[Chapter-delegates] Internet Society's Rough Guide to IETF 86's Hot Topics

[Greg Wood]

Hello,

Please find below the Internet Society's Rough Guide to IETF 86. It is also available at:

http://www.internetsociety.org/rough-guide-ietf86

-Greg

-----------------------------------------------
Internet Society's Rough Guide to IETF 86's Hot Topics 
-----------------------------------------------

IETF 86 in Orlando is rapidly approaching (10-15 March 2013). Newcomers' training and technical tutorials take place on Sunday (10 March), with the working group (WG), Birds of a Feather (BoF), and a plenary session happening during the week.

Once again, the Internet Society is pleased to bring you a Rough Guide to the IETF 86 sessions most relevant to our current work. The online version of this Rough Guide will be updated as the IETF 86 session agendas are finalized:

http://www.internetsociety.org/rough-guide-ietf86

At this IETF meeting, we are focusing our attention to the following broad categories:

- Trust technologies
- Authentication/Authorization
- Infrastructure/Support
- IPv6
- Bandwidth

(All times are local, UTC -4 hours. NOTE: Daylight Savings Time in Orlando begins at 2:00 AM on Sunday, 10 March)

In addition to the WG and BoF sessions listed below, these sessions are of general interest:

+ Plenary Technical Topic

The End of Plain Old Telephone Service

Henning Schulzrinne, Chief Technical Officer, United States Federal Communications Commission will explore the technical, policy, and regulatory issues surrounding the de-commissioning of Plain Old Telephone Service (POTS).  

Agenda: http://tools.ietf.org/agenda/86/
Charter: http://iab.org/
(11 March 2013, 1740-1940)

--------------

+ ISOC at IETF 86 Briefing Panel: Content is King; How Do we Avoid Playing the Pauper?

The Internet has stimulated innovation through disruption in any number of areas, not the least of which is redefining what it means to be a "publisher"  -- of written, audio, video or other content. As everyone -- people, for- and not-for-profit businesses alike -- becomes a publisher, what are the next steps needed in order to ensure that content is treated as its creator desires. That may mean restricted use, or facilitating widespread use. This is not new -- when the first anonFTP indexer was created (Archie), it surprised some authors who thought they were sharing private draft copies of their manuscript on an FTP site. On the flip side, every now and then a photo or a video "goes viral" on the Internet generating interest and awareness beyond the creator's capacity to track it.

Are there ways that Internet application layer infrastructure standards could be extended to capture the content creator's intentions of use of digital content, to be as open or as restricted as that creator desires? What are the building blocks from which that could start?

More information on the briefing panel is posted at:

http://www.internetsociety.org/events/ietf-86
(12 March 2013, 1145-1245)

--------------

+ IAB-sponsored Discussion of WCIT

In December 2012 the ITU-T held the World Conference on Telecommunication (WCIT) in Dubai. WCIT-12 focused on the update of the International Telecommunication Regulations (ITRs), which were previously updated in 1988. The ITRs are contained in a treaty that states how countries and their telecommunications networks interconnect with one another.  

This session will provide participants an overview of the processes leading up to WCIT as well as a summary of the results, what related related events there are, and an opportunity to ask questions.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/iab-wcit/
(14 March 2013, 1730-1830)

--------------

irtfopen (IRTF Open Meeting)

The IRTF Open Meeting will feature a talk from the first Applied Networking Research Prize winner for 2013, Gonca Gürsun. Gonca was recognised for defining a metric that allows an analysis of BGP routing policies (Gonca Gürsun, Natali Ruchansky, Evimaria Terzi and Mark Crovella. Routing State Distance: A Path-based Metric For Network Analysis. Proc. ACM IMC, Boston, MA, USA, Nov. 2012. http://cs-people.bu.edu/goncag/papers/imc12-rsd.pdf)

