[{"author": "Murray Kucherawy", "text": "

I didn't hear a hum.

", "time": "2024-03-18T03:02:14Z"}, {"author": "Pete Resnick", "text": "

Hmm?

", "time": "2024-03-18T03:03:21Z"}, {"author": "Mark Nottingham", "text": "

Hmm.

", "time": "2024-03-18T03:03:33Z"}, {"author": "Richard Barnes", "text": "

that \"we will get along just fine\" sounded a little threatening

", "time": "2024-03-18T03:03:39Z"}, {"author": "Murray Kucherawy", "text": "

Pete is naming working groups again.

", "time": "2024-03-18T03:04:55Z"}, {"author": "Atul Tulshibagwale", "text": "

Congratulations!

", "time": "2024-03-18T03:05:28Z"}, {"author": "Richard Barnes", "text": "

/vims\u0259/

", "time": "2024-03-18T03:05:36Z"}, {"author": "Muhammad Sardar", "text": "

How is the definition of workload different from service?

", "time": "2024-03-18T03:08:56Z"}, {"author": "Henk Birkholz", "text": "

Process: a program in execution

", "time": "2024-03-18T03:08:58Z"}, {"author": "Richard Barnes", "text": "

knitting the monolith back together

", "time": "2024-03-18T03:09:49Z"}, {"author": "Orie Steele", "text": "

Paul Wouters (SEC AD) is your Tech Advisor, as noted on your data tracker page: https://datatracker.ietf.org/group/wimse/about/

", "time": "2024-03-18T03:13:23Z"}, {"author": "A.J. Stein", "text": "

This is a semantics games but a service can be a logical bundling of n>1 workloads in a service? I can have an \"Awesome Sauce Service\" with 10-100 workloads such that a client asking for a result combines processing and information from n/100 workloads, but the client only sees a single result and doesn't need to know anything about the specific n/100 workloads. Am I off-base? Does that make sense, Muhammad?

", "time": "2024-03-18T03:13:57Z"}, {"author": "A.J. Stein", "text": "

(This has been my interpretation so I hope I am not wrong at this point.)

", "time": "2024-03-18T03:14:06Z"}, {"author": "Henk Birkholz", "text": "

Some napkin diagrams would be a good start. There are some in the meeting material

", "time": "2024-03-18T03:15:11Z"}, {"author": "Richard Barnes", "text": "

i don't think it's all that helpful to overanalyze what \"workload\" means. in this group, it seems like \"something you want to identify\" is sufficient

", "time": "2024-03-18T03:16:17Z"}, {"author": "Pete Resnick", "text": "

Don't know if secretariat is listening here, but the left-hand projector is having issues.

", "time": "2024-03-18T03:19:04Z"}, {"author": "Pete Resnick", "text": "

(Do we need to email support@ietf.org?)

", "time": "2024-03-18T03:19:26Z"}, {"author": "Henk Birkholz", "text": "

System boundaries help to understand context, though

", "time": "2024-03-18T03:19:41Z"}, {"author": "Orie Steele", "text": "

Feel free to borrow some of the GitHub WG setup stuff from Key Trans or other IETF WGs on GitHub, if its useful to you: https://github.com/ietf-wg-keytrans

", "time": "2024-03-18T03:20:31Z"}, {"author": "Orie Steele", "text": "

(such as profile, mailing list links, etc)

", "time": "2024-03-18T03:21:01Z"}, {"author": "Christopher Inacio", "text": "

@meetecho can we ask meetecho bot about problems with the left hand projector in room M4?

", "time": "2024-03-18T03:21:13Z"}, {"author": "Carsten Bormann", "text": "

Pete: I sent a message 8 minutes ago...

", "time": "2024-03-18T03:21:24Z"}, {"author": "Jim Fenton", "text": "

There's a standard template for GitHub setup for WGs, isn't there? I think Martin Thomson did it.

