[Chapter-delegates] ISOC's Follow up "Rough Guide" to IETF74
Sabrina Wilmot
wilmot at isoc.org
Wed Jun 10 04:09:31 PDT 2009
Dear Colleagues,
Following on our tradition from the last IETFs, Leslie Daigle and her
team in 'Standards and Technology' have produced a follow up "rough
guide" to the hot topics for the 74th IETF.
On behalf of Leslie's group we hope you find this document useful.
Please feel free to share it with your members, or any one else you
think might make use of it.
Big thanks to Leslie and her team for producing this.
Best regards,
Sabrina Wilmot
ISOC
A Follow-Up to ISOC's Rough Guide to IETF74 Hot Topics
======================================================
ISOC's Standards & Technology department offered a “rough guide” to hot
topics being discussed at the 74th IETF. We are producing a similar
“rough guide” for the 75th IETF in Stockholm (July 26-31, 2009). This is
a follow up to the rough guide for the 74th IETF where we offer a set of
highlight of events from the 74th IETF. The text is largely that from
the “rough guide” with embedded text for the areas we are now reporting
on. We focused on the following four topics:
IPv4/IPv6 Coexistence
Securing the Internet Infrastructure
Trust and Identity
Bandwidth Management
IETF Structure and Process
IPv4/IPv6 Coexistence
---------------------
As there is increasing momentum to deploy IPv6, as well as recognition
that IPv4 and IPv6 network realities must coexist, work is being done to
develop specifications to allow interoperable behavior between networked
realities.
6AI BOF: IPv6 Address Independence BOF
This meeting addresses NATs for IPv6, primarily for address independence
for enterprises.
There was no clear consensus from the meeting to form a working group or
even to produce a document. Discussion continues on the mailing list and
there will likely be a follow-on BOF at IETF75 to continue the discussion.
BOF’s do not have webpages, but BOF status for all BOFs under current
consideration at IETF74 can be found
here:http://trac.tools.ietf.org/bof/trac/wiki/BofIetf74
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/6ai.txt
BEHAVE WG: Behavior Engineering for Hindrance Avoidance WG
BEHAVE has a broader charter, but the specific point of interest to this
topic is the IPv4 to IPv6 translation (and vice-versa) that is chartered
here. There are several drafts on the agenda that are pertinent. (See
the agenda page for a complete list).
Ongoing discussions of Carrier Grade NAT (CGN) and NATs for IPv4-IPv6
transition are taking place in the BEHAVE WG. Of particular interest in
the discussion of IPv4-IPv6 NAT is the proper handling of DNS
translations between different domains. Several active participants in
DNS standardization have been paying attention to this work now and it
seems that everyone is in agreement that these kind of solutions leave
quite a bit to be desired with respect to the operation of DNS in such
domains. An active outreach is being conducted to the DNS operational
community to determine how much of this that community can really tolerate.
WG webpage: http://www.ietf.org/html.charters/behave-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/behave.txt
SOFTWIRE: Softwires WG
While much of the work of this WG has been specifying discovery,
encapsulation, and control for connecting IPv4 clouds over IPv6 and
vice-versa, it has picked up the work item to define DS-lite ("dual
stack" lite). This pertains to IPv6 and continued existence of IPv4
following IPv4 address completion. Some of the other address sharing
proposals may be being merged with existing DS-lite proposals. What we
are hoping for here is an optimal an address sharing solution as we can
envisage combining IPv6 deployment and a reasonable level of end user
control.
No update available.
WG webpage: http://www.ietf.org/html.charters/softwire-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/softwire.txt
SHARA BOF: Sharing of an IPv4 Address BOF
This BOF is concerned with address sharing and all the various proposals
for IPv4 address-sharing that have emerged recently. Randy Bush’s
overview of the many address-sharing proposals that were around, led to
this BOF to focus on the topic specifically. This is not a working group
forming BOF.
Mat Ford presented his internet-draft on problems with shared addressing
during the meeting. His I-D can be found at:
http://www.ietf.org/internet-drafts/draft-ford-shared-addressing-issues-00.txt.
