vCon WG
    please email vcon-chairs@ietf.org

Next Steps - AD, 10 minutes

  • AD Murray K.
    said it looked like there is sufficient support

Meeting Coordinates:

Onsite Meetecho tool (Blue sheet registration, Queuing for question and
answer session, polling) is here.

Full Meetecho tool is here.

  • If you're using the full Meetecho tool in the meeting room in
    Yokohama,     please turn off your audio inputs and outputs!

Session materials are here.

Hedgedoc notepad for this session is here.

Zulip chat for this session is here (and also in Meetecho)

See in datatracker schedule here.