", "time": "2024-03-18T03:21:24Z"}, {"author": "Justin Richer", "text": "

@mark did you still want to get to the mic? I'm sorry if I accidentally cut you off there.

", "time": "2024-03-18T03:22:08Z"}, {"author": "Justin Richer", "text": "

@Jim yes we intend to use the WG template.

", "time": "2024-03-18T03:22:21Z"}, {"author": "Muhammad Sardar", "text": "

I feel it is important to be consistent in terminology: workload vs. service vs. micro-service.

", "time": "2024-03-18T03:23:29Z"}, {"author": "Henk Birkholz", "text": "

https://github.com/martinthomson/i-d-template

", "time": "2024-03-18T03:23:32Z"}, {"author": "Henk Birkholz", "text": "

https://datatracker.ietf.org/doc/rfc8875/

", "time": "2024-03-18T03:24:20Z"}, {"author": "Lorenzo Miniero", "text": "

@Christopher Inacio what problem are you experiencing with the projector?

", "time": "2024-03-18T03:24:33Z"}, {"author": "A.J. Stein", "text": "

The template sets up individual repos well, I do not think there is GitHub template repos or infrastructure for work-group level setup. Do others know of any? Is that actually useful? I can direct this musing somewhere else, I thought that is beyond the practical needs of people setting up WGs on GitHub.

", "time": "2024-03-18T03:24:51Z"}, {"author": "Henk Birkholz", "text": "

AJ, see rfc above

", "time": "2024-03-18T03:25:15Z"}, {"author": "Justin Richer", "text": "

@AJ, Henk - thanks, the chairs intend to follow the current best practice :)

", "time": "2024-03-18T03:25:49Z"}, {"author": "A.J. Stein", "text": "

Sorry I typed as you replied, that is great stuff, Henk! I intend to read it later. I look forward to reading more of that then. :-)

", "time": "2024-03-18T03:25:49Z"}, {"author": "Pete Resnick", "text": "

@Lorenzo Colitti It's occasionally flashing solid yellow. Looks like a poor connection.

", "time": "2024-03-18T03:26:55Z"}, {"author": "Evan Gilman", "text": "

I've seen this pattern applied in non-OAuth stacks too

", "time": "2024-03-18T03:27:27Z"}, {"author": "Atul Tulshibagwale", "text": "

Can you please repeat the question?

", "time": "2024-03-18T03:28:05Z"}, {"author": "Murray Kucherawy", "text": "

Huh? I closed that WG.

", "time": "2024-03-18T03:29:52Z"}, {"author": "Christopher Inacio", "text": "

Pete Resnick said:

\n
\n

Lorenzo Colitti It's occasionally flashing solid yellow. Looks like a poor connection.

\n
\n

thanks for following up for Pete while I was busy with something else.

", "time": "2024-03-18T03:32:44Z"}, {"author": "Lorenzo Miniero", "text": "

We notified the AV team, someone should be there to address it soon

", "time": "2024-03-18T03:33:32Z"}, {"author": "Justin Richer", "text": "

AV has replaced the cable, things should be better now

", "time": "2024-03-18T03:33:55Z"}, {"author": "Justin Richer", "text": "

Shout out to the AV team if it keeps happening

", "time": "2024-03-18T03:34:32Z"}, {"author": "Lorenzo Miniero", "text": "

Ack, please do let me know if it's still a problem and I'll ping them

", "time": "2024-03-18T03:34:55Z"}, {"author": "Evan Gilman", "text": "

Appendix B.2 is nice because it doesn't require ~untrusted workloads in domain A to communicate with AS in domain B

", "time": "2024-03-18T03:37:17Z"}, {"author": "Richard Barnes", "text": "

Did we deliberately skip the \"Token Delivery BCP\" slot that's on the agenda?

