►
From YouTube: CNCF Serverless Working Group 2020-10-15
Description
CNCF Serverless Working Group 2020-10-15
A
A
A
B
A
A
H
A
A
I
A
All
right,
let's
go,
then
see
how
quickly
we
can
end
this
thing,
just
a
reminder:
if
you
have
an
ai,
please
look
at
when
you
get
a
chance
anything
from
the
community
that
people
want
to
bring
up,
no
okay
cool.
We
do
have
an
sdk
call
this
week.
I
last
time
I
checked
there
wasn't
anything
on
the
agenda.
Let's
just
quickly
check
yeah.
We
have
nothing
there.
A
So
if
you
want
to
do
something,
go
ahead
and
add
another
section
for
today's
agenda,
otherwise
we
may
not
have
a
call
where's
it
going
next.
Oh
yeah,
okay,
discovery
interrupt
next
week.
Call,
I
don't
think,
there's
anything
been
updated
in
the
discovery
doc.
So
please,
if
you
are
planning
on
doing
something
there
help
fill
this
out.
It's
on
my
to-do
list
as
well.
A
I
think
the
more
important
thing
at
this
point
in
time
is
for
everybody
to
actually
start
coding
more
than
anything
else.
The
way
I
kind
of
look
at
it
is
once
you
get
the
base
infrastructure
in
place.
The
rest
of
it
should
be
easy.
Hopefully,
so
please
start
coding
that
way.
You
can
find
errors
in
the
spec
and
try
to
get
those
ironed
out
before
the
proposed
interop
on
november
2nd,
which
is
only
a
couple
weeks
away,
all
right
and
tim
or
anything
from
the
workflow
side
of
things
you
want
to
mention.
A
Okay-
just
let
you
guys
know
since
he
mentioned
it,
we
did
not
sign
up
for
a
booth.
However,
I
did
sign
this
up,
for
I
think
it's
called
office
hours
I
have
unless
I
missed
it.
I
have
not
seen
the
sign
up
sheet
for
when
the
office
hours
might
be.
When
I
get
that
I'll
look
for
some
message
on
the
slack
channel,
because
I
suspect.
A
J
Yeah,
you
should
have
gotten
it.
You
know
I
actually
had
a
problem
with
this.
I
haven't
said
anything
to
cncf,
but
last
time
we
had
to
express
interest
and
then
once
the
deadline
was
over,
then
they
opened
the
calendar.
It
seems
like
this
time
as
soon
as
you
responded,
they
opened
the
calendar
to
you.
So
there
are
a
lot
of
times
that
were
gone
already
by
the
time.
A
A
So
if
you
can
send
me
the
email,
I'll
look
for
some
times
and
maybe
just
grab
one
and
if
it
doesn't
work,
we
can
always
adjust,
but
I
don't
anticipate
it
being
difficult.
Last
time
we
had
very
few
people
show
up,
so
we
just
need
somebody
to
you
know
warm
bodies
in
there
is
probably
all
we
need.
I
think
most
questions
should
be
easy,
so
all
right
all
right
with
that,
let's
keep
moving
forward.
As
I
said,
I
couldn't
we
have
no
prs
to
look
at
issues.
I
picked
out
just
a
couple.
A
A
Basically,
if
a
property
exists,
it
has
to
have
a
value
leave
that
leave
out
extensions
for
a
minute
because
there's
a
hole
there,
but
for
all
the
spec
properties.
You
can
assume
that
if
the
property
exists,
there
will
be
a
value
there.
It
will
not
be
null
at
least
that's
what
the
spec
kind
of
leans
towards,
but
this
issue
is
really
about.
A
L
Yeah
I
mean
when,
as
I
read
the
spec
it
doesn't,
it
doesn't
to
me
read
like
we
support
nulls
and
I
wouldn't
expect
to
receive
an
attribute
with
no
value.
I
I
think
my
bigger
concern
is,
if
you
do,
how
do
you
are
we
meant
to
propagate
that
through
all
the
different
transports
yeah?
So
if
we
were,
you
know
going
to
send
a
null
attribute
over
http.
What
would
we
put
in
the
header
for
that
you
know?
Does
it
then
make
everything
more
complex?
L
You
know
because
it
might
expect
the
word
null
in
in
a
header
attribute.
That
was
only
expected
to
be.
