HotRFC Lightning Talks at IETF 119

Sunday, March 17, 2024

Starting Time: An hour after the Welcome Reception starts (18:00)

Room: P2

Organizers: Spencer Dawkins, Liz Flynn, Shuping Peng

Email: hotrfc@ietf.org 

Call for Participation


MEETING AGENDA


1.  Symmetric Key Exchange (SKEX)

2.  DDoS trends and defense issues

3.  Large Language Model (LLM) for Networking

4.  Standalone Service ID in Routing Network

5.  Threat Surface Management for Network Element

6.  Update on the Universal Name System (UNS) and Universal Certificate Authority (UCA)

7.  Enhancing Digital Trust with DNS-based Root Certificate Re-Validation

8.  Humanitarian ICT

9.  Agent Discovery Protocol

10.  "Securely COmmunicating NEtwork PROperties" (SCONEPRO) (formerly known

as SADCDN)

11.  An IETF standard at the intersection of large scale personal data with generalist Large Language Models

12.  Verifiable Identity using Distributed Authentication (VIDA)


ABSTRACTS

1.  Symmetric Key Exchange (SKEX)

Presenter, Affiliation: Mattia Montagna, Quantum Bridge Technologies Inc, in person

Datatracker slides here

Abstract: The proponents believe that there is a pressing need to establish a framework and potentially protocols for secure symmetric key exchange between parties, as well as rationalising the formats and interfaces for integration of such key exchange systems into applications.  A lack of standardization of such a framework will hamper adoption of such systems.

Looking for:  Collaboration

Coordinates: Side meetings 15:00-16:00 on both Tue 19 & Wed 20 March, P6-7

 


2.  DDoS trends and defense issues

Presenter, Affiliation: Linzhe Li, in person

Datatracker slides here

Abstract:  With the development of network scale and technology, DDoS attacks become more frequent, larger, and intelligent. It presents a challenge to the traditional single-point DDoS defense system. More and more people are realizing the importance of coordinating information and resources to defend against DDoS. In the process of deploying collaborative defense, we found that there is important information that needs to be standardized, such as collaborative signaling and collaborative technology framework.

Looking for: collaborators and implementers.

Coordinates: 

 * Drafts:https://datatracker.ietf.org/doc/draft-cui-dots-extended-yang/https://datatracker.ietf.org/doc/draft-cui-savnet-anti-ddos/ 

  * Relevant  side meeting:DDoS Hot Issues and Collaborative Mitigation Techniques (20th March,9:30am to 11:00am, P6-7, Plaza Level)


3.  Large Language Model (LLM) for Networking

Presenter, Affiliation: Xiaohui Xie, Tsinghua University, in person

Datatracker slides here

Abstract:   Large language models (LLMs), exemplified by GPT, have achieved remarkable performance in various tasks, such as machine translation, text-to-image generation, and embodied intelligence. Thanks to their vast number of parameters, LLMs can memorize a massive amount of knowledge and utilize tools based on commands. We believe that LLMs can also assist with tasks within networking scenarios. This talk will explore the transformative potential of LLMs in the networking domain and open the discussion on potential standards for this topic.

Looking for:

Coordinates: 


4.  Standalone Service ID in Routing Network

Presenter, Affiliation: Dongyu Yuan, ZTE Corporation, in person

Datatracker slides here

Abstract:  More and more emerging applications have raised the demand for establishing networking connections anywhere and anytime, alongside the availability of highly distributive any-cloud services.  Such a demand motivates the need to efficiently interconnect heterogeneous entities, e.g., different domains of network and cloud owned by different providers, with the goal of reducing cost, e.g., overheads  and end-to-end latency, while ensuring the overall performance satisfies the requirements of the applications.  The key of interconnection and efficient coordination would be suggested to employ a unified interface that can be understood by heterogeneous parties which could derive the consistent requirements of the same service and treat the service traffic appropriately by their proprietary policies and technologies. A standalone service ID would be introduced and discussed.

Looking for:  Discussions and suggestions would be appreciated.

Coordinates: Concerning the introduced topic, it correlates with Routing Area.

Draft: https://datatracker.ietf.org/doc/draft-huang-rtgwg-us-standalone-sid/ 


5.  Threat Surface Management for Network Element

Presenter, Affiliation: Frank (Liang) Xia, Huawei, in person

Datatracker slides here

Abstract:  a new draft about Threat Surface Management for Network Element: https://datatracker.ietf.org/doc/draft-hu-network-element-tsm-yang/ .

This new draft basically describes the use cases threat surface management of network devices, then provides its definition, finally attempts to define a YANG model for it.

 

Since this work is across OPS and SEC area, and we don't find a suitable OPS WG for it. So we hope to introduce it in HotRFC and get more visibility now.