", "time": "2024-03-18T03:42:49Z"}, {"author": "Richard Barnes", "text": "

@Justin ^^^

", "time": "2024-03-18T03:42:55Z"}, {"author": "Justin Richer", "text": "

@Richard my mistake, we'll do that next. The slides were uploaded out of order.

", "time": "2024-03-18T03:43:49Z"}, {"author": "Henk Birkholz", "text": "

What is the spiffie group?

", "time": "2024-03-18T03:46:19Z"}, {"author": "Muhammad Sardar", "text": "

https://spiffe.io/

", "time": "2024-03-18T03:46:44Z"}, {"author": "Pieter Kasselman", "text": "

SPIFFE -> Secure Production Identity Framework For Everyone

", "time": "2024-03-18T03:47:13Z"}, {"author": "Justin Richer", "text": "

project from the cloud native computing foundation, non-IETF

", "time": "2024-03-18T03:47:27Z"}, {"author": "Dmitry Izumskiy", "text": "

CNCF project

", "time": "2024-03-18T03:47:35Z"}, {"author": "Pieter Kasselman", "text": "

part of the CNCF - Cloud NAtive Compute Foundation.

", "time": "2024-03-18T03:47:39Z"}, {"author": "Henk Birkholz", "text": "

Ah cncf! Thx

", "time": "2024-03-18T03:47:56Z"}, {"author": "Henk Birkholz", "text": "

That is a quite specific highlight there

", "time": "2024-03-18T03:48:27Z"}, {"author": "Orie Steele", "text": "

This KBS? https://github.com/CCC-Attestation/governance/issues/13

", "time": "2024-03-18T03:52:56Z"}, {"author": "Muhammad Sardar", "text": "

CoCo KBS https://github.com/confidential-containers/trustee

", "time": "2024-03-18T03:54:05Z"}, {"author": "Muhammad Sardar", "text": "

KBS protocol: https://github.com/confidential-containers/trustee/blob/main/kbs/docs/kbs_attestation_protocol.md

", "time": "2024-03-18T03:54:24Z"}, {"author": "Muhammad Sardar", "text": "

@ Orie: yes, that's right. We will work in CCC attestation SIG in collaboration with CoCo community.

", "time": "2024-03-18T03:55:14Z"}, {"author": "Evan Gilman", "text": "

I think I brought up the idea around capturing various local delivery/issuance patterns , and agree that perhaps it makes more sense in architecture doc

", "time": "2024-03-18T04:00:55Z"}, {"author": "Pete Resnick", "text": "

Process geekery: It actually sounds like it is better as a standards track \"Applicability Statement\" (see RFC 2026) rather than a BCP.

", "time": "2024-03-18T04:03:23Z"}, {"author": "Richard Barnes", "text": "

@Pete that is such a terrible name.

", "time": "2024-03-18T04:04:28Z"}, {"author": "Pete Resnick", "text": "

@Richard Barnes I can't disagree, but that's what it got called at the time.

", "time": "2024-03-18T04:05:04Z"}, {"author": "Richard Barnes", "text": "

doesn't mean we need to use it :)

", "time": "2024-03-18T04:05:34Z"}, {"author": "Pete Resnick", "text": "

Either way, it's OK to make such things on the standards track. BCPs procedurally are not a good fit for this.

", "time": "2024-03-18T04:05:59Z"}, {"author": "Richard Barnes", "text": "

tbh i don't think 2026 articulates a clear distinction between AS and BCP

", "time": "2024-03-18T04:06:31Z"}, {"author": "Evan Gilman", "text": "

Thanks Hannes

", "time": "2024-03-18T04:07:03Z"}, {"author": "Atul Tulshibagwale", "text": "

Could the people coming to the mic in the room please stand closer to the mic?

", "time": "2024-03-18T04:07:24Z"}, {"author": "Pete Resnick", "text": "

@Atul Tulshibagwale Sorry about that.

", "time": "2024-03-18T04:09:38Z"}, {"author": "Pete Resnick", "text": "

I should know better.

