Skip to main content

Narrative Minutes interim-2021-iesg-17 2021-08-12 14:00

Meeting Narrative Minutes Internet Engineering Steering Group (iesg) IETF
Date and time 2021-08-12 14:00
Title Narrative Minutes interim-2021-iesg-17 2021-08-12 14:00
State (None)
Other versions plain text
Last updated 2024-02-23



Narrative minutes for the 2021-08-12 IESG Teleconference

These are not an official record of the meeting.

Narrative Scribe: Liz Flynn, Secretariat

1. Administrivia

1.1 Roll call



Jenny Bui (AMS) / IETF Secretariat

Michelle Cotton (ICANN) / IANA Liaison

Roman Danyliw (CERT/SEI) / Security Area

Martin Duke (F5 Networks Inc) / Transport Area

Liz Flynn (AMS) / IETF Secretariat, Narrative Scribe

Sandy Ginoza (AMS) / RFC Editor Liaison

Benjamin Kaduk (Akamai Technologies) / Security Area

Erik Kline (Google) / Internet Area

Murray Kucherawy (Facebook) / Applications and Real-Time Area

Mirja Kuehlewind (Ericsson) / IAB Chair

Warren Kumari (Google) / Operations and Management Area

Alvaro Retana (Futurewei Technologies) / Routing Area

John Scudder (Juniper) / Routing Area

Amy Vezza (AMS) / IETF Secretariat

Martin Vigoureux (Nokia) / Routing Area

Eric Vyncke (Cisco) / Internet Area



Ben Campbell (Independent Consultant) / IAB Liaison

Jay Daley / IETF Executive Director

Lars Eggert (NetApp) / IETF Chair, General Area

Cindy Morgan (AMS) / IETF Secretariat

Francesca Palombini (Ericsson) / Applications and Real-Time Area

Zaheduzzaman (Zahed) Sarker (Ericsson) / Transport Area

Robert Wilton (Cisco Systems) / Operations and Management Area



Toerless Eckert

Adrian Farrel

David Millman

Lee-Berkeley Shaw

Greg Wood

1.2 Bash the agenda

Amy: Does anyone want to add anything new to today’s agenda? Any other changes?

1.3 Approval of the minutes of past telechats

Amy: Does anyone have an objection to the minutes from the July 15 telechat
being approved? Hearing no objection, so it looks like those were approved. We
also had final narrative minutes; any objection to approving those? Hearing no
objection so it looks like those are approved as well. We will get those posted
in the public archive.

1.4 List of remaining action items from last telechat

     o Warren Kumari, Deborah Brungard, Stephen Farrell, and Jay Daley to

       investigate ways to recruit, recognize, and retain volunteers in the


Warren: At this point I think let’s just remove this from the to-do list. We
were doing something but I think EMO-DIR is taking it over.

Amy: Okay, we will drop that action item.

     o John Scudder, Martin Duke, and Robert Wilton to review the document

       shepherd templates and propose changes to include updated questions,

       cross-area checks, and an expanded section on the use of YANG models.

John: No updates on this.

     o Alvaro Retana and Martin Vigoureux to draft a note to wgchairs

       asking them to always confirm author/contributor status.

     o Alvaro Retana and Martin Vigoureux to draft text to include in the

       I-D submission tool warning about too many authors.

Alvaro: These two are pending; [we’re waiting on the previous item to be done

     o Eric Vyncke and Francesca Palombini to draft text for guidelines/

       best practices for directorate reviewers.

Amy: I know work has been done on this; is it done?

Eric V: No, we still need to complete it but we are on vacations now. It’s in
progress but not finished yet.

     o The IESG to report on the RFC 8989 experiment after the 2021 NomCom

       is seated (likely July 2021).

Amy: The 2021 NomCom is seated; any report on this? Is this still with Lars?

Alvaro: I thought I saw something on a list, or he showed some slides at the

Amy: Right, but I’m not sure if the action item is done. Let’s keep this here
for Lars and he can let us know.

     o Murray Kucherawy to update BCP 97 to provide guidance about handling

       normative references to non-SDO documents.

Murray: I don’t have anything to show yet but I’ve started working on text. In

     o Murray Kucherawy to find designated experts for RFC 9036

       [IANA #1199105]

Murray: I believe I have that; can you add a management item at the end to deal
with this?

Amy: Okay, sure.

     o Robert Wilton, Alvaro Retana, and Warren Kumari to report back to

       the IESG on the impact of COVID-19 to the IETF in July 2021.

Amy: This one is done; did you want to keep this and roll it over from July to

Warren: Let’s change the date.

     o Lars Eggert to update BCP 45.

Amy: We’ll keep this in progress for Lars.

     o Lars Eggert, John Scudder, Ben Kaduk, Mirja Kuehlewind, Murray

       Kucherawy and Warren Kumari to work on short-term improvements to

       "IETF Culture, Toxicity, Inclusion."

Mirja: I think we’re still waiting for Lars to schedule a meeting.

     o Eric Vyncke, Lars Eggert, and Rob Wilton to work on improvements to

       authoring and reviewing tools.

Eric V: It’s lingering, but it’s still a work in progress. Expect something
when I’m back from vacation.

     o Francesca Palombini to find designated experts for RFC 9039 [IANA


Amy: We’ll keep this here for Francesca.

     o Murray Kucherawy to send the proposed updates to the I-D checklist

       out for community review.

Murray: No update since the last telechat; now that I’m back I’ll send this to
wgchairs today or tomorrow.

     o Francesca Palombini to find designated experts for RFC 8984 [IANA


     o Francesca Palombini to find designated experts for RFC 9073 [IANA


     o Francesca Palombini to find designated experts for RFC 9074 [IANA


Amy: These are all for Francesca and she’ll pick those up when she’s back.

2. Protocol actions

2.1 WG submissions

2.1.1 New items

 o draft-ietf-6lo-plc-06  - IETF stream

   Transmission of IPv6 Packets over PLC Networks (Proposed Standard)

   Token: Erik Kline

Amy: I have a number of Discusses here; do we need to discuss any of those

Erik K: Perhaps, if people want to. The authors don’t seem to have replied to
any comments this week, so I don’t know if we should just wait for them to have
a chance to reply. I am trying to figure out what level of access folks had to
the various PLC specs during authorship and review. I assume the authors had
access. This is a persistent problem, though. I need to figure out some
repeatable approach.

