HotRFC Lightning Talks at IETF 121

Sunday, November 3, 2024
Starting Time: An hour after the Welcome Reception starts (18:00)
Room: Liffey A
Organizers: Heather Flanagan, Liz Flynn
Email: hotrfc@ietf.org

Call for Participation


SESSION AGENDA

  1. Palimpsest, a new way to IETF Draft
  2. Large Language Model (LLM) for Networking: an Architecture
  3. KIRA – Scalable Zero-Touch Routing for Control Plane Fabrics
  4. About Extrinsic, Intrinsic, Decentralized, and Stem Identifiers (UNS-UCA Update)
  5. Roundtrips Per Minute (RPM)
  6. Formal Analysis of Attested TLS for Confidential Computing
  7. Introduction to Originator Profile
  8. Preventing denial of service attacks on TLS handshakes
  9. TCP_REPLENISH_TIME
  10. A proposed SUSTAIN RG - Sustainability and the Internet
  11. Real-Time Telemetry for Carbon-Aware Networking: Measuring and Reducing Environmental Impact
  12. PSI based on ECDH

ABSTRACTS

1. Palimpsest, a new way to IETF Draft

Presenter, Affiliation: Phillip Hallam-Baker, Independent

Datatracker slides here

Abstract: Palimpsest is a structured collaborative editing tool that allows a group of users to review a document making annotations with weak semantics that create action items for the document editor and define the process for discharging them.

The tool is currently focused on editing Internet Drafts via a public Web site but the underlying architecture is designed to support true end-to-end security via a custom client with the service having no access to the content of the document or reactions to it.

While several IETF groups have adopted GitHub to provide issue tracking capabilities, GitHub is not designed for our purpose, Palimpsest is.

Looking for: Folk interested in testing/experimenting/developing

Coordinates: Phillip Hallam-Baker, phill@hallambaker.com


2. Large Language Model (LLM) for Networking: an Architecture

Presenter, Affiliation: Mingzhe Xing, Beijing Zhongguancun Laboratory, in person

Datatracker slides here

Abstract: We have witness LLMs showing remarkable capabilities in concept understanding, mathematical reasoning. From Sora, a text2video application just released by openAI, it appears that LLMs may now possess a certain level of understanding of the governing the physical principle .
To enable better use of LLM in networking tasks, we abstract an architecture based on some existing explorations. The main components include heterogeneous data, prompt engineering, foundation lLM, solution tools, and answers including text, instruction, code, and command. and then validation before action. We will present the entire pipeline to ensure safety and quality.

Looking for: We are looking for collaborators who are interested in exploring the potential of Large Language Model in Networking.

Coordinates: Mingzhe Xing, xingmz@zgclab.edu.cn

Side Meeting: AI4Net and LLM4Net, 5 Nov, Wicklow Hall 2A. Seek for collaborators to form a BOF or WG.

Our paper is released at https://arxiv.org/abs/2404.12901.


3. KIRA – Scalable Zero-Touch Routing for Control Plane Fabrics

Presenter, Affiliation: Roland Bless, KIT (Karlsruhe Institute of Technology), in person

Datatracker slides here

Abstract: KIRA is a scalable, zero-touch routing architecture that offers resilient IPv6 connectivity without any configuration.
It uses ID-based addressing and scales to 100,000s of nodes in a single network. KIRA works well in various network topologies
and was designed to offer resilient control plane connectivity that does not depend on configuration nor any other services.
A built-in DHT offers support for service registration and discovery, thereby helping to realize autonomic network management
and control and zero-touch deployments.

Looking for: collaborators, early implementers, BOF support

Coordinates: Roland Bless, roland.bless@kit.edu
Side meeting/BarBoF: Wednesday 2024-11-06, 19.00h, Wicklow Meeting Room 4: Q&A, KIRA use cases, collaboration, next steps towards standardization
More info: https://s.kit.edu/KIRA
Internet-Draft: https://datatracker.ietf.org/doc/draft-bless-rtgwg-kira/


4. About Extrinsic, Intrinsic, Decentralized, and Stem Identifiers (UNS-UCA Update)

Presenter, Affiliation: Manu Fontaine, Hushmesh Inc., in person

Datatracker slides here

Abstract: This HotRFC is to contrast the properties of Extrinsic, Intrinsic, Decentralized, and Stem identifiers, and introduce how Stem identifiers enable the "least trust" architecture of the Universal Name System (UNS) and Universal Certificate Authority (UCA). Includes an invitation to our Side Meeting in WMR4 on Mon @ 13:30.

Looking for: We're looking for partners and collaborators, for guidance as to whether/how to bring this to the IETF community, and to discuss a global and neutral governance model for this infrastructure.