Nominations for ANRP 2014 will open in October 2013. See https://isoc.org/anrp for details.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/irtfopen/
Charter: http://irtf.org/
(12 March 2013, 1030-1130)

--------------

tsvarea (Transport Area Open Meeting)
The Transport Area works on mechanisms related to end-to-end data transport. Transport protocols and services support Internet applications that exchange potentially large volumes of traffic at potentially high bandwidths. The proposed agenda for this meeting of the Transport Area includes a general open discussion on Active Queue Management (AQM) and the potential for IETF work in this area. This is a topic of growing interest as improved queuing intelligence is viewed as increasingly necessary to obtain good performance for real-time interactive applications in the presence of sustained, throughput-maximising flows.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/tsvarea/
(13 March 2013, 0900-1130)

--------------

history (History of the Internet) BoF

Computer networking, including the Internet, the Web, and mobile technology, is one of the most profound and exciting technologies of our time. It has affected the lives of billions, and its use continues to expand around the globe. It is important to record how such a thing came about, what it is, who developed it, how it spread, how it is used, its impact on society – in short, its history. The online world is now so vast that recording what has happened in it and why is not a small task. Many agree it could use collaboration and coordination. Should an IETF WG address how best to preserve the history of networking? The WG could start by identifying legitimate collectors of networking artifacts and archives around the world; then come up with some guidelines in an Information RFC for contributions. This activity might also develop a methodology for pioneers, emerging developers, organizations, and countries using networking to preserve key parts of its history.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/history/
(11 March 2013, 1540-1710)

--------------

IETF Journal

The IETF Journal v8.3 provides a summary of many sessions from IETF 85, as well as in depth articles on developments related to the work of the IETF:

http://www.internetsociety.org/publications/ietf-journal-march-2013

Learn about developments around IETF by subscribing to the IETF Journal at:

https://www.internetsociety.org/ietfjournal-subscribe

_____________________________________
Trust technologies
Trust technologies are those that enable trust in the Internet infrastructure and user or application space. This includes encryption technologies and mechanisms for communicating trust in various forms.
_____________________________________

jose (Javascript Object Signing and Encryption) WG

The jose WG was originally chartered to develop two security services, integrity protection and encryption, for data being carried in the JSON format. The four core documents, including JSON Web Algorithms (JWA), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Signature (JWS), continue to progress towards Working Group Last Call (WGLC). There are a number of open issues including header criticality and which portions of the header need to be included in integrity checks. In addition, the charter is being expanded to include drafts on serialization, key representations, and use cases. The revised charter should be finalized prior to the IETF meeting, and new working group drafts adopted.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/jose/
Charter: https://datatracker.ietf.org/wg/jose/charter/
(13 March 2013, 0900-1130)

--------------

json (Javascript Object Notation) BoF

Javascript Object Notation (JSON) is a lightweight, text-based, language-independent data interchange format. It was derived from the ECMAScript Programming Language Standard and was published in RFC 4627, an Informational document. Since then, JSON has come into very broad use. A JSON working group has been proposed that would work to bring JSON onto the Standards Track while addressing errors and inconsistencies in the current documentation. In addition, a potential working group would also collect proposals for changes and more significant revision of JSON and evaluate the consensus for proceeding with these more extensive changes. The JSON BoF at the upcoming IETF meeting will discuss the scope of work, support, and detailed charter for the proposed working group.

Agenda: N/A
(11 March 2013, 1300-1530)

_____________________________________
Authentication/Authorization 
AuthN and AuthZ are key components of any managed identity exchange (above or below the Web) and the work called out here will be used in conjunction with efforts in the W3C, OASIS, and other specifications groups to create solutions for both end users and intermediaries.
_____________________________________

scim (System for Cross-domain Identity Management) WG

The scim working group was chartered to standardize methods for creating, reading, searching, modifying, and deleting user identities and identity-related objects across administrative domains, with the goal of simplifying common tasks related to user identity management in services and applications. The working group has formed a design team to expedite progress, and there are a number of updated drafts for consideration in Orlando including SCIM 2.0 Extended Search, SCIM 2.0 Token Search Extention, SCIM Use Cases, SCIM User Scenario, SCIM Profile for Enhancing Just-In Time Provisioning, and SCIM and vCard Mapping. Despite the fact that this is a recently formed working group, it is making good progress towards its milestones.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/scim/
Charter: http://datatracker.ietf.org/wg/scim/charter/
(15 March 2013, 1120-1220, 1230-1330)

