Skip to main content

Minutes interim-2023-iab-07: Wed 15:00

Meeting Minutes Internet Architecture Board (iab) IETF
Date and time 2023-03-01 15:00
Title Minutes interim-2023-iab-07: Wed 15:00
State Active
Other versions plain text
Last updated 2023-03-15

Minutes of the 2023-03-01 IAB Technical Discussion & Business Meeting

1. Administrivia 

1.1. Attendance 


  Jari Arkko
  Deborah Brungard 
  Dhruv Dhody (Incoming IAB)
  Lars Eggert (IETF Chair)
  Wes Hardaker 
  Liz Flynn (IETF Secretariat)
  Cullen Jennings
  Mallory Knodel 
  Suresh Krishnan (Incoming IAB)
  Mirja K├╝hlewind (IAB Chair)
  Zhenbin Li 
  Cindy Morgan (IAB Executive Administrative Manager)
  Karen O'Donoghue (ISOC Liaison)
  Tommy Pauly 
  Colin Perkins (IRTF Chair)
  Alvaro Retana (Incoming IAB)
  Russ White 
  Christopher Wood (Incoming IAB)
  Greg Wood (IETF Director of Communications and Operations)
  Qin Wu 
  Jiankang Yao 

  Warren Kumari (IESG Liaison)
  David Schinazi


  Pamela Dingle
  Pieter Kasselman
  Rifaat Shekh-Yusef 
  Hannes Tschofenig

1.2. Agenda bash and announcements 

  No new items were added to the agenda. 

2. Technical Discussion: Identity Management 

  Rifaat Shekh-Yusef and Pamela Dingle joined the IAB to give a 
  presentation about Identity Management, joined by Pieter 
  Kasselman and Hannes Tschofenig.

  Identity is a fundamental part of the Internet, and a critical 
  part of any secure cloud-based solution, including the end-to-
  end security story. Everyone needs to have a basic understanding 
  of identity, but not everyone is expected to be an expert. 
  Identity is an ever-evolving field, that evolved in separation 
  at different areas at the IETF and other organizations. As a 
  result, there is no clear end-to-end identity view that spans 
  all identity layers. 

  Some groups who have done work in the identity space include 
  IETF, OpenID Foundation, FIDO Alliance, W3C, Cloud Native 
  Compute Foundation (CNCF), Internet Identity Workshop (IIW), and 
  Decentralized Identity Foundation (DIF). Some of these are 
  standards organizations and others are unconferences and other 
  types of groups. Some of this work was taken to the IETF 
  initially but moved to other places.

  The evolution of identity protocols has been through many phases 
  and many focus areas. The scope includes authentication, 
  authorization, provisioning, policies, identifiers, 
  attestations, tokens, federation, audit, compliance, incident 
  response, and monitoring. Most of these concepts are not purely 
  identity concepts, but with cross-cutting concerns that involve 
  other areas of the ecosystem. 

  In the multi-cloud era, any secure solution must have clear end-
  to-end identity mechanisms that span all identity layers. The 
  rise of zero-trust requires well-defined identity solutions that 
  enable the enforcement of the least-privilege principle. 
  Executive orders and various regulations around cybersecurity 
  are increasingly putting identity and privacy in the spotlight.
  Reduction of end-user friction to help with customer conversion, 
  while still providing a secure solution, is getting more 
  attention. Identity at cross-trust boundaries is a new emerging 
  focus area driven by multi-cloud/multi-hybrid environments. 

  The goals are to make identity accessible to all, lower the 
  barrier to entry to the identity space, make identity consumable 
  by other experts, establish a coherent identity strategy across 
  the IETF that provides an end-to-end identity view covering all 
  identity layers (user, device and workload), establish a formal 
  relationship between the IETF and other Identity organizations, 
  and engage other IETF WGs to make sure proposed solutions are 
  best in class. 

  Rifaat Shekh-Yusef and Pamela Dingle proposed that an IAB-
  sponsored workshop that brings together identity and non-
  identity experts, from inside and outside the IETF, to explore 
  and discuss these goals and provide recommendations to enable 
  the IETF to address the identified gaps and challenges would be 
  a helpful next step for identity management.

  Cullen Jennings thanked the guests for their presentation and 
  suggested that the IAB should discuss at a future meeting 
  whether it thinks a workshop proposal is the right next step; if 
  so, a small group will put together a more formal workshop 

3. IAB Response to the Call for input from the UN Office of the   
   High Commissioner for Human Rights 

  The IAB has been reviewing a draft of this response in advance 
  of the deadline on 3 March 2023. The text is approved pending 
  editorial changes and will be posted publicly when it is 

4. Next IAB Meeting

  The next IAB meeting will be on 2023-03-08 at 0700 PST.

5. Executive Session: ISOC Board of Trustees Appointment 

  An e-vote has been completed and Cindy Morgan will send the 
  candidate to the IESG for confirmation.