Coordinates: Manu Fontaine, manu@hushmesh.com

Side meeting: UNS-UCA Update: About Extrinsic, Intrinsic, Decentralized, and Stem Identifiers, Monday 4 November, WMR4, 13:30 - 15:00

Any relevant drafts: Not yet


5. Roundtrips Per Minute (RPM)

Presenter, Affiliation: Stuart Cheshire, Apple, In-person

Datatracker slides here

Abstract: We habitually talk about “bandwidth and latency” because both are important, yet for decades bandwidth has improved astonishingly while latency remains largely unchanged. This work seeks to change that by defining a better latency test (better than just “ping” on an idle network) that will drive meaningful advances to improve the working latency of the networks we use.

Looking for: We are especially looking for input from engineers who work on video conferencing and similar delay-sensitive applications. Many people in the IETF believe they know what video conferencing applications need, but we might be wrong. We want to hear from the people who actually work on those applications to learn what changes in network behavior would actually improve how well their applications work.

Coordinates: Stuart Cheshire, cheshire@apple.com
Draft-ietf-ippm-responsiveness will be discussed in the IPPM meeting, 13:00 - 15:00 Monday.

https://datatracker.ietf.org/meeting/121/materials/agenda-121-ippm

https://datatracker.ietf.org/doc/html/draft-ietf-ippm-responsiveness


6. Formal Analysis of Attested TLS for Confidential Computing

Presenter, Affiliation: Muhammad Usama Sardar, TU Dresden, in-person

Datatracker slides here

Abstract: TLS lacks any inherent mechanism for validating the security state of the endpoint software and its platform. To overcome this limitation, remote attestation can be integrated with TLS. We overview three different variants of such integration:
1. Pre-handshake attestation

  1. Intra-handshake attestation

  2. Post-handshake attestation.

We present the current state of formalization of each of the three variants.

Looking for: To seek collaborators knowledgeable in TLS, remote attestation, formal methods or confidential computing

Coordinates: Muhammad Usama Sardar, muhammad_usama.sardar@tu-dresden.de
Slack: #attested-tls on IETF slack

Meetings:
UFMRG meeting on Tuesday
TLS WG meeting on Friday (currently in "time-permitting")
RATS WG meeting on Friday
Side-meetings:
1. Basic attested TLS tutorial: Tuesday 9:30-11:30, Wicklow Hall 2A
2. Advanced TLS tutorial: Wednesday 9:30-11:30, Wicklow Hall 2A
Any relevant drafts or helpful resources you’d like collaborators to look at:

Pre-handshake attestation: https://www.researchgate.net/publication/385384309_Towards_Validation_of_TLS_13_Formal_Model_and_Vulnerabilities_in_Intel's_RA-TLS_Protocol
Intra-handshake attestation: https://datatracker.ietf.org/doc/draft-fossati-tls-attestation/
Post-handshake attestation: Sec. 4 in this paper https://www.researchgate.net/publication/367284929_SoK_Attestation_in_Confidential_Computing
Remote Attestation for Confidential Computing: https://www.researchgate.net/publication/375592777_Formal_Specification_and_Verification_of_Architecturally-defined_Attestation_Mechanisms_in_Arm_CCA_and_Intel_TDX
Repo for attestation: https://github.com/CCC-Attestation/formal-spec-TEE
Some recent slides and videos at https://github.com/CCC-Attestation/formal-spec-KBS
Slides from side-meeting at IETF 120: https://www.researchgate.net/publication/382489639_Presentation_Interactive_Tutorial_Attested_TLS_and_Formalization


7. Introduction to Originator Profile

Presenter, Affiliation: Shigeya Suzuki, Originator Profile CIP (also affiliated with Keio University and WIDE Project), in person

Datatracker slides here

Abstract: Originator Profile (referred to as OP) is a technology that tackles misinformation/disinformation and digital advertisement-related issues. One of the core components of that technology is a mechanism to compose a verifiable digital identity, which provides a verifiable attribute annotation mechanism by third parties to add richer information to some asymmetric key materials such as X.509 PKI-based or other newer schemes. The mechanism is flexible and applicable to application areas other than the above objectives. Various industries and academia have formed OP Collaborative Innovation Partnership, and we are currently seeking a way to develop a set of standards for the mechanism.

Looking for: Call for attendance to the side meeting session (Monday, Nov 4th, 12:30-13:30 at Wicklow Hall 2A) to find potential collaborators, etc. Also, we want to find collaborators who are interested in using the scheme.

Coordinates: Shigeya Suzuki, shigeya@wide.ad.jp
Other resources: Please visit https://originator-profile.org/en-US/
FAQ is available here: https://originator-profile.org/en-US/faq/


8. Preventing denial of service attacks on TLS handshakes

Presenter, Affiliation: David Venhoek (Tweede Golf B.V.), in person

Datatracker slides here

Abstract: Over the past years, we have received word on denial of service attacks utilizing the fact that a server in a TLS handshake can be forced to do significant work with relatively little effort from the attacker. Current tools make it near impossible to mitigate such attacks in more regulated industries such as finance where utilizing third party providers to handle TLS termination is not always allowed. There have been mitigations proposed in the past, but those have died from lack of effort. We would like to get in touch with implementers, primarily on the client side (browsers), to discuss paths towards mitigations for such attacks.

