►
From YouTube: IETF100-TRANS-20171113-1550
Description
TRANS meeting session at IETF100
2017/11/13 1550
https://datatracker.ietf.org/meeting/100/proceedings/
A
A
A
A
Okay,
the
agenda
for
today
is
we've,
got
some
administrivia
to
take
care
of,
we
didn't
know.
Well,
we've
got
minutes
and
drivers
we've
got
blue
seats
going
around.
That
was
the
part
where
we
passed.
The
agenda
first
thing
is
to
do
a
status
update
69-62.
This
follow
the
opportunity
improves
that
doesn't
belong
on
there.
Basically,
it's
69-62,
this
follow-up.
We're
then
talk
about
short-lived
certificates.
Name
redaction,
slash
privacy
is
is
back
with
us
again
wait.
This
is
just
a
long.
Yes,
this
is
no
it's
the
right
one.
Okay!
A
Some
of
this
is
not
a
blog
monitoring,
API
we're
not
talking
about,
but
we
are
talking
about
new
work
and
the
work
and
working
group
futures
since
we're
winding
down
the
deliverables
that
we
have
defined.
We've
talked
a
lot
about
potential.
New
work
nobody's
really
brought
anything
in,
so
we're
going
to
discuss
that
a
little
bit
towards
the
towards
the
end
of
the
session,
a
status
update,
charters
unchanged.
A
We
currently
have
17
open
tickets
in
the
issue:
tracker
0
on
the
disk
document
3
on
gossip
7,
on
client,
behavior,
5
on
threat
analysis
and
to
the
that
don't
specify
a
component
on
69-62
this.
We
need
a
revision
based
on
a
review
thanks
very
much
for
the
comment,
thanks
very
much
to
the
editors
for
responding
to
those
production.
There's
an
urban
intermittent
activity
on
that
we've
got
a
new
draft
come
in
just
a
little
while
ago,
and
we're
going
to
be
talking
about
that
a
bit
today,
because
it
does
present
a
new
use
case.
A
The
threat
analysis
is
stuck
need
additional
tests.
I
mentioned
this
briefing
to
effort
here
and
in
DePaul
and
and
basically
what
I'd
like
to
propose
is
that
poller
I
just
knock
this
out,
get
it
done
and
and
wrap
it
up,
there's
just
a
little
bit
of
work.
That
needs
to
be
done.
There's
some
there's
some
logistical
stuff
and
in
terms
of
turning
the
document
back
into
XML
or
to
markdown
I'm
happy
to
do
that.
I
just
want
to
get
this
done.
A
C
A
A
All
right,
I,
don't
know
who
need
a
home
on
this.
Since
there
aren't
any
objections,
it
will
go
out
to
the
mailing
list
before
we
actually
do
this
see
the
gossip
document.
We
need
a
revision
again
based
on
a
review.
Leanness
is
remote,
and
it's
going
to
talk
about
that.
A
little
bit
quiet,
behavior,
you
know
it.
We've
got,
we've
got
some
open
tickets
against
it.
It's
something
that
comes
up
at
every
single
meeting
and
we
still
do
not
have
a
draft.
D
A
A
F
Thank
you,
yeah
I
found
the
hand
and
I
pressed
it,
and
now
I'm
supposedly
talking
to
you
great.
So
this
is
the
history
it.
This
has
been
running
for
since
late,
2014
actually
and
early
Twitter
15.
It's
got
into
the
state
where
we
are
today-
and
this
is
the
previous
version
of
the
slides,
but
I
can
probably
use
that
as
well.
I
think
you
uploaded
the
more
recent
version
poll.
Can
you
find
it?
It's
in
the
meeting
materials.
A
F
Okay,
nevermind,
it's
it's
not
a
big
of
a
difference,
and
so
let
me
find
the
one
that
there
okay,
I
just
wanted
to
mention
on
this
slide-
that
we
have.
The
basic
idea
of
gossip,
as
defined
by
this
draft,
is,
is
three
separate
mechanisms.
One
is
called
SAT
feedback
for
sending
SATs
back
to
originating
HTTP
server,
which
can
then
send
it
further
after
removing
identifying
components
of
the
of
the
of
the
data
sent
to
an
auditor.
So
this
is
for
sharing
s.