This documents a number of issues with approaches to shared addressing
that are being considered for standardization. There were a number of
other documents discussed as well and it was difficult to determine that
any consensus about the topic was reached in the room. Finally it was
agreed to continue to discuss this on the mailing list for SHARA.
BOF’s do not have webpages, but BOF status for all BOFs under current
consideration at IETF74 can be found
here:http://trac.tools.ietf.org/bof/trac/wiki/BofIetf74
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/shara.txt
Securing the Internet's Infrastructure
--------------------------------------
A number of discussions are underway to improve the overall security of
the Internet's infrastructure. A recent headlining technology is DNSSEC.
There are other, less obvious, critical pieces under discussion for the
routing infrastructure, as well.
SAVI WG: Source Address Validation Improvements
This WG "considers only solutions implemented on systems located on the
same IP link as a to-be-verified node... running in routers of
layer-3-aware ethernet bridges" Drafts include a proposal for SeND SAVI
and requirements.
From the Charter: "The purpose of the ... working group is to
standardize mechanisms that prevent nodes attached to the same IP link
from spoofing each other's IP addresses... The WG is prohibited from
creating its own protocols or extensions/modifications of current
protocols." The discussion of design decisions since IETF 73
concentrated on failure conditions for duplicate address detection (DAD)
in IPv6. Whether the proposed SAVI binding protocol, which violates the
charter, should distribute address bindings through push or pull
presupposed distribution, but several participants suggested that
validation (or alerting to failure) through DAD would suffice. There was
some discussion of partial SAVI protection of a subnet. Despite these
fundamental questions, an report claimed interoperability among 7
vendors over several thousand SAVI subnets.
WG webpage: http://www.ietf.org/html.charters/savi-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/savi.txt
SIDR WG: Secure Inter-Domain Routing WG
Focus is on the authorization of an originating AS to advertise an
address prefix. The technical specification under consideration is for
certificates for a Resource PKI (RPKI) (The most relevant "resources"
are address prefixes and AS numbers.) Outside the WG, we see evidence
that implementation is underway. The (different) Routing Protocol
Security (RPSEC) WG is chartered for to document security requirements
for routing systems.
Discussion of the Resource Public Key Infrastructure (RPKI) architecture
centered on the difference between certificate names being identifiers
at the level of RIRs and IANA and not elsewhere; uniform
non-identification will be written into the next draft. Discussion of
Trust Anchor Material centered on differences between a single root of
trust, with a simple certificate, or multiple roots, with cross-signed
certificates between address authorities. How to deal with
inconsistencies in the data held by IANA and RIRs, as well as the value
of simple certificates, divided opinions. The next draft is to include
clear need for multiple roots. How to handle partial deployment of RPKI
centered on whether Bogon Origin Attestations (BOAs) as well as Route
Origin Authorizations (ROAs) are needed.
WG webpage: http://www.ietf.org/html.charters/sidr-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/sidr.html
DNSOP WG: DNS Operations
The specifications of DNSSEC by the DNSEXT WG are done. Deployment is
being discussed in DNSOP and drafts have appeared in time for this
meeting. DNSSEC experts are monitoring implications of v6-v4 NAT in
other WGs. Currently under consideration: locally-served zones (almost
done), and requirements for management of DNS servers.
Discussion focussed on drafts on (1) revising DNSSEC Operational
Practices (RFC 4641) based on deployment experience and cryptographic
analysis, (2) timing analysis and requirements for DNSSEC keys, and (3)
rules to avoid abuse in new top-level domain names. There was also
(less) discussion of (4) DNSSEC implications for the NAT6to4 proposal
being discussed in BEHAVE, (5) proposed use of DNS for HIP identifiers,
and (6) details of deleting resource record signatures in backup signers.