--------------

kitten (Common Authentication Technology Next Generation) WG

The kitten Working Group develops extensions and improvements to the Generic Security Service Application Program Interface (GSS-API), shepherds specific GSS-API security mechanisms, and provides guidance for any new Simple Authentication and Security Layer (SASL)-related submissions. This meeting will focus on exiting working drafts on moving kerberos protocol parameter registries to IANA, a set of SASL and GSS-API mechanisms for OAuth, and SAML-enhanced client SASL and GSS-API mechanisms. In addition, there are a number of independent submissions for consideration for adoption as working group items.


Agenda: https://datatracker.ietf.org/meeting/86/agenda/kitten/
Charter: https://datatracker.ietf.org/doc/charter-ietf-kitten/
(14 March 2013, 0900-1130)

--------------

wpkops (Web PKI Operations) WG

There are hundreds of variations on the Web PKI in regular use, and this can be a source of problems for certificate users, certificate holders, and certificate issuers. More consistency in Web security behavior is desirable, and a natural first step is to document current behavior. The wpkops working group has been recently chartered in the IETF to describe how the Web PKI "actually" works in the set of browsers and servers that are in common use today. To that end, the working group will document the current and historic browser and server behavior including: 1) the trust model on which it is based; 2) the contents and processing of fields and extensions; 3) the processing of the various revocation schemes; 4) how the TLS stack deals with PKI; 5) the state changes that are visible to and/or controlled by the user; and the identification of when Web PKI mechanisms are reused by other applications and implications of that reuse. IETF 86 will be the first meeting of this working group.

Agenda: N/A
Charter: https://datatracker.ietf.org/doc/charter-ietf-wpkops/
(14 March 2013, 1300-1500)

--------------

httpauth (Common Authentication Technology Next Generation) WG

The httpauth Working Group is in the process of being chartered to address the problem that the current HTTP authentication mechanisms, basic and digest, are considered to be insecure. There is a need for improved mechanisms that can replace or augment HTTP authentication without the need to rely on transport layer security. The work of this working group will be two standards track documents that obsolete the basic and digest schemes defined in RFC 2617 taking into account errata on that specification. In addition, the working group will develop a set of Informational or Experimental RFCs that define a small number of HTTP user authentication schemes that might offer security benefits, and that could, following experimentation, be widely adopted as standards-track schemes for HTTP user authentication. At the IETF 86 meeting, it is expected that the chartering process will be complete, and several proposals already on the table will be discussed.

Agenda: N/A
Charter:  https://datatracker.ietf.org/doc/charter-ietf-httpauth/
(12 March 2013, 1700-1830)

--------------

oauth (Web Authorization Protocol) WG

The Open Authentication Protocol is a mechanism that allows a user to give third-party websites or applications access to protected resources without providing them access to their long term credentials or resources. The ouath WG was chartered to update and improve the security mechanisms in the original OAUTH protocol. With the core protocol work now finished, the working group will continue to discuss drafts on a number of topics including the OAuth assertion framework, dynamic client registration, JSON tokens, and MAC tokens. In addition a number of individual submissions have been submitted on topics including a User Managed Access (UMA) profile, JSON Metadata, and moving beyond bearer tokens.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/oauth/
Charter: https://datatracker.ietf.org/wg/oauth/charter/
(11 March 2013, 1540-1710)