", "time": "2024-03-18T04:09:51Z"}, {"author": "Atul Tulshibagwale", "text": "

no worries, thanks!

", "time": "2024-03-18T04:10:03Z"}, {"author": "Jim Fenton", "text": "

Great comment: \"Predictions are hard...especially about the future.\" :)

", "time": "2024-03-18T04:20:18Z"}, {"author": "Atul Tulshibagwale", "text": "

+1

", "time": "2024-03-18T04:20:28Z"}, {"author": "Henk Birkholz", "text": "

Hands tool here for id

", "time": "2024-03-18T04:26:21Z"}, {"author": "A.J. Stein", "text": "

Sentiment for the room: wimse-cal.

", "time": "2024-03-18T04:26:47Z"}, {"author": "Pieter Kasselman", "text": "

:)

", "time": "2024-03-18T04:27:45Z"}, {"author": "Evan Gilman", "text": "

I read the doc but wasn't present in the room to raise my hand :)

", "time": "2024-03-18T04:28:49Z"}, {"author": "avri doria", "text": "

you did not count online people who may have read it.

", "time": "2024-03-18T04:28:59Z"}, {"author": "Paul Grehan", "text": "

10 in hte room..

", "time": "2024-03-18T04:29:00Z"}, {"author": "Richard Barnes", "text": "

there's no rule that says that people have to have read the doc to support its adoption

", "time": "2024-03-18T04:29:13Z"}, {"author": "Dmitry Izumskiy", "text": "

+1

", "time": "2024-03-18T04:30:18Z"}, {"author": "Evan Gilman", "text": "

+1 on Yaron's comment

", "time": "2024-03-18T04:35:11Z"}, {"author": "Orie Steele", "text": "

+1 on scope comment

", "time": "2024-03-18T04:38:57Z"}, {"author": "Arndt Schwenkschuster", "text": "

Can someone remind me what problem this solves please?

", "time": "2024-03-18T04:41:45Z"}, {"author": "Evan Gilman", "text": "

Better (documented) interop between OAuth and SPIFFE was one of the concrete use cases that gave rise to this deliverable, if my memory serves me correctly.

", "time": "2024-03-18T04:44:02Z"}, {"author": "Orie Steele", "text": "

As I understand, this document \"Token Exchange\" is about getting an access token for one domain, when you have one in another domain.

", "time": "2024-03-18T04:44:03Z"}, {"author": "Orie Steele", "text": "

but its possible I am just quoting the OAuth document from the earlier presentation, and assuming it is a solved problem based on that draft.

", "time": "2024-03-18T04:44:46Z"}, {"author": "Arndt Schwenkschuster", "text": "

Thx. I believe the slide should rather focus on that than on a \"possible solution\".

", "time": "2024-03-18T04:45:05Z"}, {"author": "Orie Steele", "text": "

sounds like the key distinction with oauth is perhapse, token format, maybe not conceptual use case.

", "time": "2024-03-18T04:45:56Z"}, {"author": "Arndt Schwenkschuster", "text": "

+1

", "time": "2024-03-18T04:47:42Z"}, {"author": "Evan Gilman", "text": "

The OIDC-centric token exchange that cloud providers do with non-OAuth JWTs also comes to mind

", "time": "2024-03-18T04:48:08Z"}, {"author": "Orie Steele", "text": "

For folks interested in design teams: https://datatracker.ietf.org/doc/statement-iesg-on-design-teams-20011221/

", "time": "2024-03-18T04:48:47Z"}, {"author": "Evan Gilman", "text": "

My feeling is that there might be some overlap between this deliverable and local issuance one.

", "time": "2024-03-18T04:51:17Z"}, {"author": "Evan Gilman", "text": "

I would

", "time": "2024-03-18T04:52:18Z"}, {"author": "Evan Gilman", "text": "

That is interesting

", "time": "2024-03-18T04:59:00Z"}]