[{"author": "Hannes Tschofenig", "text": "<p>nope</p>", "time": "2023-09-19T14:00:09Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>Hi all</p>", "time": "2023-09-19T14:01:30Z"}, {"author": "Magnus Westerlund", "text": "<p>I don't hear Gorry, but \"Test local speaker\" works.</p>", "time": "2023-09-19T14:03:28Z"}, {"author": "Hannes Tschofenig", "text": "<p>I can hear Gorry fine</p>", "time": "2023-09-19T14:03:51Z"}, {"author": "Michael T\u00fcxen", "text": "<p>I can hear him fine.</p>", "time": "2023-09-19T14:04:15Z"}, {"author": "Magnus Westerlund", "text": "<p>Figured it out.</p>", "time": "2023-09-19T14:04:46Z"}, {"author": "Hannes Tschofenig", "text": "<p>Magnus, you didn't use DTLS and your audio packets got dropped? ;-)</p>", "time": "2023-09-19T14:05:43Z"}, {"author": "Hannes Tschofenig", "text": "<p>Weren't we going to talk about the liaison?</p>", "time": "2023-09-19T14:07:14Z"}, {"author": "Hannes Tschofenig", "text": "<p>Ok.</p>", "time": "2023-09-19T14:08:26Z"}, {"author": "Hannes Tschofenig", "text": "<p>No problem</p>", "time": "2023-09-19T14:08:29Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>I can't hear you</p>", "time": "2023-09-19T14:09:03Z"}, {"author": "Marcelo Leitner", "text": "<p>and froze</p>", "time": "2023-09-19T14:09:13Z"}, {"author": "Donald Eastlake", "text": "<p>Please give up on your microphone.</p>", "time": "2023-09-19T14:09:21Z"}, {"author": "Martin Duke", "text": "<p>Sorry I'm late, glad to be here with everyone</p>", "time": "2023-09-19T14:09:22Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>Does it mean it can be implemented end-to-end without any license in both user-space and kernel ?</p>", "time": "2023-09-19T14:10:51Z"}, {"author": "Hannes Tschofenig", "text": "<p>No</p>", "time": "2023-09-19T14:11:40Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>It does not help completely but better than before.</p>", "time": "2023-09-19T14:12:13Z"}, {"author": "Marcelo Leitner", "text": "<p>do we have a link to the slides?</p>", "time": "2023-09-19T14:13:22Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p><a href=\"https://datatracker.ietf.org/meeting/interim-2023-tsvwg-01/session/tsvwg\">https://datatracker.ietf.org/meeting/interim-2023-tsvwg-01/session/tsvwg</a></p>", "time": "2023-09-19T14:13:49Z"}, {"author": "Marcelo Leitner", "text": "<p>thx</p>", "time": "2023-09-19T14:13:58Z"}, {"author": "Charles Eckel", "text": "<p>There was not really any discussion in SA3 meeting about kernel vs. user space implementations.</p>", "time": "2023-09-19T14:15:44Z"}, {"author": "Michael T\u00fcxen", "text": "<p>Thanks</p>", "time": "2023-09-19T14:15:54Z"}, {"author": "Zaheduzzaman Sarker", "text": "<p>This was kind of interesting response from SA3.. they didn't do any kind of security analysis and say both or one supports the security requirements from 3GPP, however they commented about implementation while there were no detailed analysis on that either :-). just an observation ....</p>", "time": "2023-09-19T14:33:36Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>Very expected. In SA3 you are expected to read up and have a opinion when you come to the meeting. Companies care about outgoing LSs and if companies have an opinion they have typically done a lot of anylysis before the meeting. Saying that SA3 has not done analysis is not true.</p>", "time": "2023-09-19T14:38:43Z"}, {"author": "Zaheduzzaman Sarker", "text": "<p>maybe they have done lots of home work but  haven't discussed during meetings..</p>", "time": "2023-09-19T14:40:36Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>No material seems to be shared in SA3 meeting related to the detailed threat analysis.