F
But
the
idea
is
to
share
stages
with
other
parts
of
the
ecosystem,
to
be
able
to
find
out
about
a
log
that
is
doing
some
sort
of
participate
in
splitting
attack,
and
the
last
thing
is
something
called
trusted:
auditor
relationship
which
is
for
an
HTTP
client
to
be
able
to,
and
if
it
doesn't
want
to
do,
SAT
feedback
or
a
staged
pollination.
It
can,
if
it
has
a
trusted
auditor,
it
could
share
it
directly.
F
F
So
we
are
now
we
had
ad
a
review.
Thanks,
occur
and
thanks
Richard,
and
we
have
responded
to
that
on
list
for
the
important
parts
and
we
are
ready
to
clarify
open
questions
and
to
adjust
the
stuff.
That
is
a
question
and
and
if
we
decide
to
move
forward
and
go
into
publishing-
and
we
have
a
couple
of
open
questions
that
I
think
we
better
bring
to
list
if
we
decide
to
move
forward
and
next
slide,
please.
So
the
only
thing
I
think
we
should
decide
right
now
is
if
we're
gonna
publish
this.
G
Yeah
so
I
went
through
the
doc
the
revised
document
it
seems
like
most
things,
I
identify
were
addressed.
There
are
a
few
more
things
that
I
think
aren't
quite
right,
but
seem
like
to
be
straightforward,
so
I,
anticipate
or
she'll
respond
to
it
relatively
quickly,
which
point
I
can
start
moving
forward
in
the
process.
H
Whatever
so
there
is,
is
to
draw
the
attention
of
this
whoop
to
the
how
to
cope
with
a
short-lived
certificates
that
bullying
play-
and
this
is
the
the
bull
implies
from
me-
not
not
changes.
Some
additional
stress
on
the
on
the
current
practices
and
the
the
S
et
cetera
the
rough
estimate
thinking
that
well,
we
will
around
issue
certificates
that
would
leave
for
24
hours
and
that
the
average
certificate-
the,
for
example,
let's
encrypt,
is,
is
issuing
use
nineteen
ninety
days.
H
I
H
Pruning,
etc,
the
ponies
that
there
is
not
completely
sure
that
is
a
real
problem.
There
is
some
Alcott,
or
maybe
there
was
a
message
from
him
saying
that
well,
I
should
not
be
a
problem,
simply
is
a
matter
of
numbers
and
that
would
be
doable
but
probably
well.
There
are
other
ideas
that
it
could,
and
this
is
something
that
we
should
just
to
consider.
Let
mrs.
this
is
yes.
The
problem
statement
is
a
lot
coming
with
any
any
solution
please.
H
One
which
is
is,
if
you
think
about
that,
is
a
little
bit
the
aligned
with
the
old
saying
of
the
additional
level
of
indirection
to
solve
any
any
problem,
and
this
in
theory
can
be
can
be.
There
is
no
limit
you
can
have
this
referring
and
in
theory,
someone
could
make
another
reference
to
another
to
another
tree
root.
The
point
is
this
is
a
proposal
from
from
a
paper
research
paper
and
we
are
not
sure
what
whether
anyone
has
implemented
this
or
has
plans
to
implement
this.
G
Answer
your
question
so
I'm
just
trying
to
make
sure
I
understand
what
this
proposal
is.
So
you
mean
this
one:
yeah!
Okay,
unless
you
don't
I'm.
G
Because
I
don't
actually
see
how
this
solve
the
problem,
because
the
typical
reason
you
want
I
mean
both
depends
on
what
you're
doing
right.
But
if
you're
gonna
on
it
is,
is
this?
The
idea
of
the
CA
is
gonna
withhold
the
certificate
somehow
because
I
I
mean
my
point.
My
point
is
that
if
you're,
if
the,
if
you
give
all
those
difficult
user
at
once,
then
you
know
there
doesn't
work
because
the
compromise,
the
key
is
the
same
impact
right
and
miss
issuance
is
the
same.
No.
H
B
You
came
for
the
Merkel
happiness,
you
have
them.
What
I
understood
was
one
of
the
use
cases
that
you
get
as
a
number
of
certificates
say
one
certificate
per
day
with
a
different
public
key,
and
so
you
can
switch
identities
to
prevent
tracking.