Murray: My action item to deal with BCP 97 comes from the fact that we keep
running into this.

Erik K: Is that something with which I should help?

Murray: I don’t think it will help you at this point; I’m more being

Erik K: This group in particular does work at this interface boundary, between
the IETF and other people’s link layers.

Warren: One of the things I think we keep noticing with this particular problem
is that there are sets of people in the IETF who participate in multiple
standards groups and they are the ones who need to know and understand this.
For example, people who are going to implement this presumably already work
with PLCs and already have access to the PLC knowledge and data set. However,
other people don’t. So whenever we do update the guidance, I think we are going
to have to keep in mind that there are sets of people who participate in both
places. As long as the people who are going to implement it are likely to have
knowledge of the space or access to the document, that’s the important part.
And presumably the IESG for when they review the document. Murray, I'm happy to
help with the writing of the new guidance, but we might want to ask the
Secretariat to please add me [to the action item] because otherwise I will

Murray: I’m happy to have the help. It doesn't matter to me if you want to
actually get listed as someone who needs to get pinged about it or if I just
ping you about it.

Warren: That’s easier. Thanks everybody.

Amy: I’m happy to add you to that action item, Warren, if you like. Getting
back to the document, it sounds like it’s going to get a revision.

Erik K: With any luck, yes.

Amy: This will stay in IESG Evaluation, Revised ID Needed.

 o draft-ietf-rtgwg-policy-model-30  - IETF stream

   A YANG Data Model for Routing Policy (Proposed Standard)

   Token: Alvaro Retana

Amy: I have no Discusses in the tracker, so unless there’s an objection it
looks like this one is approved.

Alvaro: We’re going to need a revised ID on this one.

Amy: This will go into Approved, Announcement to be Sent, Revised ID Needed and
Alvaro, you can let us know when that’s ready.

 o draft-ietf-httpbis-cache-header-09  - IETF stream

   The Cache-Status HTTP Response Header Field (Proposed Standard)

   Token: Francesca Palombini

Amy: I have no Discusses in the tracker, so unless there’s an objection it
looks like this one is approved. Hearing no objection to approving this. We’re
going to put this in Approved, Announcement to be Sent, AD Followup, because
Francesca could not be with us today and we generally let the AD check
everything over before we send it.

Ben: Mark has been pretty good about making updates to the draft in Github, so
I expect there will be a revised ID, but AD Followup sounds correct.

 o draft-ietf-6man-ipv6-alt-mark-08  - IETF stream

   IPv6 Application of the Alternate Marking Method (Proposed Standard)

   Token: Erik Kline

Amy: I have mostly Discusses for this document. Do we need to discuss any or
all of these today?

Erik K: I suspect people have things they’ll want to say.

Murray: I’ll start. This is the first time I've looked at a document that has
IPR declarations on it but the shepherd writeup says explicitly that they were
never discussed by anyone. I placed a Discuss because I just want to ask all of
us, doesn't there have to be some kind of discussion at least for the WG to
concur that there are no problems with what the licensing and terms are? It’s a
positive statement that the WG ignored this, and that scares me.

Warren: From my understanding, the WG doesn't need to discuss or acknowledge
it, it simply needs to be informed that there is IPR. With that said, I think
it’s probably not a good thing if the WG says there’s an IPR declaration but we
don’t really care. So I don’t think it’s strictly a process violation, as long
as the WG was informed, which I think it is because that happens through the

Murray: If that's just my misunderstanding of this, I’ll clear now. I just
remember every time I've ever been part of a WG where there has been one of
these, there’s been discussion like do we care, should we look at something
different, etc. The way that this presented itself just scared me.

Warren: I suspect that maybe the fact the shepherd explicitly noted that was
their way of calling out that maybe it should have been discussed.

John: As far as I can tell it really depends on WG culture. I can point to some
WGs where it’s pretty common for there to be IPR that’s not discussed. I’m not
saying it’s a good thing, but it’s allowed under our process.

Murray: I did look it up in BCP 79 and I realize there’s nothing normative that
says you have to go back and deal with this, the whole thing just scared me.
I’ll back down.

Erik K: I haven’t attempted to read the actual IPR statements but my
understanding for this document is that basically the 6man document is defining
a header option. Whatever the magic loss and congestion stuff you do with it is
not really what this document is about, it’s referring to other documents that
define those techniques. This is a hop-by-hop definition mostly. But like I
said, I haven't read the IPR declarations.

Murray: I’ll pull [my Discuss] off. Thanks for indulging me.

Warren: I think a number of the Discuss things are actually around the whole
limited domain bit. My Discuss point was that it feels as though you’ve just
waved the limited domain flag and said nope, i’m opting out of any
consideration as to what might happen if somebody spoofs that. The author’s
response to my question was largely along the lines of ‘the document says you
can only insert this if you’re within the control domain, so problem solved,’
which to me feels like it’s completely missing the point. Either the author
hasn’t actually understood the concern or what I think is more likely is people
are viewing it that we said that you can only do this in a limited domain, so
people aren’t allowed to send them from outside the limited domain, and
therefore never will. I don’t know what we do about that.

Eric V: I have the opposite position there. For me it can work across different
domains without causing any harm. If someone is injecting packets, even in the
hop-by-hop, they will be killed quite quickly. Nobody will ever be harmed and
you may reach the same organization on the other side and save some data. For
me it could work across multiple domains.

Warren: Maybe. The document says ‘do not send this outside the control domain.’
It says bad things will happen if you do. You can’t do it both ways.

Erik: He did try to soften a section, during IETF last call I said this don’t
send it outside the domain thing is, as Mark Smith said, somewhat aspirational.
Someone might, either on purpose or by accident, so if you did want to use it
outside, that’s why he added the text about using an authentication header with
the destination option if you want to attempt to make any use of this.

Roman: But that threaded language is a bit tricky because I don't know how to
mix that you  must not send outside, but if you do or by accident, you should
also do the following. So you’re pretty much acknowledging that it’s not a
limited domain because you’re providing normative guidance if you break the
guidance of putting it outside. I don’t know how to combine those.

Eric V: The ambiguity is pretty strong there. I agree, it needs to be fixed.