 

Looking for:  Collaboration on this specific work, and together look into more potential works related in this direction.

Coordinates: Frank (Liang) Xia, frank.xialiang@huawei.com 

huff@csg.cn,

hongdk@csg.cn 


6.  Update on the Universal Name System (UNS) and Universal Certificate Authority (UCA)

Presenter, Affiliation: Manu Fontaine, Hushmesh Inc. Founder and CEO, in person

Datatracker slides here

Abstract:   At the IETF118 meeting, we introduced our work on the Universal Name System (UNS) and Universal Certificate Authority (UCA). We'd like to introduce this work to those who have not heard about it yet, and provide an update to those who have. This HotRFC includes an invitation to a side meeting on Monday @ 14:00 in P6-7.

Looking for:  We're looking for partners and collaborators, for guidance as to how to bring this to the IETF community, and to discuss a global and neutral governance model for such an infrastructure.

Coordinates: Contact: manu@hushmesh.com

Side meeting: UNS/UCA Update, Monday 18 March, Room P6-7 14:00 - 15:00


7.  Enhancing Digital Trust with DNS-based Root Certificate Re-Validation

Presenter, Affiliation:  Roble Mumin, Manager at KPMG Germany, Public Sector, presenting remotely

Datatracker slides here

Abstract:  The integrity of root certificates is foundational to cybersecurity. However, the proliferation of spoofed, malicious, or compromised certificates presents a significant risk to secure digital communications. Our proposal, DNS-based Root Certificate Re-Validation, leverages a dedicated .cert/.certs domain to periodically validate the authenticity of root certificates. This method not only enhances the security of digital communications but also fosters a more trustworthy digital environment. By outlining the threats, our approach, detailed process choreography, and technical configuration, this presentation aims to initiate a critical dialogue on advancing digital trust through innovative DNS use.

Looking for:  

Coordinates: Email: ietf@roblemumin.com

LinkedIn: https://www.linkedin.com/in/roblemumin 


8.  Humanitarian ICT

Presenter, Affiliation: Timothy Holborn, Web Civics, In Person.

Datatracker slides here

Abstract:  Abstract: the concept of Humanitarian Information and Communication Technology (ICT), defining the scope, importance, and mechanisms for prioritising support for work and services critical to supporting Human Rights Instruments and International Humanitarian Law.  The proposed RFC seeks to address the identification of Humanitarian ICT workers, websites, online services, and the use of Agent Discovery Profile (ADP) that incorporates the use of credentials as a means to distinguish and prioritise these services in adverse conditions.

Looking for:  Collaborators, with a view to organising a ‘side meeting’ to discuss the topic further.

Coordinates: Timothy Holborn <timothy.holborn@gmail.com>

References:

https://docs.google.com/presentation/d/1NKA4UafXJTOIGpLdSJ--cvwqcRiMKaTN8ozrmtbIZSo/edit#slide=id.p 

https://github.com/WebCivics/HumanitarianICT 

https://groups.google.com/g/peace-infrastructure-project 


9.  Agent Discovery Protocol

Presenter, Affiliation: Timothy Holborn, Web Civics, In Person.

Datatracker slides here

Abstract:  Agent Discovery Protocol (ADP) aims to revolutionise agent interactions on the web, enabling seamless discovery of associated services within domains. Leveraging RDF for machine-readable descriptions and fortified by DNS and TLS security, ADP ensures robust agent identification, credential validation, and service endpoint discovery. Supporting diverse agent types, including natural persons via Personal Domain Profiles (PDP), ADP streamlines interactions and fosters interoperability across domains. This presentation unveils ADP's key functionalities, highlighting its pivotal role in enhancing web agent interactions, promoting efficiency, and ensuring security within the dynamic landscape of the Web of Data.Agent Discovery Protocol (ADP) aims to revolutionise agent interactions on the web, enabling seamless discovery of associated services within domains. Leveraging RDF for machine-readable descriptions and fortified by DNS and TLS security, ADP ensures robust agent identification, credential validation, and service endpoint discovery. Supporting diverse agent types, including natural persons via Personal Domain Profiles (PDP), ADP streamlines interactions and fosters interoperability across domains. This presentation unveils ADP's key functionalities, highlighting its pivotal role in enhancing web agent interactions, promoting efficiency, and ensuring security within the dynamic landscape of the Web of Data.

Looking for:  Collaborators, with a view to organising a ‘side meeting’ to discuss the topic further, perhaps via the context of Humanitarian ICT.

Coordinates: Timothy Holborn <timothy.holborn@gmail.com>.

