HotRFC Lightning Talks at IETF 117

Sunday, July 23, 2023

Starting Time: An hour after the Welcome Reception starts (18:00)

Room: Continental 4
Organizers: Spencer Dawkins, Liz Flynn

Email: hotrfc@ietf.org 

Call for Participation


MEETING AGENDA


1. Domain Level Routing and Forwarding for Inter-domain QoS

2. Trusted sensors for a greener world

3. On Network Path Validation and a Possible Solution

4. Essential Protocols to Avoid Forced (Platform) Association

5. QUIC in Space

6. It’s time to address the gap between IPv6 user adoption rate and IPv6 traffic rate

7. Path Selection in Multi Tunnel SD-WAN

8. Alternative Optimizations for Low Latency Media Handling

9. ECH Deployment Considerations


ABSTRACTS

1. Domain Level Routing and Forwarding for Inter-domain QoS

Presenter, Affiliation: Haoyu Song, Futurewei Technologies, in person

Datatracker slides here

Abstract: We propose to make domain the explicit L3.5 entity and introduce new domain level routing extension header to IPv6 to allow routing and forwarding at the domain level, so to achieve inter-domain QoS catering for the Internet-scale services such as metaverse.

Looking for: feedback and collaboration on drafts and technique developments

Coordinates: Haoyu Song, haoyu.song@futurewei.com 

Reference:

"Towards End-to-End Quality-of-Service by Domain-Level Routing and Forwarding",   arXiv:2207.02326 [cs.NI], July 2022

"Enable Cross-domain QoS for Internet-Scale Metaverse", IEEE MetaCom, June 2023

 


2. Trusted sensors for a greener world

Presenter, Affiliation: Pascal Urien, Telecom Paris, France, in person

Datatracker slides here

Abstract: Authentication and publication of sensor data is a critical issue when trust matters. Sensors and network of sensors are widely used to monitor environmental safety. It is a major topic for the scientific, public and political communities.

Trust in payments (EMV bank card) or identity (electronic passport) is achieved thanks to secure elements.

Trusted Sensors can be organized around secure elements including named TLS servers [1] [3], providing mutual authentication and secure communications. They may support:

- internal commands for administration.

- exported commands for Actuators/Sensors interactions.

- on-demand cryptographic resources authorization.

Secure element TLS-SE [1] application typically provides Key Management System (KMS), remotely controlled via the TLS secure channel.

According to [2] dedicated messages can be exported for external execution, involving interaction with sensors or actuator, whose response is thereafter inserted in the TLS secure channel [4]

Secure element cryptographic resource can be unlocked by dedicated messages, used for example to sign blockchain transactions.

In summary, trusted sensors, built over TLS secure elements can be remotely administered, interact with sensors & actuators, and provide on-demand cryptographic resources.

Is there a step beyond with the IETF, in order to:

- define framework for trusted sensors

- define network interface

- edit guideline for trusted sensors with open hardware software

Looking for: 

Coordinates: Pascal Urien, pascal.urien@gmail.com 

[1] https://datatracker.ietf.org/doc/draft-urien-tls-se/ 

[2] https://datatracker.ietf.org/doc/draft-urien-core-tls-se-io/ 

[3] https://datatracker.ietf.org/doc/draft-urien-coinrg-iose/ 

[4] https://www.youtube.com/watch?v=74aoCvrtZ0c 


3. On Network Path Validation and a Possible Solution

Presenter, Affiliation: Chunchi Liu, Huawei, in-person

Datatracker slides here

Abstract: Network path validation refers to a technology that aims to enforce data to travel only on the assigned network path and provide evidence that the data has indeed followed this path. The absence of a mature path validation solution causes serious routing attacks such as routing hijack, route injection (traffic detour), etc. We formalize the problem, propose a possible cryptographic solution to the path validation problem and list out its use cases.

Looking for: collaborators and suitable WGs for our draft.

Coordinates: Please contact: liuchunchi@huawei.com  to connect; collaboration or discussion all welcome!

- Our 00 draft: https://datatracker.ietf.org/doc/draft-liu-on-network-path-validation (Due to submission deadlines we did not include the solution details in the 00 draft, please come and hear about it :) )


4. Essential Protocols to Avoid Forced (Platform) Association

Presenter, Affiliation: Adrian Gropper, HIE of One Project, remote

Datatracker slides here

Abstract: When service providers do not implement adequate standards to support the user experience, platforms are happy to help with secret proprietary integrations that drive lock-in and manipulation of both the service provider and customer. IETF GNAP is a good start. What other protocol standards are needed?

Looking for: Looking to educate the IETF community how standards can improve society and in collaborators and implementers of our example bundle of standards.

Coordinates: 

Contact me agropper@healthurl.com 

Start a Signal Group

Find a home in IETF

Example: Standard Patient-Controlled Health Record

A focus on mental health and substance use recovery support

Example implementation https://github.com/HIEofOne

Principal Developer https://github.com/shihjay2


5. QUIC in Space

Presenter and affiliation: Marc Blanchet, Viagenie

Datatracker slides here

Abstract:  QUIC is a new IETF transport which has many useful features, not to be listed here. Early testing with one of the implementors seem to show that it is possible to use QUIC over long delay links and networks, as in space. There are hundreds of missions planned going to Moon within this decade, and the current architecture defined by the space agencies is to have wifi and 5G on Moon and have an IP network over it. This talk will discuss what we have tried so far with having QUIC over long delays and invite interested parties to help.