Warren: It also says ‘the precondition for the application is that it MUST be
applied in a specific control domain, thus confining the potential attack
vectors within the controlled network domain.’ If this gets implemented, I
certainly don’t want people sending packets through my network causing my
routers to do all of this work. It becomes a really great DOS vector. People
will start sending these packets with this hop-by-hop option set on all traffic
and suddenly my router has to process all of that.

Erik K: They can already attempt to send all manner of things.

Warren: Sure, but most of the extension headers, if they’re hop-by-hop, I can
simply say I don’t like that and I’m going to ignore it.  It’s not implemented.

Erik K: Why can’t you ignore this also?

Warren: Because I manually need to now go in and go through all of my filters
and say if it’s this hop-by-hop option, you have to drop it. This is either
going to end in one of two cases: all networks drop all hop-by-hop options at
their edge, or operators are going to have to gotten through and list every new
protocol that has something like this and blacklist each hop-by-hop option one
by one.

Erik K: Or allow list the options they do wish to permit.

Warren: Sure. so what you’re doing is either causing operators to do a bunch of
work, and you’re going to end up with ossification. Certain sets of protocols
will work through some sets of networks because they've manually been
whitelisted or blacklisted, or people will just drop them all.  I suspect the
answer will be that people will just drop them all, and I don't think that's
what we want to be moving towards.

Erik K: I don't think you can get to a world where they're all allowed, so I
don't see how you get to any other world where you both have hop-by-hop options
and do not have people granting the equivalents of allowed ports.

Warren: Then what's going to happen is people will implement a list of allowed
ones, like number 17 and number 42, and you'll never be able to define a new
one ever again because they won't actually work across the internet. What
you've basically ended up with is if we deploy more things like this where it's
simply expected that the router will process the packet because it's got the
specific hop-by-hop option, it's never going to be deployable across the
internet. It's just going to end up with the three allowed hop-by-hop options
and ossification of stuff, in which case, why are we even bothering with

Erik K: To be clear, I don't think it actually could be expected to be used
across the internet.

Warren: This can't be. My point is that this creates it so that there will be
filters and only the specific allowed ones will happen and new ones won't be
able to work either.

Erik K: This argument applies to all of the hop-by-hop option work in 6man,
then, including the MTU option.

Warren: A fair bit of it. Stuff like this will make it so that other more
useful ones, like MTU, aren't likely to be deployable because it drives people
to simply have a whitelist of allowed. That's not going to be updated across
all operators all the time. Unless we start having ways that protocols make it
so that people can tell which hop-by-hop option should be allowed, or that the
hop-by-hop option is authenticated in some way, like for example it comes in
with a magic cookie, this basically is going to make it so hop-by-hop options
aren't going to be usable.

Erik K: I think the only way you could try to retain any of the usefulness
within a limited domain is to apply a filter at the edge.

Warren: Okay, so I apply a filter at the edge that says I allow this one and
this other one and a third one, and then when the IETF publishes five more RFCs
I'm never going to get around to updating them ever again.

Eric V: But there are two points. It's not only about allowing the transit of
the packet, it's passing it and processing it, that's more complex or even
easier, depending on how you want to look at it. There is no point for a
transit AS, right? You have a hop-by-hop, I'll completely ignore it, but I'll
forward it.

Erik K: My point about the filtering at the edge was that would be the only way
you could attempt to enforce that things don't leave your network and that
things don't enter your network that you aren't expecting.

Warren: Sure, but what you're saying is that either everybody has to manually
allow each new option one at a time, and you have to wait for all networks to
have done that, or you're saying that every time the IETF publishes a new
document, I have to go through and block stuff.

Erik K: I don't think that's what I'm saying.

Ben: I think Warren's point is that if we make the recommendation that your
limited domain should police the alt-mark hop-by-hop at the boundary of the
domain, people have a couple of different ways they might implement that, but
basically all them are going to involve some kind of fixed, static
configuration involving the particular hop-by-hop options. It might be an allow
list, it might be a deny list, but in either case it's going to be a new thing
with manual configuration.

Erik K: How is that different from the TCP ports?

Warren: TCP ports, if I'm a transit network, I can just ignore them. I just
take the packet in, it goes through my transit network, and it falls out the
other side. I don't care what's in it. If it's a hop-by-hop option, you're now
causing work throughout my network. The difference is that for TCP ports, the
router doesn't look at it, doesn't care, it just passes through. For this
you're causing work on all of the devices along the path.

Erik K: That's not the manually maintaining a list argument, then.

Warren: It is, because I don't want all of the packets to cause work on all of
my routers, I need to go through and apply filters at all of my edges.

Erik K: I see. So you're saying that there's no deployable hop-by-hop options
because either you have to deny them to not risk doing any work on them, or you
have to be sure you have a network that's configured so that you basically
never inspect a hop-by-hop option, or you have some kind of allow list

Warren: Yep. Or we need to come up with a way that a network device can figure
out if it should do work on the hop-by-hop option. For example, there is a
magic cookie attached to the hop-by-hop option, a 32-bit number or something
like that, and the router first makes sure that the hop-by-hop option includes
the right cookie, or something. There needs to be some incredibly cheap way for
the devices along the path to figure out if this hop-by-hop option should be
allowed within their network.

Eric V: The source address or the destination address for the return traffic,
is it one of mine?

Warren: That might work. Then I just need to make sure that I do source address
filtering on the edge so my own address doesn't come in through the edge, but
that's fairly standard. That's a reasonable thing.

John: Although that only enables a subset of use cases, which Warren's handwavy
solution would enable more. I don't expect you to come up with a real solution
live on the phone, but that particular solution wouldn't work.

Warren: That doesn't work for stuff like the MTU option, which I think might
have value, but I'm concerned that unless we figure out a way to solve this,
people aren't actually going to be willing to deploy the ones that actually
could have value.

Ben: Eric, in my reading at least was saying that having this as a hop-by-hop
option at all is maybe not necessary. We're only saying people are going to be
looking at it, and if it's a destination option people can look it at because
the bits are there and maybe 8200 says you're not supposed to look at it, but
you're looking at other parts of the packet to get the port number and whatnot
and if you're doing reporting on that, so is there a real strong case for
needing this to be hop-by-hop that you can't solve by putting the bits in
destination options and configuring the machines that need to look at it to
look at it?