--------------

abfab (Application Bridging for Federated Access Beyond web) WG

The abfab Working Group is chartered to specify a federated identity mechanism for use by other Internet protocols not based on HTML/HTTP, such as IMAP, XMPP, SSH and NFS. The design combines existing protocols, specifically the Extensible Authentication Protocol (EAP - RFC 3748), Authentication, Authorization and Account Protocols (RADIUS - RFC 2865 and Diameter - RFC 3588), and the Security Assertion Markup Language (SAML). Three working group documents (use cases, a GSS-API mechanism for EAP, and naming attributes for the GSS-API mechanism) have been completed and forwarded to the RFC Editor. The core architecture document is nearing completion, and there are updated drafts on EAP applicability, RADIUS, and User Interface usability for consideration at IETF 86. Finally, there will be discussions related to the emerging concept of Trust Routing.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/abfab/
Charter: https://datatracker.ietf.org/doc/charter-ietf-abfab/
(13 March 2013, 1300-1500)

_____________________________________
Infrastructure/Support
Internet infrastructure -- from managed resources to collaborative efforts such as routing -- continues to evolve to meet current needs. Of particular interest this time around are ongoing efforts to secure the routing infrastructure (SIDR) and develop an internationalized successor to whois for accessing information associated with resources.
_____________________________________

karp (Keying and Authentication for Routing Protocols) WG

The karp Working Group is continuing to focus on improving the state of authentication in all the Internet routing protocols. Many routing protocol deployments, if they use authentication at all, are using older (possibly deprecated) cryptographic algorithms and are missing some modern security mechanisms, like replay protection, algorithm agility, or key rollover. In addition, the issue of key management is a major stumbling block to deployment. The karp WG is working to address these requirements in a number of IETF routing protocols. The karp design guide has been published as RFC 6518. In addition, the Overview, Threats, and Requirements, and the OSPF Analysis documents are in the RFC Editor queue. The document analyzing BGP, LDP, PCEP, and MSDP has been sent to the IESG and is awaiting an updated draft based on their comments. Working group drafts updated for discussion at IETF 86 include the documents on a database of long-lived symmetric cryptographic keys and an operations model for router keying. In addition, there are several individual submissions on various topics to be considered.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/karp/
Charter: https://datatracker.ietf.org/doc/charter-ietf-karp/
(12 March 2013, 1300-1500)

--------------

i2rs (Interface to the Routing System) WG

Following a successful BoF at IETF85, a new WG is being formed. From the draft charter: I2RS facilitates real-time or event driven interaction with the routing  system through a collection of protocol-based control or management interfaces. These allow information, policies, and operational parameters to be injected into and retrieved (as read or by notification) from the routing system while retaining data consistency and coherency across the routers and routing infrastructure, and among multiple interactions with the routing system. The I2RS interfaces will co-exist with existing configuration and  management systems and interfaces.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/i2rs/
Draft Charter: https://datatracker.ietf.org/doc/charter-ietf-i2rs/
(14 March 2013, 0900-1130

--------------

sidr (Secure Inter-Domain Routing) WG

The SIDR WG is focusing on securing inter-domain routing. The overall architecture is based on a Resource PKI (RPKI) which adds an authentication framework to BGP requiring a certificate management infrastructure. This is a key technology for improving trust in the routing infrastructure.

In its current phase the group is working on the BGPSEC requirements and protocol. The discussions center around more operational aspects, like propagation times, scalability and best practices.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/sidr/
Charter: https://datatracker.ietf.org/doc/charter-ietf-sidr/
(11 March 2013, 0900-1130; 12 March 2013, 1030-1130)

--------------

grow (Global Routing Operations) WG

The purpose of the GROW is to consider the operational problems associated with the IPv4 and IPv6 global routing systems, such as routing table growth, the effects of the interactions between interior and exterior routing protocols, and the effect of address allocation policies and practices on the global routing system. GROW also advises other working groups, including IDR and SIDR, with respect to whether it is addressing the relevant operational needs, and where appropriate, suggest course corrections.

