HotRFC Lightning Talks at IETF 118
Sunday, November 5, 2023
Starting Time: An hour after the Welcome Reception starts (18:00)
Room: Congress Hall 3
Organizers: Spencer Dawkins, Gorry Fairhurst, Liz Flynn
Email: hotrfc@ietf.org
MEETING AGENDA
1. New update on IPv6 traffic% and packet loss rate – progress since previous talk & next steps
2. Reducing Stadium WIFI carbon footprint
3. Next steps for the SCION Internet Architecture
4. Collective Communication Optimization: Use cases, Problems and Requirements
5. A Universal Name System (UNS) and Universal Certificate Authority (UCA)
6. KIRA – Scalable Zero-Touch Routing
7. Will Post Quantum Crypto make Constrained IoT Devices and Networks obsolete?
8. Can we improve certificate/JWT/CWT revocation?
9. Merkle Tree Ladder Mode (MTL) Signatures Implementation
10. A Personal Digital Agent Protocol
11. How to ensure technology doesn’t do certain things by design - An exploration for an IRTF RG
12. A new EAP-Method based on FIDO
ABSTRACTS
Presenter, Affiliation: XiPeng Xiao, Huawei Technologies Dusseldorf, in person
Abstract: In IETF 117 we presented our perception that IPv6 traffic% and IPv6 user adoption% don’t match, and that implies some IPv6 issues not yet known. After that, we received many new stats on IPv6 traffic% and other information. This new input helped us calibrate our views, but still indicates that issues exist. Based on the feedbacks we’ve got so far, we believe the community is very interested in this topic. We want to update the progress we’ve made since the last talk, and solicit new input to help us to find out the root causes.
Looking for: collaborators to measure IPv6 packet loss rate, and identify root causes why IPv6 packet loss rate is higher than IPv4’s
Coordinates: XiPeng Xiao, xipengxiao@huawei.com
Presenters, Affiliation: Emile Stephan, Orange, In person
Marisol Palmero Amador, Cisco, In person
Abstract: We request a slot to present the result of an experimentation made by Orange and Cisco in 2022 that reduces the carbon footprint of the WIFI network of Marseille stadium. This experimentation shows that at least 20% of power consumption can be saved immediately. The estimation shown that the consumption can be decreased to 50%.
Looking for: The goal of the talk is to start the discussion on the gap in standardization to increase the reduction of power consumption and measure power efficiency. We plan to held a side meeting during the week on the topic.
Coordinates: Emile Stephan, emile.stephan@orange.com; Marisol Palmero Amador, mpalmero@cisco.com
References: https://datatracker.ietf.org/doc/draft-almprs-sustainability-insights/
Presenter, Affiliation: Nicola Rustignoli, SCION Association, in person
Abstract: CION is a path-aware inter-domain architecture focused on security. It provides geofenced, multipath connectivity and is already in use by the Swiss finance sector. Its core components span different areas, and they are currently described in multiple drafts. We invite the IETF community to several related activities: at the upcoming PANRG meeting, we will present deployment experiences of the finance network, and have a discussion on the future of this work within PANRG and the IETF at large. There will be a SCION project at the Hackdemo Happy hour, and we will also discuss the SCION approach to path validation at the Path Validation side meeting on Tuesday. And ultimately, we are looking forward for feedback on existing drafts.
Looking for: feedback, collaborators
Coordinates:
References: http://datatracker.ietf.org/doc/draft-dekater-panrg-scion-overview/
https://datatracker.ietf.org/doc/draft-rustignoli-panrg-scion-components/
https://datatracker.ietf.org/doc/draft-dekater-scion-pki/
https://datatracker.ietf.org/doc/draft-dekater-scion-controlplane/
https://datatracker.ietf.org/doc/draft-dekater-scion-dataplane/
Presenter, Affiliation: Kehan Yao, China Mobile, in person
Abstract: Collective communication is the basic logical communication model for
distributed applications. When distributed systems scales, the
communication overhead becomes the bottleneck of the entire system,
impeding system performance to increase. We want to show the
performance challenges when the collective communication is employed
in a network with more nodes or processes participating in or a
larger number of such communication rounds required to complete a
single job. Relative requirements will be raised to promote standardization in IETF.