Erik K: The issue is that the number space is the same for hop-by-hop and [DOs]
destination options.

Ben: Right, but this document doesn't have to say you should put it in

Erik K: For something that's going to leave your network, yes. For something
you want in your network, for taking a measurement across the routers in your
network, I think that's the behavior that's desired.

Eric V: The destination option is simply to put a bit somewhere, right? You
cannot put bits back into the ipv6 header. If there were empty space in the
header, it would be enough for this bit, but there's not enough space so they
need to put an extension header somewhere. Honestly, in the Cisco device, and I
guess the same for Juniper and Nokia, etc, right, but I only know the ones from
Cisco. We can go very deep in the extension header chain and do IPFIX for it.
We can put in the numbers of the options that we see. In hardware. So while the
hop-by-hop will always be printed to the CPU. the reason why I say I don't see
it deployed, sorry to talk about my employer,  but under the one i know, with
hop-by-hop, because they will not be everywhere, it's an option. It's doable,

Erik K: Did you mean to say, Ben, that we should enforce that this codepoint is
only used in the destination option and not the hop-by-hop option, even though
the codepoints are the same, or to make some statement about that as it
transits the boundary of an administrative domain?

Ben: It's not clear to me if that would help with Warren's concern. Mostly, the
point I was trying to make was that in terms of getting the bits into the
packet we have a lot of options. It feels like we're constraining where we put
the bits based on an essentially arbitrary policy or procedures that we think
are in some other RFC. If that policy is causing problems for us maybe we
should revisit that policy instead of blindly following it.

Erik K: I'll have to review the minutes and think about that. The author is
currently attempting to respond to comments quite actively. Should we keep that
discussion going, or is there some other sort of meta action we can take? It
sounds like Warren thinks that any hop-by-hop action that operators are not
going to like is irredeemable.

Warren: No, I think any hop-by-hop option that could cause the router to do
significant work, or something where it might possibly get punted off of the
fast path, which is many of them. Unless it's something that has global utility
to the network, which maybe an NTU option does, people are going to have to
make a decision as to whether they allow it or not. I think for a transit
network for example, people aren't going to see the utility this provides the
transit network provider, so they're going to want to block it. Once there are
more than 2 or 3 or 4 of those options, people are going to move from a
blacklist to a whitelist, and only allow the ones they think have sufficient
value, and that whitelist is going to get baked into the network and not
changed. So it's going to limit future use. I think this kind of comes down to
at some point a beauty contest of does the option solve a problem that the
transit network operator is going to think has value, or is actually required
to make the network function? I'm not sure 'I'd like to measure some amount of
performance along a path' really falls into that.

Erik K: I don't know if this is the same standard that all of the previous
destination options and hop-by-hop options was applied to those when they were
pursuing publication. But that's not to say it shouldn't be the standard.

John: To me that sounds like it's taking all of the sins of the underlying
architecture and saying alt-mark must solve this. Fairness is maybe not our
first goal here, doing the right thing is. But it would be nice to be fair
also, and it seems like ideally maybe it would allow alt-mark to proceed on the
basis that everything else proceeded and say at the same time, we'd really like
6man to come up with a better story about this in the future.

Erik K: They are working toward publication on relaxing the hop-by-hop behavior
requirements, the requirement to actually examine it, which is pretty already
universally implemented. You either ignore them or you drop them. No modern
network devices should be doing excessive work for hop-by-hop options at this
point. At least major networks. If we're going to allow the MTU option I don't
know that …… There are lots of options. Should I permit those? Filter them? I
guess I don't see how we get away from a world where you don't say this ignore,
this drop, this process. And also somehow have hop-by-hop options transiting
the internet.

Warren: I think that's the big concern, is that there is value in having
hop-by-hop options, probably. MTU to me seems like a useful one. What I want to
make sure is that we don't end up breaking the utility of actually useful ones
by simply piling in so many that none of them work at all because everyone
filters them all out. I do like John's thing, maybe we just let this one go and
then we're going to have to be more careful with these or we need a better
answer before we do any more. It doesn't feel reasonable to stop on this one.

Erik K: I'm sympathetic to the global utility augment. If we acknowledge that
things can inevitably leave one's administrative domain, you could attempt to
take the stance that hop-by-hop options are because of their theoretical impact
on arbitrary devices anywhere in the network that they pass, they should have
global utility. That's a perfectly good discussion to have.

Ben: I dropped a note in slack that if we prime the ecosystem by getting enough
generally global utility hop-by-hop options in there, that will prime
implementationists to do the right thing, and then maybe it makes more sense to
start letting in other hop-by-hop options as well.

Warren: Part of the thing is, who decides what counts as global utility?

Erik K: There are follow on questions, and that was one of them.

Eric V: Global utility for you is not global utility for me.

Warren: That's why I was saying beauty contest at some point. It kind of feels
like what would have been a good idea is if the number space was broken up into
what's allowed within a network, what's filtered at an edge boundary, and
something experimental or private use. That way at all of my edge devices I
could simply say drop anything that's not supposed to transit a limited domain.

Eric V: The first 2 or 3 bits of the options ID is about, if I don't know it I
can proceed, or if I don't know it I can drop. It's kind of there. But without
any importance or credibility or whatever.

Warren: John is right, this is the transit bit for EH.

Erik K: So what should we tell the author to do? Should this go back to the WG?
Is there a path forward if he just keeps addressing comments? It doesn't sound
like Warren's comments will be addressed. On the other hand, if it's massive
ipv6 architecture changes that need to happen…

Eric V: I would suggest, we can keep the hop-by-hop in the paper. I'm against
it but if you want to use it, you can do it yourself. There are a lot of
inconsistencies regarding the limited domains and that needs to be fixed. The
rest, if you do something that's useless, it's up to you.

Erik K: Assuming we craft satisfying domain boundary text, if they escape your
domain anyway, perhaps by accident or perhaps because someone is running an
internet-wide measurement just to see what happens, is there an objection that
should just not be allowed because that would then become possible?