So
you
use
a
new
identity
every
day
and
therefore
you
get
a
whole
set
of
new
certificate.
H
G
Anette,
that
that
doesn't
what
isn't
work
for
web
server
certificates
right,
I
guess
so
so
I
guess
I
I'm
skeptical
is
a
real
problem
for
several
reasons
on
the
first
is
that
with
the
current
state
of
clocks
there's
nowhere
no
way
we're
gonna
anywhere
in
your
a
day
on
the
we
lucky
eight
a
week,
so
we're
don't.
We
think
an
order
of
magnitude
more
on
the
situation
currently
because
a
points
out,
let's
encrypt,
is
the
dominant
issue
now,
so
it's
not
crewmen.
We
can't
just
get
in
order.
C
G
Ordinary
mechanisms
on
this
as
I
say
it's
not
curing
me.
This
solves
the
problem
that
you'd
be
interested
in.
Maybe
it
does,
but
as
I
say,
you
have
to
I
mean
it
I
if
the
poison
version
certificates
as
verification,
easier
right
and
then
replications
and
the
replication
can
only
be
easier
if
the,
if
the,
if
the
person's
to
because
Misha
sugar
compromise
can't
just
roll
stuff
because
day
by
day.
So
if
I
give
you
all,
if
I
have
dinosaur.
G
H
A
A
H
Fact,
if
you
look
at
the
original
paper,
original
paper
has
a
sort
of
eight
or
ten
pages,
and
this
discussion
is
a
couple
of
paragraphs.
So
it's
apparently
something
that
well
bite
by
the
way
we
have
thought
about
these
as
well,
so
well
do
the
next
one,
which
is
so
why
I'm
here
and
why
Thomas
and
I
have
paper.
This
is
because
we're
interested
in
the
staircase-
that's
in
particular,
which
is
star,
is,
is
an
admin
station
extension
to
allow
the
a
CA
to
issue
a
series
of
certificates
short-lived
associated
with
the
same
private.
H
He
it's
not
intended
for
tracking
tracking
and
the
IDS
that
in
the
in
this
extension
for
for
Acme.
What
you
can
do
is
precisely
that
the
owner
of
the
name
can
control
and
do
something
that
we
don't
want
to
call
free
vocation.
But
it
has
the
same
effect
that
this
canceled,
the
the
the
regular
issuance
of
certificates
by
the
CA.
So
in
effect
the
the
effect
is
like
a
revocation
that
takes
at
most
the
length
of
the
of
the
first
originally
well,
the
the
last
issued
certificate.
H
So
so
it
can
be,
and
at
any
moment-
and
the
advantage
is
that
well
it
removes
the
dependency
of
the
revocation
infrastructure
and
all
the
problems,
something
that
there
as
well
is
important.
When
discussing
these
on
the
list.
Somebody
pointed
to
the
credential
credential
delegation
in
TLS.
This
is,
can
not
be
only
I
mean
it
has
delegation
use
cases,
but
is
not
only
for
delegation.
Media
is
simply.
You
generate
a
string
of
certificate.
H
Associates
you
get
up
an
automatic
periodical,
renew
I
call
the
renewal,
according
to
the
long
period
that
you
do
have
an
unless
is
canceled
by
the
name.
So
that's
a
sir
case
next
one
please.
So
when
analyzing
this,
we
believe
that
the
star
case
is
a
little
bit
different,
because
you
can
think
of
it
as
a
single
long-term
certificate
that
is
made
is,
is
made
as
a
collection
of
this
short
leaf
certificates
is
not
that
we
are
changing
case
in
at
any
moment
and
in
principle
again
it
could
be
possible
over
our.
H
I
would
not
be
exactly
there
what
they
say
there,
but,
for
example,
instead
of
issuing
the
SCT
having
a
serial
number
would
be
about
a
range
of
serial
number,
because
the
CIA
would
be
able
to
to
get
the
to
share
that
information
with
the
with
the
log,
for
example,
and
that,
instead
of
not
before
not
affair,
will
be
the
ones
associated
with
this
entire
lifespan
of
the
string
and
not
with
each
one
of
individual
certificates.
So
what
we
would
treat
this
would
be.
H
H
H
What
thinking
about
it?
We
found
that
it's
not
only
delegation.