I
don't
know
a
number,
so
I
think
it
it
sort
of
is
a
bit
of
a
deeper
issue
than
than
it
might
appear,
but
I
would
lean
to
not
allowing
or
explicitly
saying
that
if,
if
an
attribute
is
defined,
it
should
have
a
value.
L
G
Yes,
so
basically
I
I
agree
to
what
jem
said,
so
it
just
would
like
to
emphasize
that
it's
not
about
the
empty
value.
It's
about
the
null
value
of
the
discussion,
so
I
I
realized
that
most
of
the
standard
context
attributes
also
state
that
they
shouldn't
be
an
empty
value.
But
that's,
I
think,
a
different
topic
so
and
I
agree
that
that
transporting
null
explicitly
would
be
then
a
challenge
for
each
and
every
protocol,
binding
and
format.
So
that's
also
what
I
wrote
here.
A
Us,
okay,
so
just
comments
before
I
get
to.
I
just
want
to
ask
a
clarifying
question
because
jem
correct
me
wrong,
but
you
seem
to
indicate
you
wanted
the
spec
to
be
more
clear
to
say
we
do
not
support
null
but
klaus.
You
start
off
saying
you
agree
with
jem,
but
then
you
ended
with.
We
should
allow
both
but
be
clear
that
null
is.
The
same
thing
is
not
present.
Well.
G
I
I
say
that
either
we
allow
it
and
treat
it
as
the
same
or
we
don't
allow
it
at
all
and
yeah.
Okay
got
it.
Okay,
pretty
much
the
same.
It's
just
a
subtlety
of
what
would
be
easier
for
the
the
sdks
and
for
handling
of
json
in
detail,
and
here
would
also
rely
on
on
feedback
from
the
sdk
implementers.
G
E
E
A
E
Yeah
because
the
field
wasn't
there
in
the
beginning
so,
but
is
the
case
I
just
want
to
want
to
make
not
too
complicated
for
for
the
for
the
innocent
is,
if
I
mean
literally,
if
you
code
up
a
poco
type
right
and
you
grab
just
grab
a
grab,
the
serializer
and
the
serializer
is
that
its
default
is
to
not
emit
the
values
but
to
to
write
them
out
onto
onto
the
wire
as
now.
Then,
then,
that's
what
you
should
that.
That's
the
situation
you're
in
and
I'm.
E
E
I
I'm
currently
having
a
side
job,
helping
a
soccer
professional
soccer
club,
their
I.t
stuff
and
then
so.
I'm
dealing
with
developers
who
are
just
doing
dynamics
every
day,
and
that
is
calibrating
my
perspective.
I
would
say
for
how
complicated
it
can
be
to
deal
with
jason.
So
I'm
I'm
I'm
a
little
disillusioned.
I
would
say.
A
A
F
A
F
A
A
L
L
Is
it
going
to
say
yes
or
is
it
going
to
say
no,
I'm
going
to
get
a
different
answer?
If
that
was
subsequently,
I
don't
know
marshalled,
you
know
as
a
binary
through
http,
because
that
header
wouldn't
be
there,
so
it
just.
I
think
it's
just
going
to
lead
to
you're
going
to
have
to
provide
guidance
to
sdk
writers
as
to
how
they're
expected
to
handle
this
situation
to
get
a
consistent
application.
F
So
I
think
from
my
side
integrators
never
asking
questions
about
the
original
payload
they're
asking
questions
about
the
the
converted
nominal
form
of
the
event,
and
so
in
that
case
I
think
it
ends
up
being
the
same.
If,
if
something
was
set
to
nil,
the
parser
understands
that
that
should
just
ignore
it
and
not
set
that
value.
So
I
think
you
end
up
with
the
result.
The
resulting
exact
same
object
after
a
marshalling.
M
Yeah,
I'm
just
thinking
that
in
the
case
of
the
sdks
I'm
working
on
so
both
sdk,
rust
and
sdk
java,
this
requires
changing
the
main
apis,
because
then
we
because
now
the
assumption
is
only
there
is
something
there
isn't
anything
and
if
anything
is
null
or
not
present,
it
doesn't
make
any
difference
for
the
interface
itself.
So
this
this
will
require
changing
the
stuff.
M
No,
no,
if
I
can
add
something
to
be
honest,
I
I'm
not
even
sure
how
should
I,
for
example,
model
this
in
a
rust.
Like
I'm
saying,
I'm
saying
one
language,
but
I
have
I
have
no
real.
I
have
no
real
idea.
