[{"author": "cabo", "text": "I have started<br/>", "time": "2022-03-24T12:03:32Z"}, {"author": "cabo", "text": "Could use help<br/>", "time": "2022-03-24T12:03:37Z"}, {"author": "Meetecho", "text": "Is someone touching the mic line camera? We see it moving<br/>", "time": "2022-03-24T12:05:55Z"}, {"author": "Theresa Enghardt", "text": "No, nobody is there<br/>", "time": "2022-03-24T12:06:09Z"}, {"author": "Meetecho", "text": "Thanks Theresa! We'll come check what's wrong later then<br/>", "time": "2022-03-24T12:06:24Z"}, {"author": "cabo", "text": "I can't take notes alone \u2014 any both want to join in at <a href=\"https://notes.ietf.org/notes-ietf-113-panrg?edit\" rel=\"nofollow\">https://notes.ietf.org/notes-ietf-113-panrg?edit</a><br/>", "time": "2022-03-24T12:11:36Z"}, {"author": "cabo", "text": "anybody<br/>", "time": "2022-03-24T12:12:03Z"}, {"author": "cabo", "text": "Thanks<br/>", "time": "2022-03-24T12:12:54Z"}, {"author": "Brian Trammell", "text": "will jump in<br/>", "time": "2022-03-24T12:14:37Z"}, {"author": "Mohamed Boucadair", "text": "Already reviewed the doc several times<br/>", "time": "2022-03-24T12:17:04Z"}, {"author": "Mohamed Boucadair", "text": "I think it is ready for WGLC<br/>", "time": "2022-03-24T12:17:12Z"}, {"author": "Theresa Enghardt", "text": "Thanks Med, and thank you for your great comments!<br/>", "time": "2022-03-24T12:17:44Z"}, {"author": "Theresa Enghardt", "text": "I will abstain :)<br/>", "time": "2022-03-24T12:17:50Z"}, {"author": "Mohamed Boucadair", "text": ";-)<br/>", "time": "2022-03-24T12:18:07Z"}, {"author": "Mohamed Boucadair", "text": "I'm not sure to get the comment<br/>", "time": "2022-03-24T12:20:09Z"}, {"author": "Mohamed Boucadair", "text": "This is a generic abstract of a specific network permiter<br/>", "time": "2022-03-24T12:20:35Z"}, {"author": "Mohamed Boucadair", "text": "an area can be an example of a domain for IGPs<br/>", "time": "2022-03-24T12:20:50Z"}, {"author": "Mohamed Boucadair", "text": "Is this another way to do LOOPS?<br/>", "time": "2022-03-24T12:27:57Z"}, {"author": "Stuart Card", "text": "+1 to this sidecar idea<br/>", "time": "2022-03-24T12:37:21Z"}, {"author": "cabo", "text": "This is *Interesting* stuff.<br/>", "time": "2022-03-24T12:37:25Z"}, {"author": "Stuart Card", "text": "I am a long time PEP user/developer.<br/>", "time": "2022-03-24T12:37:35Z"}, {"author": "cabo", "text": "(And I'm already thinking how to put LOOPs in here :-)<br/>", "time": "2022-03-24T12:37:38Z"}, {"author": "Mohamed Boucadair", "text": "it is akready some sort if LOOPS, Cartsne ;-)<br/>", "time": "2022-03-24T12:38:01Z"}, {"author": "Stuart Card", "text": "ESP is essential but precludes what I have always done.<br/>", "time": "2022-03-24T12:38:30Z"}, {"author": "Brian Trammell", "text": "it's like LOOPS + PLUS<br/>", "time": "2022-03-24T12:38:30Z"}, {"author": "Mohamed Boucadair", "text": "It isn't PLUS as the initial signal not touched. No?<br/>", "time": "2022-03-24T12:39:23Z"}, {"author": "Mohamed Boucadair", "text": "this is more OOB<br/>", "time": "2022-03-24T12:39:39Z"}, {"author": "Mohamed Boucadair", "text": "Anyway, this is interesting and it is worth zooming into more details<br/>", "time": "2022-03-24T12:40:48Z"}, {"author": "Jake Holland", "text": "seems like it to me.&nbsp;&nbsp;there is some new information leakage, but I think it's only stuff the threat model assumes attackers have full knowledge of anyway.<br/>", "time": "2022-03-24T12:42:36Z"}, {"author": "Brian Trammell", "text": "yep<br/>", "time": "2022-03-24T12:42:59Z"}, {"author": "Jake Holland", "text": "yes, +1 to interesting.&nbsp;&nbsp;i'm a little concerned about viability, but interesting for sure.<br/>", "time": "2022-03-24T12:43:02Z"}, {"author": "Michael Welzl", "text": "@cabo, Mohamed - when Keith and I first described this to each other in emails, we did indeed have LOOPS as a use case!