WG webpage: http://www.ietf.org/html.charters/dnsop-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/dnsop.txt
DKIM WG: Domain Keys Identified Mail WG
This is an ongoing effort to add authenticating information to the
headers of email messages. This may have some relationship to the YAM
BOF, which is aiming to capture and tighten up the specifications of
some mail headers: in order to have useful signature/verification
infrastructure, it is necessary to have well-harmonized usage of mail
headers.
Discussion of errata for RFC 4371 exposed fundamentally different views
of the output of the DKIM validation process. Some felt strongly that
the output is an identifier indicating the validity of the message
origin; other felt as strongly that it was any set of information to
enable email filtering.
WG webpage: http://www.ietf.org/html.charters/dkim-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/dkim.txt
Trust & Identity
----------------
Although there is no specific chartered trust or identity working group
within the IETF, there are a number of IETF work items that have
important cross connects with the broader community of identity
technology development.
OAUTH BOF: Open Web Authentication BOF
This is a BOF about some work that has come out of identity community.
An independent author draft was submitted between IETF72 and IETF73;
there was a BOF at IETF73. There is a lot of interest in the 1.0 spec
for OAUTH. Since IETF73, there has been work on drafting a charter and a
lot of discussion about what should go in it. Expected to become a WG at
or after this meeting.
The big news following the IETF 74 meeting is that the IESG has approved
the charter for the OAuth Working Group!
This work came in the IETF is a BOF based on work that has come out of
the identity community (http://oauth.net/) An independent author draft
was submitted between IETF72 and IETF73; there was a BOF at IETF73 and
in a follow on meeting at IETF 74 participants hammered out the final
details of the proposed charter.
Look for an interview with Eran Hammer-Lahav (author of the initial
draft) and Blaine Cook (now a WG co-chair) in the next issue of the IETF
Journal. Additional OAuth community activities can be tracked here:
http://groups.google.com/group/oauth/
WG webpage: http://tools.ietf.org/wg/oauth/
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/oauth.txt
GEOPRIV WG: Geographic Location/Privacy WG
The WG has been around for a long time, addressing some tricky privacy
issues. The work from this group has informed and is related to some of
the issues in ECRIT WG.
The WG meeting in San Francisco included a packed agenda and several
heated debates. Privacy protection has a frequent concern as were
formats for geodetic location.
A Virtual Interim Meeting is schedule for late May to continue the
discussion on updates to RFC 3825. See:
http://trac.tools.ietf.org/wg/geopriv/trac/wiki
and the growing inventory of location formats can be found here:
http://trac.tools.ietf.org/wg/geopriv/trac/wiki/LocationFormats
WG webpage: http://www.ietf.org/html.charters/geopriv-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/geopriv.txt
ECRIT WG: Emergency Context Resolution with Internet Technologies
This work is particularly interesting in the context of emergency 911
services. A lot of this is about authentication, and access to identity
credentials. Tied to ATOCA BOF.
This work is particularly interesting in the context of emergency 911
services.
The meeting in San Francisco included a review of the working groups
process in advancing their work and a review of current drafts measured
against their internal "3 stage" process.
ECRIT plans an Interim meeting in June of 2009 and details
will be made available here:
http://trac.tools.ietf.org/wg/ecrit/trac/wiki
WG webpage: http://www.ietf.org/html.charters/ecrit-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/ecrit.txt
Bandwidth Management
--------------------
LEDBAT: Low Extra Delay Background Transport WG
This WG is focusing on defining a congestion control mechanism that
saturates bottleneck links, whilst simultaneously maintaining low delay
and yielding to standard TCP. In other words, a mechanism that would
allow bandwidth intensive applications to scavenge as much free
bandwidth as possible without negatively impacting on simultaneously
occurring interactive, or inelastic traffic flows. BitTorrent have
recently submitted an I-D describing a novel congestion control
mechanism for which they have already amassed considerable deployment
experience and which it is claimed meets the chartered objectives of the
working group.