How
should
I
model
this
in
rust?
I
mean
what
happens
when
it's
not
present,
and
what
should
I
say
when
it's
surprising.
What
should
I
say
when
it's
not
so
the
language
doesn't
give
me
the
ability
to
to
model
the
null.
In
fact,
it
just
gives
me.
F
E
Yeah,
that's
that's
right,
if
you
so
in
the
case
in
the
martial
art
and
also
someone
who's
looking
at
as
a
strongly
typed
object
in
in
java
or
in
c
sharp
or
any
any
type
language
that
they
see,
no
difference
between
whether
you
sent
now
or
or
and
meant
to
set
null
or
whether
the
object
is
absent.
It's
it's
semantically,
identical.
A
M
G
C
I
think
your
hand
was
up
next
yeah
thanks,
so
I
just
wanted
to
point
out
one
use
case
where
nile
is
actually
different
than
being
undefined
or
and
that's,
for
example,
if
you
send
patch
requests
or
use
the
json
merge
patch
semantics,
and
there
now
basically
says
if
you
know
this
property
and
you
have
a
value
for
that,
you
need
to
remove
it.
So
it's
in.
C
A
A
Okay,
I'm
going
to
assume
they're
old
okay,
so
I
think
what
I'm
hearing
is
add
language
to
the
json.
Only
spec.
Well,
okay,
two
things,
add
language
to
the
json
spec,
to
make
it
clear
that
null
and
absent
are
the
same
klaus.
You
were
thinking
that
we
may
need
to
add
something
to
the
main
specs
type
system
section,
but
I
think
those
are
the
scope
of
the
possible
changes.
We've
talked
about
so
far.
A
L
L
L
C
C
F
A
I
think
it's.
The
query
object
to
actually
just
you
know
say
give
me
the
value
and
there's
no
way
to
distinguish
between
empty
string
versus
the
the
the
property.
Wasn't
there
at
all.
You
know,
probably
not
there
at
all.
It's
always
going
to
return
every
string.
If
you
want
to
actually
find
out
where
the
query
parameter
is
there,
but
with
no
value
you
have
to
actually
go.
Look
at
the
the
the
map
itself
to
do
that,
and
it
just
got
me
wondering,
and
I
know
scott.
A
They
basically
show
them
what
it
was
basically
on
the
wire
for
the
most
part,
and
I
want
to
make
sure
that
we're
not
going
to
close
off
use
cases
where
someone
says
you
know
what
I
really
do
need
to
know
whether
the
whether
the
thing
was
present
with
null
versus
not
present
at
all.
For
some
reason,
I
just
I
would
be
sure
we're
not
missing
some
use
case
here.
F
Given
that
the
guidance
is
that
these
attributes
are
meant
for
routing
and
maybe
a
tagging
of
some
sort
of
event-
and
it's
not
the
payload
itself,
it's
a,
I
think,
you're-
probably
doing
it
wrong.
If
you
you're
expecting
the
existence
of
some
nil
value,
especially
because
the
spec
says
it
must
be
a
min
length.
One
we're
doing
a
special
case
here
for
serialization
between
wire
format
and
conical
form.
A
A
A
A
Maybe
we
shouldn't
talk
about
that
and
leave
that
as
either
exercise
for
later
or
it's
someone
else's
problem,
but
our
initial
job
should
be
to
focus
on
how
to
make
a
single
individual
discovery.
Endpoint
work
well,
okay,
and
so
what
I
want
to
do
is
to
bring
back
up
this
issue
to
say
two
things:
one
is
is
that
where
everybody's
head
everybody
else's
head
is
at
and
that
for
now
we
should
focus
on
just
a
single
discovery,
endpoint,
and
if
so,
what
do
people
think
about
this
issue
within
that
scope
and
just
refresh
everybody's
memory?
F
A
A
F
F
A
A
F
F
F
A
No,
I'm
sorry,
it
wasn't
clear.
I
wasn't
thinking
about
the
what's
changed
from
a
sinking
of
discovery.
Endpoint
perspective.
I
was
actually
thinking
more
about
from
a
client
perspective.
Right.
I
have
a.
I
have
a
an
application
that
presents
some
services
to
a
user,
so
they
can
maybe
choose
one
right
and
but
periodically.
I
need
to
query
the
discovery
endpoint
that
I
hooked
up
to
to
know
whether
I
need
to
update
my
ui
right
with
a
new
list
or
you
know,
call
the
list
down
because
things
vanished.