The
issue
was
the
main
use
case
behind
it,
but
in
some
other
cases
in
which
be
generating
the
certificate
requires
time,
for
example,
in
IOT
scenarios,
etc,
when
generating
the
key
and
making
all
the
the
requested
setup
would
be
complicated.
We
have
found
that
this
could
be
a
solution
as
well.
That's
why
it's
not
only
or
we
try
to
to
remark
that
is
not
only
delegation.
H
H
J
J
J
H
J
L
J
H
The
ABS
pieces
need
to
avoid
that
I
mean
we
can
do.
We
can
go
to
the
CT
log
every
every
every
way,
every
every
moment
in
which
the
certificate
is
issued,
and
then
you
treat
it
as
a
normal
certificate
and
forget
about
it.
The
point
is
whether
the
only
question
here
that
was
at
the
beginning
of
this
is
whether
this
is
an
issue
for
city
or
not
I
mean
in
the
worst
case,
the
estimate,
the
current
estimate,
thinking
about
a
one
day's
one
day,
certificates
in
comparison
with
99
certificates.
H
It
will
be
multiplied
by
100,
two
orders
of
magnitude
yeah.
If
that's
enough
and
those
of
you
who
are
implementing
logs
a
happy
with
that,
and
don't
think
that
that
would
be
an
issue.
Fine
forget
about
it.
Okay,
if
you
believe
that
there
can
be
some
issues,
this
is
a
proposal
for
for
the
case
of
stop
simply
that
so.
J
H
H
H
H
B
M
G
At
this
for
big
conclusion,
I
came
to
was
that
the
posture
I
mean
so
the
problem
CT
has
always
had
right.
Is
you
don't
know
if
the
CA
is
actually
working
right?
And
you
certainly
don't
know
if
they're
not
continuing
to
issue
bogus
OCSP
stapling,
honest
to
the
fake
surfer
right
and
so
shortly,
certificates
as
well,
that
was
CSP
stapling
hay
that
fix
that
problem
for
the
I.
If
you,
if
you
have
muff,
you
have
a
staple
right
socially
with
that
problem,
because
then
you
can't.
I
G
Can't
stand
it
without
research
difficut
right,
that's
what
it's
not
quite
so
what
I'm
saying
is
is
that
basically,
this
gives
back
it's
like
that.
Basically,
this
gives
back
the
you
know,
the
wing.
You
just
got
my
balloon
turtles,
difficut
s--.
So
it
seems
to
me
that,
like
this,
is
that,
if
you,
if
you
think
of
it
this,
this
is
the
same
as
issuing
one
one
certificate
from
CDs
perspective,
as
is
issuing
it
from
the
force
devotee
perspective,
as
issuing
one
big
certificate
with
lifetime
with
entire
batch
that
the
discoverer
to
the
tree
right.
G
M
So
if
you
have
must
staple,
if
you
have
must
staple
that,
then
then,
then
you
have
to
check
the
certificates
and
if
you
have
ma
staple
then
this
seems
like
the
complete
moral
equivalence
of
of
must
staple
yeah.
So
it's
not
it's
not
clear
to
me
what
the
win
is
with
this
as
opposed
to
must
table
and
the
advantage
of
must
staple
over.
This
is
that
we
have
the
infrastructure
in
place.
M
M
I
G
So
you
know
like
I,
guess,
I
think
I
think
the
more
the
more
plausible
scenario
is
that
we,
as
certificates
that
are
now
issue
in
lifetimes
that
are
commensurate
with
a
current
with
the
current
OCSP
stapling
lifetimes,
which
is
say
one
to
two
weeks,
and
that
seems
clearly
with
new
capabilities
belongs
to
to
jack
up
by
a
factor
of
a
factor
review
seven
to
ten,
so
I
I
guess
yeah
I!
Don't
think
this
is
my
own.
These
are
probably
dissolved
today
at
some
point.
Maybe
what
would
that
be?
G
N
G
M
I
just
want
to
add
one
additional
thought
about
who
might
be
paying
the
costs
for
increased
size
of
logs.
It's
not
just
the
log
operators.
It's
also
anyone
who's
auditing,
which
becomes
it
becomes
significantly
more
expensive
to
trawl
through
the
entire
log.
For
for
the
data
that
you're
interested
in
bandwidth
as
well
as.