A discussion on so-called "route leaks" and their implications for routing security started in SIDR WG, but now moved to GROW. The main point of the discussion is that the problem is related to BGP incapability to convey the policy (or the intent) and, therefore, cannot be fixed in current BGPSEC solution developed in SIDR WG. See:

draft-grow-simple-leak-attack-bgpsec-no-help for the details.

Another discussion thread is related to BGP error handling, and more graceful handling of malformed attributes - a problem that may cause a cascading effect and affect significant portions of the Internet. See:

draft-ietf-grow-ops-reqs-for-bgp-error-handling for more information.

Agenda: N/A
Charter: https://datatracker.ietf.org/doc/charter-ietf-grow/
(12 March 2013, 1700-1830)

--------------

dnsop (DNS Operations) WG

The DNSOP WG develops guidelines for the operation of DNS software servers and the administration of DNS zone files. The WG also documents DNSSEC operational procedures and looks at DNS-related IPv6 transition and coexistence issues.  In this meeting there will be discussion of the use of Negative Trust Anchors as a way to mitigate some of the issues during the transition to ubiquitous DNSSEC deployment: https://datatracker.ietf.org/doc/draft-livingood-negative-trust-anchors/ 

Agenda: https://datatracker.ietf.org/meeting/86/agenda/dnsop/
Charter: https://datatracker.ietf.org/doc/charter-ietf-dnsop/
(14 March 2013, 1730-1830)

_____________________________________
IPv6
The Internet relies on a single addressing framework in order to have global reach and integrity. IPv4 address space is insufficient for today's Internet, and IPv6 has been developed as its successor. While the standard for IPv6 has long-since been finished, there are ongoing discussions of IPv6 operational issues and management, as well as possible uses in home networks and very large scale networks (of small scale devices).
_____________________________________

v6ops (IPv6 Operations) WG

Joel Jaeggli is now an AD and John Brzozowski is taking over his job as WG chair along with Fred Baker. This draft was submitted and led to some interesting discussions on the mailing list about RIR behavior, it being asserted that this draft enables networks to bypass the RIRs in getting IPv6 space, and hence, it being a technical proposal to route around RIR problems:

https://datatracker.ietf.org/doc/draft-mlevy-v6ops-auto-v6-allocation-per-asn

In brief, from the abstract,

"This document provides a methodology for automatically allocating
IPv6 [RFC2460] address blocks for networks that run BGP [RFC4271] and
are either single-homed or multi-homed [BARBER2011].  The automatic
allocation is taken from a specific /16 block assigned by IANA for
this purpose."

It will be interesting to see whether this progresses or is discussed at the WG meeting during IETF 86. 

There was a call for adoption of this as a working group document:

https://datatracker.ietf.org/doc/draft-binet-v6ops-cellular-host-requirements

Most comments were in favor but there were a couple of articulate opponents. Many of the supporters are folks we have been working with for adoption of v6 in mobile networks - mostly mobile operators.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/v6ops/
Charter: https://datatracker.ietf.org/wg/v6ops/charter/
(11 March 2013, 1300-1530; 13 March 2013 1510-1710)

--------------

6man (IPv6 Maintenance) WG

The 6man Working Group is charged with the maintenance, upkeep  and advancement of the IPv6 protocol specifications and addressing architecture, which is especially relevant as IPv6 begins to be deployed around the world at scale this year.http://datatracker.ietf.org/doc/draft-carpenter-6man-ug/ A lot of the mailing list discussion since the last IETF meeting has been around the use of the U-bit and G-bit in the IPv6 iid. From the abstract of http://datatracker.ietf.org/doc/draft-carpenter-6man-ug/:

"The IPv6 addressing architecture defines a method by which the
Universal and Group bits of an IEEE link-layer address are mapped
into an IPv6 unicast interface identifier.  This document clarifies
the status of those bits for interface identifiers that are not
derived from an IEEE link-layer address."