F
A
F
F
C
Okay,
simon
your
hands
up
yeah,
I
agree
with
scott,
so
I'm
also
at
a
similar
problem
implementing
discovery
and
we
decided
to
go
with
the
cache
con,
basically
an
e-tag
as
a
solution
for
finding
out
if
content
changed
and
versioning.
If
you
need
to
have
the
really
the
details
on
it,
but
we
we
weren't
considering
having
epochs
and
logical
clocks
for
this,
because
eventual
consistency
would
be
okay
for
basically
getting
a
synchronized
state.
C
A
All
right
I'll
tell
you
what
that
that
helps.
So,
thanks
for
the
discussion,
scott
and
simon,
let
me
go
back
and
rework
this,
because
you
made
some
good
arguments
there,
scott,
and
I
think
you,
I
think
you
convinced
me
that
yeah
separate
value
would
be
probably
better
and
easier
to
implement
and
maybe
even
safer.
It's
okay!
Let
me
go
back
and
rework
that.
So
thank
you.
A
Okay,
the
only
other
thing
on
the
list
I
thought
might
be
interesting
was
this
one,
because
I
don't
know
whether
I
don't
remember
where
we
landed
on
this
one?
Does
anybody
remember
what
what,
if
anything,
you
want
to
do
with
this
one?
Here's
the
the
original
thing,
because
I
had
this
vague
recollection
that
we
may
have
said
it's
out
of
scope
for
us.
O
A
O
Yeah
yep,
I
agree
with
that
as
well,
but
but
I
think
we
need
to
address
the
concept
of
extensions
in
general
before
we
think,
or
we
classify
anything
as
extension
right
so
that
entire
topic
is
open
right
now
or
is
it
not?
I
don't
know
well
when
you
say
do,
can
you
elaborate
a
little
on
what
you
mean
by
deal
with
extensions,
so
the
extension
fields
we
we
still
have
to
discuss
on?
How
do
we
want
to
handle
the
concept
of
extension
fields
within
the
specification
right
now
or
do
we
already
know
that.
A
N
F
E
That's
right,
but,
but
just
so
specifically
on
this
one
sorry,
I
wasn't
paying
attention
for
two
minutes.
The
the
workbook
spec
is
effectively
mandating.
The
same
is
building
on
the
same
mechanism
that
http
itself
builds
on,
which
is
the
authorization
header
and
is
not
trying
to
invent
anything
new.
E
So
so
the
authorization
header
is
defined
in
what
72,
34
or
35,
and
that's
the
exact
mechanism
that
we're
that
we're
building
on
and
then
what
the
spec
says.
What
the
spec
says
is
that
it's
assuming
some
some
token-based
scheme,
even
oauth
2,
which
is
you
know
the
most
widely
used
framework
that
we
all
use
for
for
web
for
web
authorization,
makes
makes
no
firm,
has
no
firm
mandate
for
using
jots
or
not,
but
it
leaves
you
open
which
of
the
which
format.
E
So
if
you
look
at
or2
oauth2
will
will
have,
has
extensions
that
tell
you
that
it's
a
it's
a
jwt,
but
it
doesn't
ultimately
for
the
relationship
between
the
issuer
of
the
token
and
the
consumer.
Of
the
token,
the
the
the
party,
that's
actually
putting
the
token
into
the
into
the
message,
doesn't
need
to
know
what
format
that
token
has.
E
E
E
Because
because
that's
the
webhook
spec
is
an
extension
of
our
http
binding
and
really
defines
how
you
deliver
a
a
cloud
event
via
post
to
a
particular
endpoint.
So
it
basically
is
a
constraint
on
the
http
binding
http
binding
allows
you
to
bind
the
cloud
event
to
any
http
message,
whether
that's
a
request
or
a
response,
and
and
doesn't
care
about
which
the
what
the
the
method
is
for
for
web
hooks.
We
need
to
have
something:
that's
a
bit
more
specific
for
delivering
events
out
in
a
push
fashion.
E
E
F
F
F
E
That
was
a
very
conscious
decision,
because
we
exactly
w
star
evolved
into
c
star,
because
it
it
turns
out
that
you
know
so
probably
wasn't
a
terrible
idea.
Until
all
the
security
stuff
came
around
where
people
then
started
building,
you
know
tls
on
top
of
w
star
and
all
it
was
terrible.