C
M
G
M
G
G
G
A
K
Just
to
mention
it
there's
the
evening
at
6:00,
I'm
having
a
meeting
on,
send
a
message
to
this
list
and
suddenly
sent
to
the
one
hundred
attendees
about
the
operational
and
security
considerations
of
fusing
short-term
certificates
or
more
likely
for
giving
up
on
revoke.
Asian
vocation
checking
actually
vocation
so,
and
this
is
one
of
the
thing
that
we're
going
to
mention,
but
not
a
lot
because
we're
talking
about
it
here
and
there
are
other.
I
K
A
lot
of
that
is
some
closed
environment
that
has
multiple
nodes
and
they're
all
using
certificates,
and
in
that
case,
there's
probably
not
there,
probably
isn't
a
log
anywhere,
and
that
case
this
doesn't
matter,
but
some
of
these
places
do
have
love,
and
some
of
it
is
the
web.
So
there
might
be
a
an
intersection
between
short-term
certificates
and
the
web
and
the
logs.
A
A
O
It's
about
like
it's
hot,
it's
about
name
reduction,
which
was
presented
by
draft
strat
trials,
the
name
deduction
stuff
the
wrong.
It
name.
Deduction
was
taken
out
of
69
document
at
Titus
97
and
that
like
draft
was
expired
on
July
of
this
year
and
discussion
was
the
the
those
draft
discussion
was
focusing
on
privacy
stuff
and
my
concern
about
name
reduction
stuff
is
like
some
IOT
device.
O
It
might
be
after
the
scope
of
shitty
for
API,
but
we
want
to
use
cyber
certificate
for
those
kinds
of
IOT
devices
and
I'm
explaining
next
day,
but
which
we
should
have
interoperability
with
non-web
like
PKI
certificate,
c-word
PKI
certificate.
I
think,
but
I
create
a
problem
that
there
is
the
increase
of
a
number
number
of
IOT
device
is
increasing
quite
dramatically,
and
that
is
probably
scalable
tissue
and
also
there
is
some
other
security,
physical
security
issue
who
are
LT
devices
and
I'm,
going
to
present
that
or
latest
right.
O
So
far
for
my
opinion,
like
the
that
draft
strat
trans
reduction,
there
were
simplifying
interval
mechanism.
So
I
just
want
to
discuss
about
that.
Okay!
Next,
please,
oh
okay!
We
will
stop
a
certificate
for
IOT
device
anyway,
because
theory
says
very
well.
We
want
to
use
that,
but
yeah
in
the
device
they
use
so
many
devices,
but
those
device
will
like
communicate
each
other
and
in
that
time,
requite
errors
well,
like
communication
party
will
be
Saba's.
We'd
use
up
a
certificate
and
I
will
raise
use
case
of
CVS
coming
first
of
all
like
right.
O
Well,
we
can
have
the
Croydon
because
there
was
to
be
a
scammer
and
I
access.
Ways
like
I,
with
my
smartphone,
find
out
that
civilians,
camera
is
correct,
CB
has
come
now
or
not
and
then
connect
and
communicate,
and
we
what
this
kind
of
purpose
since,
like
we
don't
want
some
civilian
system
for
civilians,
camera
like
we.
We
are
thinking
about
to
use
TRS
and
because
we
use
consumer
device
like
smartphone.
O
Whatever
we
are
planning
to
we,
we
want
to
tie
two
public
groups
such
as
Authority
and
for
but
we
are
thinking
about
over
the
a
certificate
update
or
something.
For
example,
if
you
pay
like
every
monthly
payment,
the
in
certificate
will
be
de
Newell
or
something
next
place
also
to
fiscal
in
like
to
identify
the
Croydon
crook
CBS.
Camera
critically,
like
some
information,
is
very
useful.
For
example,
like
your
information
on
Moodle
or
like
devices
or
not
number.
I
O
Or
whatever
so
like,
for
example,
the
camera
until
that's
like
room
number
and
building
number
on
that
certificate,
we
can
like
identify
certificate
and
it's
very
easy
for
a
guy
who
just
accessing
to
smart
home,
oh
no,
sorry,
camera
and
watching
the
movie,
but
also
some
people
who
attempt
like
maintenance
guy.
What
yeah
hold
that
kind
of
like
information.