&nbsp;&nbsp;:-D&nbsp;&nbsp; but I dropped it later because LOOPS had a \"don't touch\" model, where the app isn't involved... would it be better to involve the app?<br/>", "time": "2022-03-24T12:43:51Z"}, {"author": "Jake Holland", "text": "in particular, connecting to the sender from the proxy to make an oob connection to the source without a domain name for authentication is a little tricky i think.<br/>", "time": "2022-03-24T12:44:33Z"}, {"author": "cabo", "text": "It would no longer be exactly LOOPS, but it is a good way to address the problem more long-term<br/>", "time": "2022-03-24T12:44:56Z"}, {"author": "Jake Holland", "text": "but there might be an answer<br/>", "time": "2022-03-24T12:44:57Z"}, {"author": "Brian Trammell", "text": "PLUS was trying very very hard to be in-band, to keep the control surface as close as possible to TCP. in doing so it made something like this harder to do.<br/>", "time": "2022-03-24T12:45:45Z"}, {"author": "Jake Holland", "text": "there's also a similarly tricky but completely different problem for the receiver to talk to the proxy.&nbsp;&nbsp;also craziness like multiple proxies, but maybe we just ignore that.<br/>", "time": "2022-03-24T12:45:56Z"}, {"author": "Michael Welzl", "text": "That's the thing, there are quite many things to solve here...&nbsp;&nbsp;but I haven't yet run into any aspect of this that seems like a blocking (unsolvable) problem<br/>", "time": "2022-03-24T12:46:23Z"}, {"author": "Brian Trammell", "text": "would be nice to know how many of the deployed paths with PEPs have more than one proxy<br/>", "time": "2022-03-24T12:46:24Z"}, {"author": "Jake Holland", "text": "(meaning multiple different proxy hops in the same path, not multipath with proxies on each)<br/>", "time": "2022-03-24T12:46:29Z"}, {"author": "cabo", "text": "Sat proxy + WiFi proxy?<br/>", "time": "2022-03-24T12:47:03Z"}, {"author": "cabo", "text": "(Of course, I'm thinking about in-train applications as well.)<br/>", "time": "2022-03-24T12:47:39Z"}, {"author": "Richard Scheffenegger", "text": "wouldn't a subsequent PEP talk best to a prior PEP?<br/>", "time": "2022-03-24T12:48:14Z"}, {"author": "Richard Scheffenegger", "text": "instead of the source<br/>", "time": "2022-03-24T12:48:39Z"}, {"author": "Jake Holland", "text": "probably, but that's one of the tricky parts.&nbsp;&nbsp;does the downstream pep change the source ip?&nbsp;&nbsp;does that even work with multipath?<br/>", "time": "2022-03-24T12:48:52Z"}, {"author": "cabo", "text": "Yes \u2014 what would be the source address of SC-onward communication<br/>", "time": "2022-03-24T12:49:03Z"}, {"author": "Jake Holland", "text": "it's a lot less out-of-band, that's for sure.<br/>", "time": "2022-03-24T12:49:36Z"}, {"author": "Michael Welzl", "text": "I think we should keep multiple ACKing PEPs on a path out of this ... maybe forever&nbsp;&nbsp;:)&nbsp;&nbsp; it makes things infinitely more complex, e.g. when considering a multipath transport, or even path changes in a single path transport....<br/>", "time": "2022-03-24T12:49:47Z"}, {"author": "Richard Scheffenegger", "text": "well, as long it is mostly advisory, and the core protocol can safely ignore the SC&nbsp;&nbsp;(doing away any perf improvements but also not importing safety concerns)<br/>", "time": "2022-03-24T12:49:56Z"}, {"author": "Richard Scheffenegger", "text": "I guess the problem space can be cut to manageable chunks<br/>", "time": "2022-03-24T12:50:15Z"}, {"author": "cabo", "text": "That's the point for me!<br/>", "time": "2022-03-24T12:50:18Z"}, {"author": "Mohamed Boucadair", "text": "Exactly<br/>", "time": "2022-03-24T12:50:33Z"}, {"author": "Anna Brunstrom", "text": "Interesting talks, thanks!<br/>", "time": "2022-03-24T12:58:39Z"}]