meetecho: could we get the camera on the speaker? thanks!
", "time": "2022-07-28T17:36:46Z"}, {"author": "Erik Kline", "text": "are the existing deployments amenable to taking on any changes that standardisation might create?
", "time": "2022-07-28T17:39:46Z"}, {"author": "Brian Trammell", "text": "that's a very good question. could you bring it to the mic at discussion time? (I can also do so)
", "time": "2022-07-28T17:41:31Z"}, {"author": "Juan de los Galanes", "text": "ISPs are actually asking to start the standardization process. We believe they will be happy to use standard components when/if they are ready
", "time": "2022-07-28T17:41:34Z"}, {"author": "Erik Kline", "text": ":thumbsup:
", "time": "2022-07-28T17:43:07Z"}, {"author": "Juan de los Galanes", "text": "in the meantime, trying to answer: the ISPs (or most of them) have already asked about a possible standard. We believe they would be happy to use standard pieces
", "time": "2022-07-28T17:43:39Z"}, {"author": "Erik Kline", "text": "is there a \"life of a packet\" or \"life of a socket\" kind of summary somewhere?
", "time": "2022-07-28T17:52:08Z"}, {"author": "Mohamed Boucadair", "text": "Would be cool to see how the required info is passed to the CP, which packet is generated by an app, a sample packet when the SCION enriched data is inserted, etc.
", "time": "2022-07-28T17:52:23Z"}, {"author": "Erik Kline", "text": ":point_up:
", "time": "2022-07-28T17:53:07Z"}, {"author": "Juan de los Galanes", "text": "Erik: we have some tutorial applications coded in Go, to show how the sockets work. In essence, from the point of view of the end-point, this could be one simple trace of a \"client\" application:
\n1) get paths to destination
\n2) for each path it wants to use: open socket (or sockopts setpath), write payload
\n3) wait for ACK, check path of the ACK packets
\n4) depending on 3 change policy and go to 1.
\n5) repeat until done / forever
If Auth fails, is it advertised to others, or simply ignored?
", "time": "2022-07-28T17:56:44Z"}, {"author": "Erik Kline", "text": "thank you. Is there a \"common case optimization\" for step 1&2 when the client doesn't care which path is used?
", "time": "2022-07-28T17:56:54Z"}, {"author": "Juan de los Galanes", "text": "Life of a packet, dataplane wise, is quite simple: the packet has the path encoded in the header. It is sent from the end-point to the first BR in the source AS, which forwards the packet.
\nForwarding implies a set of steps: check crypto MACs, advance counter, send to egress
if the path is in every header, what is the effective MSS for payload bits?
", "time": "2022-07-28T17:58:26Z"}, {"author": "Juan de los Galanes", "text": "Erik: there is no \"standard path\" from src to dst. Do you think that would be a good addition?
", "time": "2022-07-28T17:58:39Z"}, {"author": "Juan de los Galanes", "text": "Erik: header is roughly 80 bytes longer than with a regular IPv4 packet
", "time": "2022-07-28T17:59:13Z"}, {"author": "Erik Kline", "text": "so there's a max path len, then
", "time": "2022-07-28T17:59:36Z"}, {"author": "Jordi Subir\u00e0 Nieto", "text": "Juan-Carlos: router authenticate Hop Fields and in principle it discards packets for which HF auth fails, try ingto reduce workload on routers
", "time": "2022-07-28T18:01:03Z"}, {"author": "Juan de los Galanes", "text": "Mohamed: the process is explained in more detail in the free book about SCION (year 2017), roughly:
\nThanks, on (2) does the source has to know that the destination is attached to a SCION-enabled domain?
", "time": "2022-07-28T18:02:37Z"}, {"author": "Mohamed Boucadair", "text": "what if it isn't?
", "time": "2022-07-28T18:03:04Z"}, {"author": "Antoine Fressancourt", "text": "What is the type of voting / consensus mechanism in use in the PKI ? Are you assuming the use of a Paxos / blockchain ?