Looking for: collaborators, implementers

Coordinates: Marc Blanchet, marc.blanchet@viagenie.ca


6. It’s time to address the gap between IPv6 user adoption rate and IPv6 traffic rate

Presenter and affiliation: XiPeng Xiao, Huawei Technologies & v6ops co-chair, in person

Datatracker slides here

Abstract: Latest Google IPv6 user adoption rate is 43%, while IPv6 content percentage is about 67% (according to France telecom regulator ARCEP). Theoretically, IPv6 traffic % should be 43%*67% = 28.7%.  However, the IPv6 traffic % measured by Akamai is 18%.  Those measured by other cloud providers are around 15%.  Amsterdam Internet Exchange reports IPv6 traffic % at around 4-8%.  All these numbers are far from 28.7%.  Why is the gap so big?  There is an increasing belief among IPv6 practitioners that Dual-Stack is masking some IPv6 technical issues: one may think that IPv6 has been deployed but the technical issues are causing IPv6 not to be used, leading to low IPv6 traffic %.  This talk intends to draw people’s attention to this problem, and to take actions to identify and solve hidden IPv6 technical problems (if any) in v6ops and 6man WGs.

Looking for: to provide information to the community and solicit collaboration, especially from those people who can provide IPv6 traffic statistics

Coordinates: XiPeng Xiao, xipengxiao@huawei.com 

We invite people to participate v6ops WG session (Tue. 9:30-11:30) and v6ops side meeting (Thur. 15:30-17:00) for more information and discussion

We would like to start a draft in v6ops on how to measure or collect statistics for IPv6 traffic.  Collaboration is solicited, especially from operators or companies with IPv6 traffic statistics.


7. Path Selection in Multi Tunnel SD-WAN

Presenter and affiliation: Altanai B, Cisco Meraki, in person

Datatracker slides here

Abstract: Present day traffic streams in a VPN or secure ecosystem, have unsynchronized strategies to choose the path, such VPN tunnel, split tunnel, MASQUE and so on. At the very best there may be multiplexing, weighted or round-robin load sharing in cases where there are multiple options available.  

The proposal is to standardize an algorithm that computes multiple available options and decides whether on-demand tunnels are created, an existing set of tunnels be reused or any other path, based on the factors that include current network dynamics and vulnerability of the traffic.

Looking for: collaborators

Coordinates:  

Altanai B: altanai@outlook.com  or tara181989@gmail.com 

Relevant link : https://github.com/altanai/IETF117-Path-Selection-Algorithm/blob/a7f8c092cff00c2b54114aee5067bb8fc4648ec1/IETF%20Proposal%202%20_%20Path%20Selection%20in%20Multi%20Tunnel%20SD-WAN%20system%20-%20Altanai%20B.pdf


8. Alternative Optimizations for Low Latency Media Handling

Presenter and affiliation: John Kaippallimalil, Futurewei, in-person. (-- working with Spencer Dawkins, Tencent & Sri Gundavelli, Cisco)

Datatracker slides here

Abstract: Wireless networks (3GPP) implement optimizations to drop groups of media packets of low priority during transient wireless resource congestion periods.
However, there are two related problems that need to be considered.
(1) evolving media encoding for AR/XR with avatars, video, etc can result in inaccurate classification in the (wireless) network with current mechanisms.
(2) dropping groups of packets may result in confusion on the server side about rate adjustment and packet pacing as these wireless congestion periods are very short (in the order of sub-ms).

Looking for: people who are passionate about low latency media to exchange ideas.

Coordinates:


9. ECH Deployment Considerations

Presenter and affiliation: Andrew Campling, 419 Consulting and Arnaud Taddei, Broadcom, both in-person

Datatracker slides here

Abstract: We are working on a document that is intended to inform the community about the impact of the deployment of the proposed Encrypted Client Hello (ECH) standard that encrypts Server Name Indication (SNI) and other data.  Data encapsulated by ECH (ie data included in the encrypted ClientHelloInner) is of legitimate interest to on-path security actors including those providing inline malware detection, parental controls, content filtering to prevent access to malware and other risky traffic, mandatory security controls etc.

 

The current draft of the document already includes observations on current use cases for SNI data in a variety of contexts.  It highlights how the use of that data is important to the operators of both public and private networks and shows how the loss of access to SNI data will cause difficulties in the provision of a range of services to end-users, including the potential weakening of cybersecurity defences.  Some mitigations are identified that may be useful for inclusion by those considering the adoption of support for ECH in their software.

Looking for: We are looking for the involvement of additional collaborators to augment the contributions that we have already and are continuing to gather, especially from the end-user and opsec communities.

Coordinates: Andrew Campling and Arnaud Taddei will be on site in San Francisco all week and can also be reached via Andrew.Campling@419.Consulting and Arnaud.Taddei@Broadcom.Com respectively.

Datatracker -  https://datatracker.ietf.org/doc/draft-campling-ech-deployment-considerations/

GitHub - https://github.com/echdeploy/draft-ech-deployment-considerations