Warren: 2 things. One of the issues is specifically what you said, which I
think is the way a bunch of people have been viewing it. If it escapes your
limited domain, it should blah blah. I think it should be if it enters your
limited domain, then blah blah. That's exactly what happened with the authors.
They said people who are running this will be being responsible and won't let
it leave their limited domain. But that's not the concern. The concern is if I
am not running this, how do I stop it entering? I would be okay with there
being something in the document acknowledging the fact that this potentially
isn't a good long term solution, but we're willing to let this one go through
because it's unfair to change the rules while this one is actually progressing.
As John or someone said, we've allowed a number of these already. Changing the
rules while people are in IESG eval feels impolite. So I would be okay saying I
don't like this, I think it's a bad idea.

Erik K: John's point was that fairness is not the first objective, doing the
right thing is the first order objective.

Warren: I would be okay saying we'll allow this, but let's not allow any more
until we've figured out the larger architectural solution.

Eric V: If you think about the hop-by-hop the train is too late, it left the
station 20 years ago.

Warren: Yes, but this document has got all the way through 6man, WG last call,
IETF last call, it now enters IESG eval and we saw this is the straw that
breaks the camel's back?

Erik K: From my perspective as a regular 6man participant this is not
necessarily so different than all the other hop-by-hop options that got worked
on. Maybe it is time to change the standards of review. I just want to
understand what to say and what to do with the document. One thing I will do is
sync with the 6man chairs and Eric, but beyond that and beyond the author's
attempt to clarify and refine the text, it's not clear where we go from here.

Warren: One of the concerns, as Mirja said, didn't we already have this
conversation in 6man? And if we allow this document, aren't there like 27
queued up behind it that are also going to be defining hop-by-hop options?

Erik K: This discussion? No, i don't recall having this discussion. From 6man's
perspective this is just another hop-by-hop option.

Eric V: I don't think we should throw the [baby out with the bathwater] here.
Hop-by-hop is quite useful in a couple of places. Whether you use it, is more
of an operational issue. If you receive 1000 packets [crosstalk] and your
router goes belly-up, that's your problem, that's not a 6man problem.

Erik K: We do have this problem with router alert. If we send MTU options
across the internet you're going to have to filter router alerts.

Warren: It sounds like what you said, although I'm assuming that's not what you
meant, is that the IETF should be able to define anything, and if it happens to
make people's routers explode, that's not my problem. I’m not saying we should
ban all hop-by-hop and make it so that we can never do another one, I’m simply
saying adding more and more of them is eventually going to end badly for us.

Erik K: I am sympathetic to that. That seems like a 6man document retrospective
on hop-by-hop options. I'll take that up with Bob, Ole, and Eric and we'll
figure out what to do.

Eric V: It's only about 8 bits, right, and 2 are burned by the action-to-take
[see]. So it's not
too many of them.

Erik K: Three are burned. There are only 5 bits, 32 options at the moment. And
8 of them are burned for experiments. If I have a meeting on what to do with
this document with the chairs, or this larger point about hop-by-hop options,
are there other folks who want to be part of it?


Eric V: I don't think it's really up to the IESG to decide this, it's more of a
WG decision.

Warren: To me it feels like it is a much larger concern. It's not just does
6man think it's okay to implement this, because it affects things like v6ops as

Eric V: Agreed.

Warren: And I think it affects anything else that tries to use v6 as well, like
SPRING. If there's not a lot of care taken here as to what gets defined,
everybody will start filtering all hop-by-hop options, and that to me feels
like a larger thing than just a 6man issue. That feels like a do we want
hop-by-hop to work across the internet? Maybe we don't. If you don't, then
continue down this path. If we do, then ...

Erik K: Maybe not filter them, but continue to not process them. That's what
they're doing now, right? If I send a hop-by-hop option across the internet, I
certainly hope it's ignored.

Warren: Have you seen Fernando Gont's stats on how well extension headers are
currently working?

Erik K: They're largely dropped, absolutely.

Warren: It's not that they're dropped by default, it's that people are dropping
them because of this kind of issue.

Erik K: I don't know how much more of this telechat needs to be devoted to this
topic; I don't want to starve other documents.

Martin D: I'd like to verify something about this. Most of the threads in my
Discuss can be resolved with a little bit of text. I wanted to skip to where
people thought about the relationship of this draft to these IPPM RFCs. They
have an informative reference. The people who have chimed in on this, are we
agreed that it should update those IPPM RFCs?

Alvaro: My concern is that they seem to be defining the method here, in other
words they're not just doing an extension header, they're doing the AMA thing

Martin D: They're bringing in stuff from those RFCs. IPPM has been consulted,
maybe not quite as much as I would have liked, but the key players do know
about it.

Alvaro: That's my concern because the IPPM docs are experimental. At the time
it said it wasn't scalable. If this is going to now result in the reference for
future things to use AMA, then we should review it a little bit more. IPPM
should review it a little more. If you say it's ok, I'm okay.

Martin D: I had a chat with the IPPM chairs and they didn't seem too worried
about it, so I think it's okay, but I think it should update those drafts.

Mirja: I saw it the other way around. This document is written by the same
authors and it was presented in IPPM a bunch of times. The procedure for ipv6
options is you go to 6man and if 6man is interested, then 6man specifies it in
their group; it was moved from IPPM to 6man at some point.

Martin D: The grammar of how you express this in ipv6 is definitely a 6man
thing. As you well know, Mirja, the way this normally works is there are
measurement techniques definitions in IPPM and then the specific protocol
grammar goes out to the different WGs. what happened here is because it was
experimental in IPPM, they couldn't just normatively reference that.

Mirja: Of course they can.

Martin D: Well, it's a proposed standard. I guess you could do a downref.

Ben: It's hard to see that the experimental documents are only informative
references. If you're going to implement this thing you basically need to know
what's going on with those other documents.

Martin D: So I guess there are a couple of options here. We can have it update
the IPPM RFCs. we can have it be a normative reference and eliminate some of
the text that's duplicative, to not have dueling references.

Mirja: When you say update the IPPM RFCs, what do you want it to update? A
status change of those documents?

Martin D: The update would say the parts of the IPPM RFCs that are replicated
in alt-mark would be upgraded to proposed standard. That's one possibility. The
second possibility you suggested, Mirja, which is that we remove the text
that's duplicative with the IPPM RFCs and have a normative downref to them. If
we did them in different statuses that's how we'd do them. I don't know what
the third option is, what they're doing now. The informative reference I think
we all agree is not the right answer.