We
want
like
put
those
information
into
the
certificate
to
manage
the
IOT
device
idea.
However,
those
information
about
quite
useful
for
some
attacker,
the
whole
example.
O
If
you
know
the
lot
number
and
model
of
the
product
for
so
many
like
same
devices,
Muslim
same
motors
devices
like
you
can
easily
get
bata
net,
and
actually
there
are
some
like
the
hottest
database
for
both
like
helping
to
conserve
spotter
net,
which
lays
like
every
single,
not
like
so
many
IOT
devices,
hiding
doors
like
information
is
or
like
lying
from
Google
set,
but,
like
it's
I,
think
path
of
like
security,
its
bit
different
for
like
information.
It
might
be
different
where
you
who
mentions
a
katieb
you,
but
its
physical
security
view.
O
The
photos
like
if
we
go.
Every
single
certificate
to
Lok,
Satta
attack,
surface
may
increase
with
shitty
and
I.
Think
it's
not
good
idea
in
term
of
scalability
and
security
next
and
so
far
like
in
rope
like
drafts
transmitted
action
Wow
like
they
played
sleeve
method
like
white
cow
Godwin
and
named
constrain
intermediate
one
and
to
mean
double
reaction,
one,
it's
quite
very
bad
to
adhere
to
use
what
cut
one
who
IOT
devices,
because
we
need
same
key
right.
O
O
O
The
statical
we
looked
on
on
to
the
city
server
so,
like
you,
service
provider
or
device,
been
the
kind
of
channel
to
put
those
kind
of
important
information,
and
then
they
need
to
build
up
some
different
trust
program,
work
or
something
like
that
and
for
technical
constraint,
one.
It's
good
to
income
of
Lok
Sabha,
not
rules
in
terms
of
interval
like
button
like
computation
power,
the
rogue
server
but
like
you
cannot
detect
mrs.
O
Araz,
I,
guess
yeah
and
she
need
to
build
name
constraint,
intermediate
city
and
it
may
have
a
lot
of
operation
cost
and
for
the
main
level
stuff
I
eat.
My
situation
like
it
might
be
not
that
useful.
But
if,
for
example,
if
we
like
monitor
want
to
find
out
miss
assurance,
but
only
want
to
see
like
company
or
service
provider,
that
I
device
window
is
a
bit
brighter
for
the
record
stuff,
something
like
that,
it
might
be
used
you
rising
okay
anyway,
if
those
three
methods
I
know
are
not
free.
O
O
G
I
G
A
O
O
O
Well,
hopefully,
it's
a
camera
and
I
have
a
smartphone
I,
not
to
identify
smartphone
without
connecting
somewhere
else
on
showing
database
that,
like
cameras,
show
every
single
information
to
physically
identify
that
camera
and
if
it
trust,
trust,
it
I
trust
and
find
out
like
identified
camera
without,
like
communicating
other
external
databases,
if
it
were
a
total
random
number
or
whatever
I
need
to
communicate
some
external
like
camp.
Each
company
sixty
couldn't.
O
Way
to
put
information,
but
they
quoted
like
sorry,
easiest
way:
it's
putting
certificate
like
those
information
to
certificate.
So
if
you
want
you
sometime
like
sign
by
some
root
authority
who
are
bender
or
whatever,
but
anyway,
I
don't
want
to
communicate
external
database,
it's
the
easiest
easiest
to
and
how
to
say.
There's
the
simplest
ways
to
put
geo
information
on
the
certificate
so.
M
Do
you
contemplate,
then,
with
the
domain
label
read
action
column
that
the
CAS
that
issue
these
certificates
would
actually
put
geographic
information
in
the
certificate
and,
if
so,
what?
What
are?
What
requirements?
Would
they
have
to
have
to
verify
that,
but
that
location
information
before
they
put
in
the
certificate.
O
P
Bank,
a
doc
I
guess
I
was
also
a
little
bit
confused
about
the
geo
information
stuff
because
you
with
the
current
CT
infrastructure,
anyone
who
sees
a
certificate
could
submit
to
a
log,
and
so
if
the
goal
is
to
have
the
Geo
information
in
the
certificate
and
keep
it
out
of
the
log,
wouldn't
it
require
cooperation
from
all
clients
that
saw
the
certificate
like
you.
It
need
some
way
of
indicating.