</p>", "time": "2023-09-19T14:57:05Z"}, {"author": "Hannes Tschofenig", "text": "<p>FYI: There is ongoing work in OpenSSL to add DTLS 1.3</p>", "time": "2023-09-19T15:01:15Z"}, {"author": "Michael T\u00fcxen", "text": "<p>Great to know.</p>", "time": "2023-09-19T15:01:31Z"}, {"author": "Michael T\u00fcxen", "text": "<p>OpenSSL support DTLS/SCTP as specified in RFC 6083.</p>", "time": "2023-09-19T15:02:22Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>I don't think SA3 discusses threats in details. I think SA3 thought TSVWG did a good job with the list on security requirements. Most of this follows directly from existing requirements for other 3GPP interfaces.</p>", "time": "2023-09-19T15:02:27Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>It looks like an active attack and not a passive attack.</p>", "time": "2023-09-19T15:08:35Z"}, {"author": "Magnus Westerlund", "text": "<p>Yes it is an active attack</p>", "time": "2023-09-19T15:09:42Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>Active attack requires to be on-path and will be MiTM</p>", "time": "2023-09-19T15:10:10Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>NIST zero trust requirements is to always assume on-path attackers even inside enterprise networks.</p>", "time": "2023-09-19T15:10:53Z"}, {"author": "Hannes Tschofenig", "text": "<p>That's not what zero trust says</p>", "time": "2023-09-19T15:11:08Z"}, {"author": "Gorry Fairhurst", "text": "<p>We will need a threat model, and decide what we need from the protocol.</p>", "time": "2023-09-19T15:11:18Z"}, {"author": "Hannes Tschofenig", "text": "<p>Zero trust says: don't rely on firewalls</p>", "time": "2023-09-19T15:11:20Z"}, {"author": "Hannes Tschofenig", "text": "<p>Agree with Gorry</p>", "time": "2023-09-19T15:11:27Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>Agreed</p>", "time": "2023-09-19T15:12:37Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>Us governments zero trust documents definitly say that you should always assume on on-path attacker and that all traffic should be encrypted always.</p>", "time": "2023-09-19T15:12:54Z"}, {"author": "Hannes Tschofenig", "text": "<p>It sounds a bit like we are designing around Ericsson internal implementation challenges</p>", "time": "2023-09-19T15:16:03Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>I am basically just saying what the SA3 LS says: \"Solution (i) requires changes in the existing SCTP, SCTP-AUTH standards, implementation, and DTLS library. Therefore, Solution (i)\u2019s implementation effort appears to be higher than Solution (ii).<br>\n\"</p>", "time": "2023-09-19T15:17:25Z"}, {"author": "Tirumaleswar Reddy.K", "text": "<p>It would be good to see running code to understand the real challenges.</p>", "time": "2023-09-19T15:17:59Z"}, {"author": "Hannes Tschofenig", "text": "<p>+1 to Tiru.</p>", "time": "2023-09-19T15:18:16Z"}, {"author": "Charles Eckel", "text": "<p>Could we do something at the Hackathon in Prague?</p>", "time": "2023-09-19T15:18:45Z"}, {"author": "Michael T\u00fcxen", "text": "<p>With the (unknown) IPRs involved?</p>", "time": "2023-09-19T15:19:00Z"}, {"author": "Hannes Tschofenig", "text": "<p>That would be cool</p>", "time": "2023-09-19T15:19:01Z"}, {"author": "Hannes Tschofenig", "text": "<p>As you know, I am a bit fan of the hackathon</p>", "time": "2023-09-19T15:19:15Z"}, {"author": "Charles Eckel", "text": "<p>I am a bit of a fan too <span aria-label=\"wink\" class=\"emoji emoji-1f609\" role=\"img\" title=\"wink\">:wink:</span></p>", "time": "2023-09-19T15:19:40Z"}, {"author": "Zaheduzzaman Sarker", "text": "<p>yes.. some hackathon would be super to light on the implementation aspects</p>", "time": "2023-09-19T15:22:20Z"}, {"author": "Hannes Tschofenig", "text": "<p>Marcelo, I am happy to explain you the details</p>", "time": "2023-09-19T15:26:50Z"}, {"author": "Zaheduzzaman Sarker", "text": "<p>I am actually confused by the question.. so are you asking if this is a problem to be solved?