Erik K: The other option would be to try to label this as experimental.

Ben: Can you register an IPv6 option with an experimental document? I forget
what the registration policy is.

Erik K: That's a good point. We've allocated stuff for experiments.

Martin D: Given the angst around this thing for other reasons, maybe that's the
right answer and it solves a bunch of problems. I don't know; I think we maybe
have achieved as much as we can achieve without more people in the room.

Erik K: Martin, to your understanding, does anything in this document alter

Martin D: I haven't done a review so I'm not equipped to say definitively, but
my impression is that there's no gigantic change to what's in those IPPM docs.

Alvaro: So they're basically upgrading them to proposed standard through the
back door?

Mrija: I'm actually surprised that the IPPM document is experimental rather
than informational; it doesn't define an experimental protocol.

Alvaro: The reason I'm interested in all of this is that I have another
document that references the IPPM documents, normatively. I pushed it back
because from what I could see, IPPM thought it was an experiment, so I told the
authors to get IPPM to say it's good. Instead, they wrote this draft,
standardizing AMA here. My other document is going to then point to this one.

Mirja: That also seems wrong. It is possible to do a status change. If the IPPM
working group agrees it should not be experimental but it should be something
else, it can be done.

Erik K: So it sounds like there's other work that would be benefited by such
discussion with IPPM?

Alvaro: I think so, yes. Otherwise we're going to end up pointing to this draft
that wasn't really reviewed for that part of the text.

Mirja: For me the two reasonable options are either all the documents should be
experimental because this is an experiment, or if there's already enough
experience then the IPPM document should change status to something else.

Erik K: And that should be done through some kind of IPPM-originated action, I

Mirja: There needs to be WG consensus but it is initiated by the AD.

Erik  K:  Do IPPM folks have a preference for that? I'm willing to follow
whatever guidance. There are obviously several other things with this document
that need to be dealt with before we get to this discussion, but it does seem
like there's a related point for other work.

Martin: I read this document two days ago and quickly pinged the [IPPM] chairs
to make sure they've heard about this, so it's not a complete end run, but I
should probably circulate this to the whole WG and see what comes of it. I
think the first order question is what does IPPM think of the maturity of these
techniques, and if they're comfortable, maybe the right thing to do is to
elevate to standard and then we can worry about the document and whether we do
a status change on the IPPM stuff. Is it mature enough to be a standard? If
not, I think the right thing to do is for alt-mark to go down to experimental.
If the techniques at the heart of this are experimental then it needs to be

Erik K: That makes sense to me.

Mirja: I agree. At some point we lost sync here, because this document was
presented in IPPM several times, so the right thing would have been to have a
joint WG last call.

Martin D: It's a lot of the same people in the two groups, so there are a lot
of people who knew this was happening. IPPM is a weird group too, with several
silos of interest. Anyway, maybe we should move on. I'll take an action item to
take this to IPPM and see what the status of this work should be.

Erik K: However that issue resolves itself, this document should wait to see
what that resolution is and take steps accordingly, after all of the other
issues have been addressed.

Amy: So for this document, it's going to remain in IESG Evaluation. Does this
need a Revised ID, or should it go back to the WG?

Erik: Definitely the former. I think I want to talk to the chairs and Eric. It
might go back to the WG.

Amy: For now we'll put it in Revised ID and we can take it from there.

2.1.2 Returning items

 o draft-ietf-dots-signal-call-home-14  - IETF stream

   Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal

   Channel Call Home (Proposed Standard)

   Token: Benjamin Kaduk

Amy: I have no Discusses in the tracker but this needs one more position to be

Warren: I'll ballot No Objection. I read the abstract and the writeup. I have
no objections.

Amy: Okay, so with Warren's no objection, it looks like this is approved.

Ben: Thank you, Warren.

Amy: Are there any notes needed or is this all set to go?

Ben: Leave it in AD Followup; I'm not confident I saw all of the traffic about

Amy: Okay, this is Approved, Announcement to be Sent, AD Followup.

2.2 Individual submissions

2.2.1 New items


2.2.2 Returning items


2.3 Status changes

2.3.1 New items


2.3.2 Returning items


3. Document actions

3.1 WG submissions

3.1.1 New items


3.1.2 Returning items


3.2 Individual submissions via AD

3.2.1 New items


3.2.2 Returning items


3.3 Status changes

3.3.1 New items


3.3.2 Returning items


3.4 IRTF and Independent Submission stream documents

3.4.1 New items

 o conflict-review-smyshlyaev-tls12-gost-suites-00

   IETF conflict review for draft-smyshlyaev-tls12-gost-suites


     GOST Cipher Suites for Transport Layer Security (TLS) Protocol

   Version 1.2 (ISE: Informational)

   Token: Benjamin Kaduk

Amy: There are no Discusses, so unless there's an objection this can go back to
the ISE.

Ben: Interestingly enough, I have a message from the ISE from this morning and
he’s wondering what the best way to proceed is, if we should actually send him
this conflict review and then they'd update the document and then we'd do
another conflict review, or if we should just abandon this one and bring it
back later, or should we send this one and then they'll change the document, I
can look at it and we can proceed with only my review. I don't know if anyone
else has thoughts.

Alvaro: It seems to me that if you’re saying don’t publish, it would be good to
see it come back here.

Ben: So you think we should abandon this conflict review and have it come back

Alvaro: That makes sense to me.

Ben: That sounds reasonable to me. Hearing nobody else speaking up, I will
email Adrian.

Warren: Sorry, I missed a bunch of that. What happens to the document after
this? If it violates our procedures for TLS cipher suites, are we saying you
can't do that? Or are we saying we'll talk about it in the IETF and then agree
it violates this and then we still won't allow it? What’s the long term?

Ben: I think the ISE at least has agreed in principle to changing the way the
document describes what it thinks should happen so there’s not a conflict with
IETF rules. I think everyone agrees we can change the text in the document to a
form that will not be problematic.

Warren: Will the document still be useful or is it just weasel wording out of
the problem?

Ben: Yeah, I think it will still be useful.

Warren: Okay. Does the ISE know what needs to change?

Ben: I think so. This is TLS ciphers using the Russian crypto algorithms, and
we had an RFC a year ago that was TLS ciphers using the Chinese crypto
algorithms. We basically had the same conflict review discussion, so that's
basically a template for how this works.