This draft hopes to clarify the use of these bits.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/6man/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6man/
(15 March 2013, 1120-1220, 1230-1330)

--------------

sunset4 (Sunsetting IPv4) WG
sunset4 is a new working group in the Internet Area. The working group is an addresses the fact that the Internet is still largely IPv4, but in the presence of address exhaustion it cannot continue to be the Internet that we know today. The Internet will transition to IPv6 but there will be an interval where the Internet's performance degrades as more coping mechanisms are adopted and before a complete transition to IPv6. This working group hopes to develop techniques to mitigate some of that pain. Sunset4 has a new charter proposed since the last IETF meeting, but it has not been approved.

There has been little activity on the mailing list since IETF 85.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/sunset4/
Charter: https://datatracker.ietf.org/doc/charter-ietf-sunset4/
(13 March 2013, 1300-1500)

_____________________________________
Bandwidth
The public policy world is full of discussions of appropriate (and inappropriate) management of bandwidth in the face of growing network usage. The IETF and IRTF have a number of efforts underway to explore and address more sophisticated ways to make use of available bandwidth, and otherwise get content to where it needs to be, efficiently.
_____________________________________

tcpm (TCP Maintenance and Minor Extensions) WG

TCP is currently the Internet's predominant transport protocol. TCPM is the working group within the IETF that handles small TCP changes, i.e., minor extensions to TCP algorithms and protocol mechanisms. The group are working on a number of modifications to TCP that could significantly improve Internet performance as perceived by the average end user.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/tcpm/
Charter: https://datatracker.ietf.org/doc/charter-ietf-tcpm/
(12 March 2013, 0900-1020)

--------------

iccrg (Internet Congestion Control Research Group)
This is the IRTF home for work on congestion control and the meeting will include interesting discussion of novel proposals for improving the algorithms used on the Internet to control congestion and thereby manage and optimise application performance for Internet users.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/iccrg/
Charter: http://irtf.org/iccrg 
(13 March 2013, 1300-1500)

--------------

lmap (Large-Scale Measurement of Broadband Performance) BoF

This BoF meeting will follow up the Bar BoF meeting that was held adjacent to the IETF85 meeting last November. Protagonists for standardising a large-scale measurement architecture have received a great deal of feedback from the community in the interim and this meeting is required to clearly identify a well-scoped problem that takes into consideration existing protocols and measurement tools, leaving a clear set of outstanding work items relevant to the IETF mission.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/lmap/
(13 March 2013, 1510-1710)

--------------

rmcat (RTP Media Congestion Avoidance Techniques) WG

Today's Internet traffic includes interactive real-time media, which is often carried via sets of flows using RTP over UDP. There is no generally accepted congestion control mechanism for this kind of data flow. With the deployment of applications using the RTCWEB protocol suite, the number of such flows is likely to increase, especially non-fixed-rate flows such as video or adaptive audio. There is therefore some urgency in specifying one or more congestion control mechanisms that can find general acceptance.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/rmcat/
Charter: https://datatracker.ietf.org/wg/rmcat/charter/
(11 March 2013, 0900-1130)

--------------

ippm (IP Performance Metrics) WG
The lmap BoF described above indicates there is considerable community interest in standardising a measurement architecture for large-scale Internet measurements. The ippm Working Group is where the IETF develops the specific metrics that lmap would orchestrate, schedule and record. As new aspects of Internet performance fall under scrutiny, ippm works to develop robust ways of measuring those aspects end-to-end.

Agenda: https://datatracker.ietf.org/meeting/86/agenda/ippm/
Charter: https://datatracker.ietf.org/doc/charter-ietf-ippm/
(14 March 2013, 1300-1500)

==================================================================

Copyright (c) 2013 by the Internet Society. This work is made available under the terms of the Creative Commons Attribution-ShareAlike 3.0 license, http://creativecommons.org/licenses/by-sa/3.0/.