</p>", "time": "2023-09-19T15:27:18Z"}, {"author": "Marcelo Leitner", "text": "<p>cool, thanks Hannes. Will get in touch offline then</p>", "time": "2023-09-19T15:30:13Z"}, {"author": "Hannes Tschofenig", "text": "<p><a href=\"mailto:Hannes.Tschofenig@gmx.net\">Hannes.Tschofenig@gmx.net</a></p>", "time": "2023-09-19T15:30:32Z"}, {"author": "Michael T\u00fcxen", "text": "<p>@Marcelo: Get me in the loop, too.</p>", "time": "2023-09-19T15:31:09Z"}, {"author": "Marcelo Leitner", "text": "<p>Will do</p>", "time": "2023-09-19T15:32:05Z"}, {"author": "Michael T\u00fcxen", "text": "<p><a href=\"mailto:tuexen@fh-muenster.de\">tuexen@fh-muenster.de</a></p>", "time": "2023-09-19T15:32:38Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>DTLS in crypto chunk definitly encrypts more. I think encrypting as much as possible is current best practice. For 3GPP I think the amount of encryption in DTLS over SCTP is good enough. For other use cases it might not be good enough.</p>", "time": "2023-09-19T15:32:40Z"}, {"author": "Marcelo Leitner", "text": "<p>we need requirements here. Finding (random) deltas and deciding just on them may not be optimal</p>", "time": "2023-09-19T15:32:44Z"}, {"author": "Michael T\u00fcxen", "text": "<p>Any position regarding an IPR protected solution here</p>", "time": "2023-09-19T15:33:38Z"}, {"author": "Hannes Tschofenig", "text": "<p>I expect Magnus to join the hackathon</p>", "time": "2023-09-19T15:34:00Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>Regarding time. I think 3GPP pointed out in an earlier LS that this is needed quite quickly.RFC6083 is mandatory to implement since 3GPP Rel-15 but is not deployable. 3GPP is not working on Rel-19 and there is still no deployable solution for end-to-end protection of the control signaling over SCTP.</p>", "time": "2023-09-19T15:37:07Z"}, {"author": "Magnus Westerlund", "text": "<p>so I will be at the hackathon. We will have to discsuss within Ericsson what we can do for DTLS for SCTP towards the hackathon.</p>", "time": "2023-09-19T15:37:26Z"}, {"author": "Magnus Westerlund", "text": "<p>But I also are commited to work on MP-QUIC at the Hackathon.</p>", "time": "2023-09-19T15:37:49Z"}, {"author": "Hannes Tschofenig", "text": "<p>Cool.</p>", "time": "2023-09-19T15:38:23Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>If it helps here is a already written draft to increase the record layer in TLS.This was the first thing we started working on and discussed with TLS experts and the TLS chairs. We abandoned it after we concluded 64 kB was to little for 3GPP. TLS experts recommended doing the work in TSVWG instead.https://github.com/emanjon/draft-mattsson-tls-super-jumbo-record-limit/blob/main/draft-mattsson-tls-super-jumbo-record-limit-00.txt</p>", "time": "2023-09-19T15:46:04Z"}, {"author": "Hannes Tschofenig", "text": "<p>Thanks for sharing, John</p>", "time": "2023-09-19T15:51:02Z"}, {"author": "Hannes Tschofenig", "text": "<p>I guess you are not planning to continue this work</p>", "time": "2023-09-19T15:51:11Z"}, {"author": "Hannes Tschofenig", "text": "<p>Can someone help with note taking? Got interrupted</p>", "time": "2023-09-19T15:51:41Z"}, {"author": "John Preu\u00df Mattsson", "text": "<p>I was not, but if you have a use case I am happy to help.</p>", "time": "2023-09-19T15:54:51Z"}, {"author": "Zaheduzzaman Sarker", "text": "<p>Need to drop to another call - IESG duty.. thanks for this meeting and discussions... Hope to see good progress ... bye for now...</p>", "time": "2023-09-19T15:59:11Z"}]