Warren: The ISE is here, can we check if he wants to say something?

Adrian: Not really. Ben represented exactly the situation. I believe I know
what flavor the document needs to be acceptable and not violate procedures, and
I just wanted to know how the IESG would like to verify that the authors get it
right. I believe I've heard from you how to do that.

Ben: Thank you.

Amy: Okay, so it sounds like the ISE is going to withdraw this document and it
will come back once some work has been done. With that, we can move on.

3.4.2 Returning items


3.4.3 For action

 o conflict-review-irtf-icnrg-nrs-requirements-00

   IETF conflict review for draft-irtf-icnrg-nrs-requirements


     Design Considerations for Name Resolution Service in ICN (IRTF:


   Token: Lars Eggert

Amy: This is here to find someone to do the RFC 5742 review. Do we have any

Erik K: Do we have any idea which direction this should go? I have another
ICNRG review I owe.

Martin D: It’s a name resolution service, so it seems kind of DNS-ish.

Mirja: There are actually two documents which belong together. It’s this one
and another one with NRS in the name.

Murray: I'm looking at the charter for ICNRG and there are words like naming
schemes, scalable routing schemes, congestion control, caching
strategies...this sounds kind of low level.

Warren: Many of those words sounded internetty or security. I can do this
particular document probably, but maybe the others are somewhere else and they
should go together.

Roman: We can dutifully review your conflict review text, Warren.

Amy: Thanks for taking this on, Warren.

4. Working Group actions

4.1 WG creation

4.1.1 Proposed for IETF review

 o MAC Address Device Identification for Network and Application Services

Amy: I have no blocking comments, so this can go for external review if there
are no objections.

Eric V: I simply want to thank Alvaro, Ben, Mirja and Roman for their comments.
I think they do make sense because when you read and read and read the charter
things become a blur and a fresh pair of eyes is always important. I will need
to work with the current chairs of the BOF and update the charter to better fit
the comments from my fellow ADs. it won’t be done before the end of August.

Amy: I’m hearing that the external review is approved pending edits for the
charter, and you’ll get those to us at the end of August. Is that right?

Eric V: Correct. And thanks again for the review.

Amy: Okay, when you're ready, let us know and we can send that for external

4.1.2 Proposed for approval


4.2 WG rechartering

4.2.1 Under evaluation for IETF review

 o Application-Layer Traffic Optimization (alto)

Amy: I have no blocking comments for this, so is this ready for external review?

Martin D: I am going to rewrite it a little based on some comments I got. I
will say this charter is a little unusual and calling out some things that are
kind of standard issue more than you might otherwise, and that’s to emphasize
the importance of establishing that this is under broad use before moving on to
further extensions of the work. I’m going to slim this charter down a bit
because there's some unnecessary text, and the comments that are in there are
good. Whatever we call Revised ID Needed for these is what it should be.

Amy: It sounds like external review still has to happen once you get your edits
done, right?

Martin D: Yes.

Amy: So this will be external review approved pending edits to the charter, and
you can let us know when it's ready.

4.2.2 Proposed for approval


5. IAB news we can use

Martin V: Just a quick note. The IAB had an interesting discussion yesterday on
liaisons and the possible need for introducing an explicit approval step in the
process. It’s not decided but it's an interesting discussion, we’ll see where
it leads and I’ll keep you updated.

Warren: As a quick follow on from that, and thank you for that summary, how
many people knew that WG chairs can just send a liaison without any other

John: Knew it before Loa sent his last one, or before? I didn't know it before.

Ben: We talked about it a couple of weeks ago, but not before then.

Warren: I was surprised by that. Anyway, thank you.

Mirja: There are cases where it makes sense, if a liaison is sent straight to a
WG and the answer is straightforward and simple, the WG just sends something
back. My personal view is that we should always have an approval step, no
matter who sends it, so we just have a second person looking at it. I think
that's good because liaisons are important and it can go badly wrong.

John: The recent one from MPLS demonstrates that what to one person is simple
and doesn't need review to a different reviewer isn't so simple. I agree.

Mirja: There's a lot of trust in people not to do anything wrong, but as long
as we do activities within the Datatracker we're fine, but I think we should be
more careful when we send things outside the IETF. As Martin said, discussion
is ongoing.

6. Management issues

6.1 [IANA #1200145] Management Item: Acceptance of media type registration from
standards organization Gedcom (IANA)

Michelle: This is one that we had on the agenda before and Murray took the
lead, so now it's coming back. How do you want to deal with this one?

Murray: I’m just digging up the thread again. I emailed the IESG about this too
so people have seen it. I don’t understand why we would approve this. Virtually
none of the things we would expect to see being properties of an SDO are
present. This is one person's website. There’s no evidence Gedcom acts like a
standards organization and it sounds like a bunch of people who collected on
one document and haven't met since then, there are no policies….I don’t know if
we have a basic definition for an SDO, but any definition I invented in my
head, this did not meet it. I suggest we don’t approve this. We could approve
or the media type reviewers could approve what they’re trying to register, but
unless there’s a precedent of us being that generous, I don't see it here.

Michelle: So we would send the media type template to the reviewers and get
their thoughts, and then if they think that it should be approved in the
standards tree, that would come back to the IESG for the media type approval

Murray: I think that's right. The thing I'm hoping they'll look at is if the
reference definition for their media type they're trying to register is good
enough and someplace we consider to be stable?

Michelle: And they may come back saying that this would have to be a vendor
tree or a personal tree or something else.

Murray: Right, or they need to make a draft and get someone to sponsor it, or
something like that. That's just my opinion.

John: Three of us have said that sounds good in the chat.

Roman: What you just proposed sounds right.

Amy: Michelle, what do you need from us?

Michelle: If you could just respond back to us for the management item saying
that the request to add Gedcom to the list of standards orgs is not approved,
denied, whatever wording you'd like. Do you want me to put some text in the

Murray: Do you want me to write something?

Michelle: I'd like to see something that says the request to add Gedcom is
denied but we can still follow the normal processes in RFC 6838 which we know
what to do for that. I think that's about it.

Amy: Okay; we'll respond to the ticket on this.

Michelle: We'll get the advice of the media type experts and the IESG may or
may not see this in the future come to them, we'll see.