Stanislav Shalunov presented the BitTorrent congestion control algorithm
and there was lengthy and detailed discussion in the working group
meeting. This was largely positive and constructive and further review
and comment will continue on the mailing list. The WG indicated
willingness to adopt the document as a WG work item, but this does not
preclude the possibility of other novel congestion control algorithms
being submitted that address the WG charter.
WG webpage: http://www.ietf.org/html.charters/ledbat-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/ledbat.txt
ALTO: Application Layer Traffic Optimisation WG
This WG is designing and specifying a service that will provide
applications with information to perform better-than-random initial peer
selection based on factors including maximum bandwidth, minimum
cross-domain traffic, lowest cost to the user, etc. Work is progressing
to merge proposed solution protocols, although there are several
competing proposals still on the agenda at this time. Documented trial
deployments illustrate the potential benefits of this approach. One area
of controversy is edge-caching of content in service provider networks,
and there are a couple of drafts dealing with this subject.
The problem statement draft has been adopted, as has the requirements
draft, although it is accepted that the requirements need to remain
flexible. The working group went into an overflow session to see if it
was possible to drive the various solution proposals towards some kind
of consensus approach. This concluded with consensus that defining a
protocol sufficiently flexible to allow the full spectrum of proposed
approaches was desirable. There was less unanimity in support of the
idea of a negotiation mechanism.
WG webpage: http://www.ietf.org/html.charters/alto-charter.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/alto.html
P2PRG Peer-to-Peer Research Group
The IETF has formed working groups to address specific issues of P2P
networking (i.e. P2PSIP, ALTO, LEDBAT). During the development of
standards for P2P networks in these working groups, new research topics
may arise that exceed the working group charter and require a separate
forum for discussion. The P2PRG provides such a forum without
duplicating the work being done in the different IETF WGs.
RG webpage: http://www.irtf.org/charter?gtype=rg&group=p2prg
Several interesting presentations on recent P2P research results.
Pointers to some of the raw datasets have subsequently been shared on
the mailing list. Archives are here:
http://www.ietf.org/mail-archive/web/p2prg/current/maillist.html
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/P2PRG.txt
IETF structure and process
--------------------------
Two important IETF structural/process discussions on the agenda for
IETF74 are the IPR discussions, and NomCom process.
PRE8PROB BOF: Pre-5378 Problem BOF
Dealing with the problem of handling IPR declarations for documents
building on RFCs that pre-dated RFC 5378 IPR rules.
No update available.
BOF’s do not have webpages, but BOF status for all BOFs under current
consideration at IETF74 can be found
here:http://trac.tools.ietf.org/bof/trac/wiki/BofIetf74
The slides can be found here:
http://www.ietf.org/proceedings/09mar/index.html
The minutes can be found here:
http://www.ietf.org/proceedings/09mar/minutes/pre8prob.txt
NomCom -- on IETF operations and Administration Plenary
This plenary includes the following important item for the IETF NomCom
process:
NomCom Process Change (1600 to 1655)
1. Introduction
2. Presentation of each draft followed by Q&A
- draft-galvin-rfc3777bis
- draft-dawkins-nomcom-dont-wait
- draft-dawkins-nomcom-openlist
3. Way forward
The minutes of the plenary session are available here:
http://www.ietf.org/proceedings/09mar/minutes/plenaryw.txt
It was clear from the discussion that RFC3777bis will be moving forward,
and there was much support for reviewing role of liaisons as expressed
in the document.
There was some support to move draft-dawkins-nomcom-dont-wait forward --
adjusting the timetable and process for announcing the open slots the
NomCom has to fill, and giving some discretionary powers to the previous
NomCom chair to launch the process if the incoming NomCom chair has not
been identified.
draft-dawkins-nomcom-openlist -- was the biggest point of discussion.
Should the list of willing candidates be public knowledge for each
position? General support is for, though detail of how to handle it is
not clear.
Drafts are being updated, and discussion is on the
"ietf-nomcom at ietf.org" mailing list.
Leslie Daigle
Chief Internet Technology Officer
Internet Society
daigle at isoc.org
More information about the Chapter-delegates
mailing list