References:

https://docs.google.com/presentation/d/1UOWuCcOQgTnqZ050wS-4MmGFP368nISoiRupaR1NIgc/edit#slide=id.p 

https://github.com/WebCivics/ADP/ 

https://www.w3.org/community/humancentricai/   


10.  "Securely COmmunicating NEtwork PROperties" (SCONEPRO) (formerly known

as SADCDN)

Presenter, Affiliation: Matt Joras (Meta) and Marcus Ihlar (Ericsson)

onsite, and Spencer Dawkins (Tencent) participating remotely.

Datatracker slides here

Abstract:  We're working on a way to improve network performance and

user experience for streaming video, based on receiver-based

adaptation to network properties received from the network over a

secure on-path protocol.

Looking for:  At IETF 119, we're looking for folks who are knowledgeable about

streaming video on modern networks, to help make progress at a

non-WG-forming BOF on Thursday.

Coordinates: 

- SCONEPRO BOF meeting materials, at

https://datatracker.ietf.org/meeting/119/session/sconepro 

- Hallway conversations with Matt and Marcus

Any relevant drafts or helpful resources you’d like collaborators to look at:

- Charter discussion, at https://github.com/mjoras/SCONE-PROTOCL 

- Mailing list discussion, at https://www.ietf.org/mailman/listinfo/sadcdn 

- SADCDN Video Optimization Requirements, at

https://datatracker.ietf.org/doc/draft-joras-sadcdn-video-optimization-requirements/ 

- MASQUE extension for signaling media bitrate, at

https://datatracker.ietf.org/doc/draft-ihlar-masque-sconepro-mediabitrate/ 


11.  An IETF standard at the intersection of large scale personal data with generalist Large Language Models

Presenter, Affiliation: Adrian Gropper, HIE of One - Presenting Remotely

Datatracker slides here

Abstract:  The goal of the Personal Digital Agent Protocol (PDAP) is to design a standard that _intentionally_ disadvantages large corporate interests in favor of cooperatives, unions, congregations, clubs, professions, etc… that support their individual members who are facing an increasingly asymmetrical relationship with BigTech. The human rights foundation for PDAP is the Freedom of Association and Assembly. The security framework is primarily IETF GNAP.

Generalist Large Language Models (LLM) like Microsoft GPT-4 and Google Gemini have a network effect on par with TCP/IP. But, because LLMs operate near the top of the stack instead of the bottom, their impact on individuals is much much greater. Some call this the Human-to-AI Alignment problem.

PDAP as a standard is conceived to be a component of an AI alignment solution by operating at the interface between personal data access policies and the generalist LLM.

Looking for:  collaborators and implementers to plan a charter conversation at IETF 120 Vancouver.

Coordinates: There’s a pre-workgroup mail list at pdap@ietf.org.  Please join at

https://www.ietf.org/mailman/listinfo/pdap 

https://datatracker.ietf.org/doc/draft-ietf-gnap-core-protocol/  is proposed as the security foundation for PDAP.


12.  Verifiable Identity using Distributed Authentication (VIDA)

Presenter, Affiliation: Dr. Neal Krawetz, Hacker Factor, presenting remotely

Datatracker slides here

Abstract:  Whether it is AI-generated content or digital forgeries, media authentication has become a critical issue that impacts everyday users and corporations. Existing proposals, such as C2PA, are vendor dependent, fail to authenticate, and are price prohibitive. I propose a solution using a widely used distributed key management service that provides attribution, validation, and non-repudiation of media files (pictures, videos, documents, etc.) without any significant cost barriers.

Looking for:  The RFC submission process is much more complicated than it was 30 years ago, when you could just email Jon Postel.

I request assistance in the following areas:

 - Solidifying the implementation details in an open and public forum.

 - Collaborators to assist in writing the draft RFC.

 - Implementers who can create public libraries for demonstration and adoption. (I don't want it to be the "all Neal" show.)

Coordinates: Neal Krawetz, pasta@hackerfactor.com

The existing solution, C2PA, is commercially driven. It is completely developed by Adobe, working groups (C2PA and CAI) are spearheaded by Adobe, and Adobe makes unilateral decisions without consulting members of C2PA or CAI. C2PA has significant limitations, including being based on a 100% "trust" driven model.  Details about these limitations can be found at:

 https://hackerfactor.com/blog/index.php?/archives/1010-C2PAs-Butterfly-Effect.html

 https://hackerfactor.com/blog/index.php?/archives/1023-C2PAs-Time-Warp.html

 https://hackerfactor.com/blog/index.php?/archives/1024-IEEE,-BBC,-and-C2PA.html

 https://hackerfactor.com/blog/index.php?/archives/1025-The-Great-Kate-Debate.html

C2PA fails to address any of the authentication, provenance, validation, and security issues.

While VIDA does not address all of these same issues, it does provide attribution, authentication of the attribution, and validation.