6.2 [IANA #1203389] renewing early allocations for draft-ietf-cose-x509 (IANA)

Ben: If I remember correctly this draft is Approved, Announcement to be Sent,
but there was one late breaking issue that we had to address and it sort of
stalled. A lot of the blame for it being stalled is on me. This document is
basically done and we should renew the early allocations because it will be
actually done really soon now.

Amy: Any objection to that? Great, sounds like this early allocation renewal is
approved and we will send the official note to IANA.

6.3 [IANA #1205430] Designated experts for RFC 8984 (IANA)

Amy: This is assigned to Francesca.

6.4 [IANA #1206462] Designated experts for RFC 9073 (IANA)

Amy: This is assigned to Francesca.

6.5 [IANA #1206466] Designated experts for RFC 9074 (IANA)

Amy: This is assigned to Francesca.

6.6 Important Dates for IETF 112 (Secretariat)

Amy: This you actually have to make a decision on today. Liz, did you want to
speak to this?

Liz: There have only been a couple of emails but it seemed like there was
general support for keeping both dates, the preliminary date and then the final
cutoff date for BOF approvals. Are we okay to go ahead and publish these dates
as-is? Does anyone have any more thoughts?

Ben: That seems like the continuity option. Some people expressed some level of
sentiment that going back to a single deadline would be preferred but we don't
have solid agreement on that.

Mirja: When we do the two deadline model, is the first deadline a soft deadline
and the second one is a hard deadline?

Warren: I'd think it should be a hard deadline, but as with pretty much all of
our hard deadlines, we can always fudge it if needed. If we tell people it's a
soft deadline, nobody will follow it. I think we just say there are hard
deadlines and we have an exception process.

Mirja: My proposal last time was to call the first one a registration deadline,
where you only need the BOF name and person responsible, and have the second
deadline be the deadline where you need to fill in all the information.

Martin D: The point of having two deadlines is we have the joint call and
figure out all the problems with it and give people however many weeks to fix
it, and then approve it at the second deadline. If you wait til the second
deadline then you don't have time to fix stuff, so if it's not perfect you're
going to get booted. Just making people type out the name isn't really going to
get what we need. Last time we had the one late submission and we didn't have a
meeting scheduled so we had to throw together the meeting. I'd like to try that
model at least once, where we have two joint meetings about the proposals. We
can cancel the second one if everyone comes in at the first deadline and we
approve or reject them all. That's what the two deadline thing was supposed to
accomplish and we haven't really tried that.

Mirja: What you're proposing is a hard deadline to get in your BOF request and
the second deadline is to do any additional edits?

Martin: The original intent was that you can have a second deadline submission
but if there's any problems we'll say you should have made the first deadline.
That was the original intent as I remember it. The only pushback to what you're
proposing is how early that is. The deadlines are September 10 and 24.

Warren: I'd assume that if people think they want to have a BOF they can put in
more words than just a title and then we can discuss it and refine it by the
second one.

Martin D: If people think it would not be too early to have something in by
September 10, then I don't have a strong objection to that.

Mirja: I think it can be challenging but we can try it. We can see if people
complain. We can make it appear like a hard deadline. The risk is people see
the deadline and don't submit at all.

Warren: Based upon what we know of most participants, if it's 2 days after the
deadline and they have a great idea, they're likely to send email anyway.

Martin D: I think that's fine.

Amy: So do you want to keep the preliminary BOF proposals on September 10? Do
you want to keep those words?

Mirja: I think the 10th of September should have the text we have for the hard
deadline, the cut-off, and then the other deadline should say something else.

Martin D: Maybe deadline for preliminary and revised proposals?

Mirja: I'm not sure I'd even use the word preliminary.

Amy: So the cutoff date for BOF proposals will be September 10, and then the
cutoff date for revised Bof proposals will be September 24?

Alvaro: Are we going to try and have IESG/IAB calls after both deadlines?

Martin D: I think we put them on the calendar and if everything looks good at
the first one we can cancel the second call.

Alvaro: That works for me.

Liz: Okay, great. So we'll keep both dates but change the words, look at
scheduling two joint calls, and Robert has the session request tool ready to go
so we can open session requests today. Thanks everyone.

6.7 [IANA #1203393] renewing early allocation for draft-ietf-6man-mtu-option

Erik K: This is for a document that's in WG Last Call. They were conducting
some internet measurements to see if the option could be used across the
internet. I'd like to re-up this assignment.

Amy: Any objection to renewing this early allocation? Hearing no objection, so
this is approved and we'll send that note to IANA.

6.8 [IANA #1199105] Designated experts for RFC 9036

Amy: We added this at the top of the call for Murray. Do you have a name for us?

Murray: Yes, Henning Schulzrinne has offered to sit in that position. If IANA
would like two people, I don't have a second, but I can keep looking.

Michelle: One is better than none, so we'll take it!

Amy: Any objection to approving Henning Schulzrinne as the designated expert
here? Hearing none, so he is approved and we'll get the official note sent to

7. Any Other Business (WG News, New Proposals, etc.)

Murray: The charter for MEDIAMAN is sitting in a basically approved state until
I identify chairs. I have one but not two, Harald Alvestrand, who was involved
in some of the earliest media types work. Is anyone going to be upset if I
start the work with one chair and continue looking for a second?  I don't hear
anything, so that sounds like a plan.

Roman: I have one thing as your friendly Nomcom liaison. First of all, thank
you for the AD writeups for the qualifications. One of the things that's come
up I can use your help on is that very often ADs are pairs; you need a
collection of skills across two people. The Nomcom would be interested to know
what skill gaps should they focus on of the larger bucket of all skills
required, given the outgoing ADs? I'll send around a google document with all
of the AD descriptions and I'll ask you to highlight which ones we want to make
sure the Nomcom focuses on, as a suggestion to them.

Eric V: In INT we basically change the description every year.

Roman: Thank you. I don't think that's a consistent practice but that's very

Eric V: I have one thing, you may have seen that Barbara Stark is retiring and
she will leave the chair position for DNSSD and HOMENET. I found Chris Box from
BT in the UK who will replace Barbara as chair for DNSSD. AFter IETF 112
Barbara will resign. Still looking for one for HOMENET, so if you have
suggestions, I'm all ears.