Looking for: collaborators to promote standardization of the work in IETF.
Coordinates: Kehan Yao, yaokehan@chinamobile.com
Our side-meeting info in IETF118: Collective Communication Optimization(CCO), Thursday, 9 Nov, 14:30 - 16:00, Palmovka 1/2. https://wiki.ietf.org/meeting/118/sidemeetings
Please see our drafts for details if you're interested in the work:
https://datatracker.ietf.org/doc/draft-yao-tsvwg-cco-problem-statement-and-usecases/
and https://datatracker.ietf.org/doc/draft-yao-tsvwg-cco-requirement-and-analysis/
Presenter: Manu Fontaine, Hushmesh Inc. Founder and CEO, will present in person
Abstract: The Web and the Domain Name System (DNS) explicitly delegate authority to domain owners. All persons and non-person entities are resources under the authority of privileged domain insiders. The recent emergence of Confidential Computing enables the creation of a Universal Name System (UNS), whereby each entity is represented by its own, confidential, universally unique cryptographic identifier. This, in turn, enables the creation of a Universal Certificate Authority (UCA) to fully automate decentralized key management, whereby each entity has its own keychain, and any two entities can automate the establishment of direct, pairwise cryptographic relationships with no human in the middle at all.
Looking for: Guidance as to how to bring this to the IETF community and discuss a global and neutral governance model of such an infrastructure.
Coordinates: Manu Fontaine, manu@hushmesh.com
Side meeting: UNS/UCA, Monday 6 November, Palmovka 1/2, 14:00 - 15:00
Any relevant drafts: Not yet
Presenter: Roland Bless, KIT (Karlsruhe Institute of Technology), Germany, in person
Abstract: KIRA is a scalable, zero-touch routing architecture that offers resilient IPv6 connectivity without any configuration. It uses ID-based addressing and scales to 100,000s of nodes in a single network. KIRA works well in various network topologies and was designed to offer resilient control plane connectivity that does not depend on configuration nor any other services. A built-in DHT offers support for service registration and discovery, thereby helping to realize autonomic network management and control and zero-touch deployments.
Looking for: collaborators, early implementers, BOF support
Coordinates: Roland Bless, roland.bless@kit.edu
- Side meeting: Wednesday 2023-11-08, 19.00h, Karlin 4, https://wiki.ietf.org/en/meeting/118/sidemeetings
To discuss KIRA use cases, collaboration, next steps towards standardization
More info: https://s.kit.edu/KIRA
Internet-Draft: https://datatracker.ietf.org/doc/draft-bless-rtgwg-kira/
Presenter: Hannes Tschofenig (in person)
Abstract: The presence of a Cryptographically Relevant Quantum Computer would render state-of-the-art, public-key cryptography deployed today obsolete. This fear has triggered research and standardization work in the area of Post Quantum Crypto algorithms. These algorithms have properties, which do not align nicely with the design idea of constrained IoT devices and networks. Will the use of PQC algorithms make these constrained IoT devices and networks obsolete? Is there something that can be done?
Looking for: others who have also asked themselves the same question(s).
I would like to hear other views. Please approach me during the IETF week to share your thoughts.
Coordinates: Hannes Tschofenig, hannes.tschofenig@gmx.net
Helpful resources: John Mattsson expressed good thoughts about this topic in his
presentation to the NIST PQC workshop:
Presenter: Hannes Tschofenig (in person)
Abstract: The OAuth working group has recently adopted a new working group item called "OAuth Status Lists" [0]. This document specifies a new revocation mechanism for CWT and JWTs that is related to [1] and [2]. With the introduction of proof-of-possession keys for CWTs and JWTs, they have become certificates in a new encoding format. Is revocation for JWTs/CWTs different than X.509 certificates or can we apply prior experience from the PKIX world to the OAuth context? Should we introduce Status Lists to the X.509 PKIX universe?