Looking for: David Venhoek, david@tweedegolf.com

Coordinates:
- https://datatracker.ietf.org/doc/draft-nygren-tls-client-puzzles/
- https://github.com/tweedegolf/draft-TLS-client-puzzles


9. TCP_REPLENISH_TIME

Presenter, Affiliation: Stuart Cheshire, Apple, On-site

Datatracker slides here

Abstract: The TCP Not-Sent Low-Water Mark socket option (TCP_NOTSENT_LOWAT) [RFC 9293] was created in Mac OS in 2011 to solve the problem of excessive sender-side buffering, which was affecting the responsiveness of Mac OS Screen Sharing, which uses RFB (Remote Frame Buffer) over TCP. Since then, operational experience has shown us that it would be preferable to have a socket option that specifies the low-water mark for unsent data waiting to go out in terms of remaining time estimated until the buffer runs dry, instead of in terms of remaining bytes until the buffer runs dry.

Looking for: We’re looking for implementers of TCP and QUIC (and any other relevant transport protocols) to get together to agree the right design for the new TCP_REPLENISH_TIME option, and then to deliver this option consistently in their respective APIs, so that it works the same way with the same semantics across all the different implementations.

Coordinates:
Stuart Cheshire, cheshire@apple.com
IETF 121 Side Meeting, 19:00-20:00 Thursday 7th November, Wicklow Meeting Room 4.

How TCP_NOTSENT_LOWAT works is explained in this video, including a “before and after” demo illustrating the dramatic difference it makes for screen sharing responsiveness.

https://developer.apple.com/videos/play/wwdc2015/719/?time=2199


10. A proposed SUSTAIN RG - Sustainability and the Internet

Presenter, Affiliation: Eve Schooler, University of Oxford, and Ali Rezaki, Nokia, in person

Datatracker slides here

Abstract: While the IETF has a strong tradition of supporting WGs focused on energy and energy efficiency (e.g., EMAN, ROLL, 6LOWPAN), there is a need for broader discussion and debate about the environmental footprint of the Internet, from a networking perspective. The proposed Sustainability and the Internet Research Group (SUSTAIN RG) will explore the mid-to-long term research, strategy and policy issues of a sustainable Internet. The long-term goal is to contribute to the advancement of the Internet as a fundamental part of a sustainable and resilient society and planet, through conceptual and evidence-based research collaboration.

Looking for: Discussion of the proposed SUSTAIN RG charter, see https://github.com/rezaki-ali/IRTF_SUSTAIN_RG

Coordinates: Eve Schooler, eve.schooler@gmail.com
Ali Rezaki, ali.rezaki@nokia.com
IETF 121 side meeting on Weds, Nov 6th @ 2:30pm in Wicklow Hall 2A


11. Real-Time Telemetry for Carbon-Aware Networking: Measuring and Reducing Environmental Impact

Presenter, Affiliation: Dr. Omid Tavallaie, University of Oxford, Department of Computer Science

Datatracker slides here

Abstract: As data transmission energy consumption continues to rival that of data centers, the need for accurate carbon accounting in network operations has never been more urgent. This presentation explores the role of real-time network telemetry in supporting carbon-aware networking, enabling visibility into energy use and carbon intensity across the end-to-end network. By gathering telemetry data on power consumption and carbon emissions in real time, network systems can make informed, eco-friendly decisions, optimizing protocols and adjusting operations based on carbon efficiency. This approach not only supports the ICT sector’s sustainability goals but also lays the groundwork for future carbon-intelligent protocols, paving the way for a greener digital infrastructure.

Looking for: To seek collaborators

Coordinates: Email: omid.tavallaie@eng.ox.ac.uk
Affiliation: University of Oxford, Department of Computer Science

Related Working Group:
GREEN WG Meeting on Monday


12. PSI based on ECDH

Presenter, Affiliation: Wenting Chang, AliPay, in person

Datatracker slides here

Abstract: Private Set Intersection (PSI) schemes enable the discovery of shared elements among different parties' datasets without revealing individual data. They are widely used when there's a need to identify overlapping data elements between two or more parties while preserving the confidentiality of each party's original data. PSI is one of the most frequently used privacy preserving techniques in business, e.g. it enables a user to detect whether his/her password is leaked without giving away the password to the server [MS21], or multiple companies to find their common customers without giving each other their raw data.

Looking for: Collaborators

Coordinates: tianwu.wyc@antgroup.com and bainuan.cwt@antgroup.com