IETF113 ANIMA WG Meeting Notes

**IETF113 is the first ever hybrid IETF. Please familiarize yourself
with the new&changed procedures for participating in-person or remote:**

Master on

Friday, March 25th,Afternoon session I, 12:30 UTC+01 - 14:30 UTC+1

Note taker: Hendrick Brockhaus + collaborative

00 Chair-Slides

Time: 10 minutes
Presenter: Toerless Eckert

Notes about status of documents, asa-guidelines is in AUTH48 for 45 days

(and not, 48 days yet... which was a joke)

Voucher delegation - low priority vs. the other working group drafts

Toerless motivates participants providing reviews and becoming shepherd
of a draft
All ANIMA documants should have a github entry

01 Status update Constrained Voucher and Hackathon

Presenter: Michael Richardson
Time: 10 minutes
(was -14 at IETF112)

Michael presented the changes since IETF 112

Interop tests are ongoing. Further people are welcome to join. Setting
up the IETF Hackathon VPN (MicroTik) boxes to use for link-local/L2
discovery protocol tests.
An early registration of 'TBD3' would be appreciated.
Michael askes for WGLC or further reviews

(Esko) agrees with WGLC even though some minor updates, for the
examples, from the hackathon will pop up
(Jiang) asked for a document shepherd

02 Status update on JWS voucher

Presenter: Thomas Werner
Time: 5 minutes
(was -01 at IETF112)

Thomas presented the change to JWS JSON serialization
Next steps are aliging with the BRSKI Design Team and post results to
the email list

~12:58 03 Status update on BRSKI-PRM

Presenter(s): Steffen Fries
Time: 10 minutes
(was -00 at IETF112)

Steffen provided an update on BRSKI-PRM (PRM = pledge in responder mode)
and presented the changes since IETF 112 based on the github issues and
the change history
The updated draft offers multiple signatures on the voucher response by
the registrar to provide proof-of-posession.

There are no open issues right now. Security recommendations need to be
Steffen askes for reviews.

Reviews wanted!

~13:08 04 Status update on BRSKI-AE

Presenter(s): David von Oheimb
Time: 10 minutes
(was -04 at IETF112)

David presented the current status of BRSKI-AE (surrently AE =
Asynchronous Enrollment).
Since the document was splitted last year, he proposes to rename to
BRSKI-AE (AE = Alternative Enrollment) to better reflect the scope of
the draft.
The draft offers chosing enrollment protocolls using self-contained
signed objects to also support further use cases as described in the
Appendix of the draft.

(Toerless) asks to also have the message flow in the draft as the
information is very helpfull
Mcr: unfortunately only in greyscale
Toerless: authors pls. ping us when its time.

David requested the change of the file name.
(Toerless) please submit the next version using the new file name and
the WG chairs will approve it - submit with link to old file name, so
data-tracker will correctly link it!

As next step, the Section on using the Lightweight CMP Profile will need
to be detailed a little further. It also needs to be decided if EST with
/fullcmc should be further detailed

Any reviews or interop testings are welcome

~13:21 05 RFC8366bis

Presenter: Michael Richardson
Time: 15 minutes
(was at

Reminder of original problem: The way how the YANG model was specified
was non-extensible. BRSKI-AE (and likely other future docs will want to
expand the module.
Now we figured out how to rewrite the YANG module in a backward
compatible fashion (no change to bits on wire) that will be extensible.
And it outsources the work to IANA. Thats prime goal of the -bis.

Kent Watson: differences of new encoding target: yang data: grouping,
sx: container

Michael requests reviews by RFC8791 YANG experts.

Authors would like to upgrade status to (full) Internet Standard as
opposed to proposed (rfc8366)

AD (Rob Wilton): Pls. first go through PS (Proposed Standard) status.
Could be upgraded without text change later on to full standard (with
additional process).

Open discussion: still multiple extensions to 8366 through various other
RFC/drafts. should these be pulled back into rfc8366 ?

Toerless: smart money ? on keeping documents separate so it's easier to
also evolve them separately.

AD (Rob Wilton): Instead of merge, just consider you can also use
'Update' tag in RFCs to create the desired linkage to the other

Kent Watson: We already have dependencies referring to 8366(rfc8572)
Michael: think it's ok. to obsolete rfc8366 because it is completely the
same functionally on the wire.

~13:37 06 BRSKI Cloud

Presenter: Michael Richardson
Time: 10 minutes
(was -02 at IETF112)

The draft addresses the use case that a pledge wants to directly talk to
the cloud than to a local registrar.
The draft also offers that a local registrar points to a home registrar
on the cloud to use for enrollment.

~13:40 07 An Autonomic Mechanism for Resource-based Network Services Auto-deployment

Presenter(s): Yujing Zhou
Time: 10 minutes
at IETF112)

Yujing presented the changes since IETF 112 and the negotiation phase of
the auto-deployment process

(Toerless) will review the draft. He likes the slides providing further
details. Details/examples or a detailed use case (negotiation) could be
integrated into the draft as well.

~13:52 08 Autonomic IP Address To Access Control Group ID Mapping

Presenter(s): Yujing Zhou
Time: 10 minutes
(was -01 at IETF112)

Yujing introduced the basic idea of the draft and the changes from IETF

Yujing asks for WG adoption.

(Zongpeng Du) Security ? Answer: We will think about it.
Yizhou Li (co-author): security yes possible applicability, but this is
about policy, so it would have to be the policy of some security
Sheng Jiang: (DHCP only) If that is the case, why ANIMA?
(next slide): Where is the negotiation?
Yizhou: (DHCP slide): Just an example; show the readers that even some
part is not ANIMA, can be piece of this work
... we can add description to the document to have introduction on this;
negotiation just single request/response
add deny to this example, too

Toerless: similar to TACACS RADIUS DIAMETER; a comparison to those would
be useful to indicate what this proposal can do that T/R/D can't.
E.g., pushing out to multiple points (traditional solutions are

~14:12 09 DNS-SD Compatible Service Discovery in GRASP

Presenter: Toerless Eckert
Time: 5 minutes
Draft: (was
-02 at IETF112)

The document is quite stable and any review is appreciated.

10 Autoconfiguration of infrastructure services in ACP networks via DNS-SD over GRASP

Presenter: Toerless Eckert
Time: 5 minutes
(was -01 at IETF112)

operator sets up services in the NOC
enables service announcements in the ACP (MDNS, ...)
ACP nodes get service announcements and start consuming these services

(Note: below discussion is for the above agenda item grasp-dnssd, it
seems - see slide)
Stuart: IANA registry as per RFC6335
Also some mapping not DNS over bluetooth.

Mcr: Would love to see DNS resolution for ACP ULA.
Toerless: probably separate spec. Also: how to use names so as to select
going across ACP vs. going across data-plane.

Toerless askes for WG adoption of both drafts.
Sheng Jiang likes the work, but he requests to have some reviews first.
The discussion will be continued on the email list.

~ 14:34 meeting closes

Action items collected

DONE (toerless): fixup chair slides for auto-deployment there actually
is a slot.
DONE (michael) Update: slot for weekly BRSKI meeting time, send out to
TBD (chairs): work with constrained voucher authors for early allocation
request (TBD3)
TBD (chairs): WG last call start for constrained voucher, to be sent out
monday 4/4/2022 (lot of early reviews done) would like to see same 3
reviewers as we had for BRSKI (in whatever fashion - jari christen and
TBD: BRSKI-cloud sector reviews/WG-last-call-prep
TBD (toerless): review anima-network-service-auto-deployment