API Privacy : yes cache control HMAC key : do we need this if we don't have icmp? The icmp... Arch might define its existence but not the mechanics.. Defer. Server auth: rsleevi says no must on OCSP, but maybe whitelist get on OCSP. Should is ok. If this fails, the API does not work and we get the existing behavior Talk about ux. Tommy suggests that this is a platform choice Media type bike shed: use one, editor choice Urls: Pierre says .wk opens the possibility of probing. Darshak says point to html OR API. PvD isn't a problem, just 7710. 7710 Warren is okay How does this relate to pvd? No option means no portal. 802.11u has a signal already. Kyle says this is generic. Tommy; the signals we have don't say that there is no block. Can we add pvd to this doc as well. Chairs will follow up. No conclusion on meaning of the url. Take to list. Arch Security is ok Identity - need to agree on type of id Enforcement device split considered.Kyle to take that to the list. Pierre: ue Id doesn't need to be known to the device Nick :we should be careful about the identifier and how hard it can be. Maybe describe how it might be insulated. Pierre: don't specify a specific type of id Advise against including pii in URIs maybe. Pvd cannot give the state. Pvd can't do per user, dynamic, or private ICMP Tero & Margaret :don't tweak destunreach. Do we need a new signal? Tommy can live without a signal. We should be careful not to DoS the API. Margaret : maybe we can use destunreach to trigger a check of the API. Lorenzo : anything spoofable cannot be more than a hint. Unsolicited messages are hard to secure. I want to know in advance. Warren : maybe a talk to me thing. Margaret : maybe icmp, maybe not destunreach Lorenzo to produce some requirements Chairs will confer, but tentative plan is to capture requirements and await someone making a proposal Darshak gave an overview of other network standardization in the area of network authentication Not in scope Parallel but not congruent Can you help us authenticate the RA? Like a security upgrade for the network, which would need 802 collaboration