", "time": "2022-07-28T18:03:11Z"}, {"author": "Juan de los Galanes", "text": "Mohamed: the paths that the application gets are tied inside the path server to some metadata, e.g. geographic positions of the BRs, etc. The path itself does not contain that. The metainformation is spread during the path construction process (path exploration) for receivers to store it in their path servers
", "time": "2022-07-28T18:03:32Z"}, {"author": "Juan-Carlos Z\u00fa\u00f1iga", "text": "@jordi: thanks. I was wondering if the multilateral voting process applies only to DOs, or also to DON'Ts
", "time": "2022-07-28T18:04:42Z"}, {"author": "Juan de los Galanes", "text": "Mohamed: the source can send traffic only to SCION ASes
", "time": "2022-07-28T18:04:42Z"}, {"author": "Jordi Subir\u00e0 Nieto", "text": "Antoine: It isn't a consensus protocol as you would find in a blockchain. The TRC considers a voting quorum. Each AS in that quorum has one vote, the TRC needs +1 votes than the threshold
", "time": "2022-07-28T18:06:36Z"}, {"author": "Mohamed Boucadair", "text": "I assume some Dst Prefs/ASN mappings should be supplied somehow to to the source (or at least the BR)
", "time": "2022-07-28T18:06:38Z"}, {"author": "Juan de los Galanes", "text": "if the destination AS is SCION aware (has at least one SCION BR), the endhost can be SCION unaware (e.g. IPv6), and the AS could use a gateway (called SIG: this is what the banking industry is using at the moment in production)
", "time": "2022-07-28T18:06:44Z"}, {"author": "Kazuaki Ueda", "text": "Is the voting process at C-Plane PKI an essential and mandated element in SCION's trust model? Or can it be considered one of the governance policies of the ISD?
", "time": "2022-07-28T18:06:48Z"}, {"author": "Juan de los Galanes", "text": "Mohamed: there is no prior mappings: the path exploration process learns who the neighbors are, then the neighbors of the neighbors (downstream), etc.
\nThis process is not exactly what happens in reality, but the exploration process in the book covers it in more detail.
I understood that I have to buy the book ;-)
", "time": "2022-07-28T18:09:20Z"}, {"author": "Antoine Fressancourt", "text": "What is the trust model between ISDs ? How is the federation between trust zones organized ?
", "time": "2022-07-28T18:09:30Z"}, {"author": "Juan de los Galanes", "text": "Erik: there is indeed a max length for the path, but IIRC it's quite high (> 64 ASes)
", "time": "2022-07-28T18:09:42Z"}, {"author": "Jen Linkova", "text": "I think the book is free
", "time": "2022-07-28T18:10:39Z"}, {"author": "Juan de los Galanes", "text": "Mohamed: no need to buy the book. There is a free version
", "time": "2022-07-28T18:10:46Z"}, {"author": "Juan de los Galanes", "text": "https://scion-architecture.net/pages/publications/
", "time": "2022-07-28T18:11:10Z"}, {"author": "Jordi Subir\u00e0 Nieto", "text": "Juan-Carlos: we consider two voting cases for the TRC (Trust-root config) for the ISD. The regulars one and the sensitive ones, the sensitive ones (less likely to be used) and some use-case would be removing some AS from the Core.
", "time": "2022-07-28T18:11:17Z"}, {"author": "Mohamed Boucadair", "text": "Thanks, @Juan for the pointer
", "time": "2022-07-28T18:11:24Z"}, {"author": "Erik Kline", "text": "Thanks Juan (for all the prompt answers!)
", "time": "2022-07-28T18:12:06Z"}, {"author": "Juan de los Galanes", "text": "Kazuaki: the CP PKI is tailor made for the properties we wanted at the data plane. We can definitely look at other models, and the properties that will emerge by using them instead
", "time": "2022-07-28T18:13:44Z"}, {"author": "Jordi Subir\u00e0 Nieto", "text": "Antoine: ISDs have the choice to disseminate or not from remote ISDs, needed for AS within that ISD to verify remote information. So every ISD is to decide
", "time": "2022-07-28T18:14:49Z"}, {"author": "Juan-Carlos Z\u00fa\u00f1iga", "text": "Thanks for the answers Jordi
", "time": "2022-07-28T18:15:11Z"}, {"author": "Antoine Fressancourt", "text": "Don\u2019t agree with \u00ab\u00a0partial path control\u00a0\u00bb for SR here
", "time": "2022-07-28T18:17:26Z"}, {"author": "Kazuaki Ueda", "text": "Thanks @Juan for the answer!
", "time": "2022-07-28T18:19:02Z"}, {"author": "Simon Leinen", "text": "As a current SCION ISP, what @Juan said reflects our thinking well. We'd like an open standard as a good basis for a sustainable multi-vendor ecosystem.