Looking for: We need more IETF experts to share their certificate revocation experience with the IETF OAuth working group, and vice-versa.
Coordinates: Please join the OAuth mailing list at https://www.ietf.org/mailman/listinfo/oauth.
Helpful resources:
[0] https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/
[1] https://www.ndss-symposium.org/ndss-paper/lets-revoke-scalable-global-certificate-revocation/
[2] https://www.w3.org/TR/vc-status-list/
... and tons of other proposals in the PKIX context about X.509 certificate revocation.
Presenter: Joe Harvey, Verisign, in person
Abstract: This talk is about the MTL mode of operation and the newly published open-source MTL mode reference library. The library implements the MTL mode Internet-Draft specification presented to CFRG at IETF 117 with a wrapper for an underlying SPHINCS+ signature scheme. We are interested in sharing information about this new reference library and are also seeking feedback on what language bindings would be useful along with input as to what are the initial cryptographic libraries that we should align the MTL mode implementation to support.
Looking for: Feedback on the draft and people interested in using the reference library to evaluate use cases.
Coordinates: Joe Harvey (jsharvey@verisign.com), Andy Fregly (afregly@verisign.com)
Check out our reference implementation of MTL mode https://github.com/verisign/MTL
References:
https://datatracker.ietf.org/doc/draft-harvey-cfrg-mtl-mode/
Presenter: Adrian Gropper, HIE of One Project, Remote Presentation
Abstract: We're discussing a new protocol workgroup designed to enable a shift from proprietary platforms to personal agents. Our perspective derives from the universal human right of Freedom of Association and Assembly (FAA). We leverage research on FAA in the IRTF HRPC and the new IETF GNAP protocol (now in Last Call). On top of this existing work, we will consider how a digital agent is hosted by a support community, how the agent is provisioned with authorization policies that are simultaneously human and machine-readable, and how entities, vendors, and other service providers are directed to access the agent.
Looking for: collaborators and potential implementers.
Coordinates: Contact us via agropper@healthurl.com or pdap@ietf.org
Slides are at https://docs.google.com/presentation/d/1RLyuVJeWTvxWuhD8BwoQWeLRUbOhHFZf-CeCnL-eqJI/edit#slide=id.p
Presenter: Jean Quéralt, The IO Foundation, in person
Abstract: The presentation will focus on the necessity to find objective, measurable methods to ascertain that technology does and (more importantly) doesn’t do certain things (aka doesn’t lead to certain outcomes).
We believe that there’s potential here for an RG under IRTF that may eventually produce ideas that can be undertaken by WGs @ IETF.
Looking for: Collaborators, subject experts, guidance on processes, brain picking in general, detractors.
Coordinates: Jean Quéralt, JFQueralt@TheIOFoundation.org
Regular meetings: To be (re)started in January
https://TIOF.Click/TIOFPackageResearch
Presenter: Janfred Rieckers, DFN-Verein, presenting in person
Abstract: As one of the roaming operators for eduroam, we constantly have problems with insecure TLS configurations on clients and RADIUS servers. Since password-based EAP methods are used inside the TLS tunnel, a compromise of the TLS tunnel results in compromise of the password.
We are proposing a new EAP method, based on TLS and FIDO. By binding necessary configuration items (i.e. outer username) to the certificate, the possibility of mis-configuration by the users is reduced, and by using FIDO keys, we can piggy-back on a current development in the web to move away from passwords.
Looking for: Discussions about protocol design, Input from Implementers, operators and any people with experience with EAP and/or FIDO.
Coordinates:
Side Meeting on Monday at 18:00 in Karlin 4 and/or find me/us during the meeting
Helpful Resources:
https://datatracker.ietf.org/doc/draft-janfred-eap-fido/