It
was
not
the
xml
scott,
so
we've
we've
decided
to
punt
on
this,
the
but
you're
you're,
already
kind
of
hinting
at
something.
That
is
probably
a
good
path,
and
that
is
s
mine.
E
H
Yeah,
I
think
we
pretty
much
summarized
where
we
got
to
last
week,
but
I
just
wanted
to
raise
that
this
was
about
really
the
signature
or
it
has
evolved
into
this.
Originally,
it
was
based
really
on
the
authorization
header,
but
I
think
the
use
case
would
have
been
to
authenticate
with
somebody
further
down
the
line.
H
So
if
you
communicate
through
a
web
hook
with
an
event
gateway-
and
that
is
that
event
is
propagated
to
a
consumer,
then
the
consumer
has
no
means
to
check
whether
the
message,
the
event,
the
content
had
been
messed
with.
So
this
is,
I
think,
where
it
came
from,
and
I
don't
think
that
the
authorization
header
here
helps
s
mime.
Yes,
sig
message,
signature,
maybe
also,
but
as
fm
would
that
work
across
all
transports
of
cloud
events.
H
E
O
E
But
that's
that
was
the
point.
That
was
the
point.
It's
like
that
we're
referring
to
it,
we're
referring
to
rfc
7235,
effectively
and
say
that's
http's
problem
and
then
we're
referring
to
oauth
and
saying
and
saying
yup
how
you
acquire
a
token
go.
Go,
look,
go
look
here!
We
don't
want
to
go
and
define
anything
related
to
security
here,
but
we
want
to
go
and
effectively
just
refer
to
existing
mechanisms
and
then
on
the
point
of
of
authenticating
it
down
against
against
a
downstream
entity.
E
O
O
F
E
E
F
E
Yeah,
I
I
because
I
think,
that's
a
the
reason
why
we
the
the
reason
why
we
create
the
the
cloud
events
metadata
or
we
have
it.
Is
that
because
we
want
to
make
it
possible
for
for
arbitrary,
well,
not
arbitrary,
but
cloud
events
supporting
infrastructure
using
arbitrary
protocols,
the
ones
that
we
support
to
have
a
shared
understanding
of
what
to
do
with
those
events
and
how
to
dispatch
them.
But
it's
so
it's
it's
more,
a
spec
that
is
helping
you
to
help
foster
interoperability.
E
Then
you
know
having
the
the
originator
of
the
event
the
producer
of
the
event
and
the
consumer
of
the
event
deal
with
their
with
their
end-to-end
relationship,
because
the
end-to-end
relationship
is
ultimately
about
what
what's
in
that
event
in
terms
of
payload,
and
they
can
do
whatever
they
want.
One
of
the
print
one
of
the
principles
that
you'll
find
in
most
messaging
systems
is
that
end-to-end
security
is
generally
only
happening
at
the
endpoints,
with
the
broker
having
no
business
in
in
dealing
with
it
at
all.
E
It's
end-to-end
security
is
often
something
that's
that's
only
being
done
by
the
clients,
but
the
only
server
piece
may
be.
Some
shared
key
store,
but
that's
it
so
I
would.
I
would
follow
the
same
principle
here
and
say
you
know
if
you
really
want
to
have
end-to-end
security,
including
validation
of
who
sent
that
event.
That's
something
that
should
be
handled
end-to-end,
which
means
it's
it's
handled,
based
on
the
payload.
A
Okay,
so
we're
almost
out
of
time
I
apologize,
it
was
you
that
was
suggesting
you
may
be
able
to
respond
right.
Yes,
okay,
do
you
feel,
like
you
understand,
which
way
to
respond,
because
I
kind
of
got
the
sense
that
maybe
there's
a
pr
here,
someplace
to
add
additional
guidance
someplace,
maybe
in
the
primer
or
maybe
one
of
our
specs,
I
don't
know
yeah.
Do
you
feel
like
you
have
a
I'm
sorry
go
ahead
comments.
A
Be
great,
thank
you
very
much.
Okay.
So,
with
that
where's,
my
cursor
there,
it
is
okay,
okay,
so,
okay,
so
we
need
to
do
that
cool.
Thank
you
very
much,
okay.
That
was,
I
think,
that's
it
for
the
agenda.
I
don't
think
we
have
time
to
discuss
anything
else.
One
last
person
last
thing
erica.
Have
you
michael?
Are
you
still
on
the
call?