", "time": "2022-07-28T18:20:34Z"}, {"author": "Juan de los Galanes", "text": "Antoine: I think Nico is talking about end-to-end inter-domain path control, thus the \"partial\" (intra AS).
\nBut please ask Nico directly, and we'll find out
documenting current practice can be done via Independent Stream?
", "time": "2022-07-28T18:36:16Z"}, {"author": "Mohamed Boucadair", "text": "What would be really good is to exercise how scion addresses the PANRG questions.
", "time": "2022-07-28T18:37:16Z"}, {"author": "Mohamed Boucadair", "text": "Some hidden challenges should be documented (including operational aspects) that are usually hidden
", "time": "2022-07-28T18:37:56Z"}, {"author": "Mohamed Boucadair", "text": "I'm supportive of such kind of work
", "time": "2022-07-28T18:38:05Z"}, {"author": "Jeff Tantsura", "text": "To get it presented to routing audience, potentially we could do a RTGWG interim (not offering it yet, but presenting an option)
", "time": "2022-07-28T18:38:26Z"}, {"author": "Juan de los Galanes", "text": "Taking good note, thanks Mohamed and Jeff
", "time": "2022-07-28T18:39:39Z"}, {"author": "Juan de los Galanes", "text": "Brian: I totally agree. The standardization process in and of itself is going to help a lot (and will help us find problems we never thought of, etc)
", "time": "2022-07-28T18:42:03Z"}, {"author": "Colin Perkins", "text": "When is the London i-d deadline?
", "time": "2022-07-28T18:44:54Z"}, {"author": "Jen Linkova", "text": "I guess end of Oct..2 weeks before so ~20th?
", "time": "2022-07-28T18:45:13Z"}, {"author": "Jen Linkova", "text": "(off top of my head)
", "time": "2022-07-28T18:45:34Z"}, {"author": "Mohamed Boucadair", "text": "One last comment: For LISP, I'm afraid that some assessments you shared in the slide may not be agreed on by LISP WG. You may consider socializing that comparison in the lisp WG or just reach out Dino (Farrinacci).
", "time": "2022-07-28T18:45:36Z"}, {"author": "Erik Kline", "text": "I think that's about right (write)
", "time": "2022-07-28T18:45:44Z"}, {"author": "Jordi Subir\u00e0 Nieto", "text": "Mohamed: Thanks for sharing your thoughts, sure more discussion may be worth it. We'll keep that in mind, but I also may even envision using LISP over SCION, but that's a different topic.
", "time": "2022-07-28T18:49:45Z"}, {"author": "Brian Trammell", "text": "draft deadline would be 24 October. I'd want to run an interim the week of 10 October at the latest (so there's time to incorporate any feedback from that meeting into drafts for London)
", "time": "2022-07-28T18:54:33Z"}, {"author": "Nicola Rustignoli", "text": "Mohamed Boucadair said:
\n\n\nOne last comment: For LISP, I'm afraid that some assessments you shared in the slide may not be agreed on by LISP WG. You may consider socializing that comparison in the lisp WG or just reach out Dino (Farrinacci).
\n
Thanks for pointing this out, I'd be happy to dig more into that and have a chat with the LISP folks
", "time": "2022-07-28T18:56:20Z"}, {"author": "Nicola Rustignoli", "text": "And thank you all for your feedback. We'll be digesting it and we'll ping you on the list as soon as we manage to update the existing drafts
", "time": "2022-07-28T19:00:41Z"}, {"author": "Mohamed Boucadair", "text": "For the transport functionality review, you may start looking at the RFCs produced by the TAPS WG
", "time": "2022-07-28T19:13:53Z"}, {"author": "Mohamed Boucadair", "text": "I also suggest you look at https://datatracker.ietf.org/doc/draft-ietf-taps-arch/
", "time": "2022-07-28T19:14:03Z"}, {"author": "Jen Linkova", "text": "@Med: do you want to say it at the mic? Or shall I proxy?
", "time": "2022-07-28T19:14:30Z"}, {"author": "Mohamed Boucadair", "text": "no need to go to the mic for this. Thanks
", "time": "2022-07-28T19:14:54Z"}, {"author": "Juan de los Galanes", "text": "thanks everyone, have a good one
", "time": "2022-07-28T19:19:33Z"}]