Please
do
not
log
this.
O
O
B
So
maybe
maybe
I
can
try
and
and
see
if
I
understand
what
you
were
saying,
they
used
to
be
able
to
issue
certificates
and
they
wouldn't
get
locked
publicly,
and
so
they
use
this
as
a
configuration
management
system
for
the
used
to
identify
and
now
because
they
do
want
them
to
be
useful
on
a
phone
without
installing
a
new
CA.
They
run
into
the
issue
that
they
certainly
have
to
link
to
the
public
b
ki
and
therefore
they
have
to
become
be
submitted
in
trans
and
therefore
now
there
is
a
problem.
G
So
I
guess
I
want
to
about
to
the
question
mark.
Are
you
assuming
that
the
user
will
be
talking
to
these
devices?
The
owner
of
the
device
will
be
talking,
the
device
is
a
certificate
or
merely
the
management
system.
Oh.
O
G
I
so,
like
I
got
the
camera
system
that
I
bought
for
somebody
and
I'm
communicating
with
it
with
this
certificate
right,
yeah
yeah.
So
the
question
worked
was
being
a
very
different
posture
than
with
it.
Then
then
does
because
it
means
that
I
am
unable
to
verify
they're
in
dirty
poker
certificates
issued
for
that
I'm,
because
I
just
see
some
big
pile
of
stuff,
because
he
should
give
me
a
factor.
Calm
and
I
can't
verify.
There
wasn't
a
plication
for
me
and
so
I
riding
manufacturer
to
do
that,
whereas
the
hash
does
not.
A
G
A
G
But
I
guess
I
mean
my
point
is:
if
things
are,
things
are
to
be
on
the
web
and
then
be
accessed
by
users
user
and
just
we
have
to
be
rejecting
and
I
guess.
I
guess,
like
me,
I
might
should
have
an
initial
problem
statement
here
appears
to
be
like
we
can't
build,
devices
aren't
no
have
like
big
remote
compromises
and
therefore
we
want
to
hide
their
DNS
names
and
it.
L
So
hi
I'm
from
Symantec
I'm
I'm,
also
not
tall
abut
here
we
go
so
I
may
be
a
similar
related
question.
I'm
trying
to
understand
the
motivation
for
redaction
in
these
IOT
certificates,
so
I
understand
very
well
the
motivation
for
redaction
in
certificates
that
are
issued
by
PGI's
for
an
enterprise
where
there
could
be
an
internal
sub
domain,
name
that
they
don't
want
disclosed
to
the
worldwide
public.
L
So
I
get
that
I
also
understand
device
certificates
that
could
be
used
in
things
like
anima
brewski,
as
well
as
we've
actually
issued
two
billion
of
them
for
device
certs
to
be.
You
know,
recognized
under
mostly
under
private
CAS
and
I
understand
tying
those
together
under
public
CAS
as
well,
but
those
are
device
certificates
about
characteristics
of
the
device
in
terms
of
who
made
the
device
where,
when
it
most
made,
manufacture
compliance,
certifications.
Things
like
that
and
I
I
don't
understand
the
mode
of
motivation
for
redaction
for
those
device
certificates.
L
Now
there
is
a
third
type
of
certificate.
It
is
also
an
IOT
certificate
which
could
be
issued
by
a
local
certificate
authority
which
takes
that
device
certificate,
which
is
the
devices
identity.
It's
sort
of
borne
on
information
and
then
puts
that
into
a
context
such
as
this
instance
of
this
industrial
robot
or
this
instance
of
this
uniform
door.
Lock
is
now
running
in
a
specific
context
and
that's
where
it
gets
sort
of
an
extension
of
its
identity
that
ties
it
into
a
home.
A
person's
life
or
a
company's
internal
usage.
O
Hold
on
please
like
hotel,
Break,
500
camera
and
sometimes
like
with
jabber
like
we
can
see
that
like
camp,
that
you
we
can
use
those
camera
and
see
other
guys
and
our
presentation,
and
for
that
things
like
maybe
we
install
like
if
it
were
private
private
certificate
authority
stuff,
like
we
install
like
some
sort
of
root,
such
private
root
certificate
on
the
key
or
something
we
need
to
like
with
the
raju
certificate
from
the
smartphone
or
something
like
when
it
finished.
Those
like
management
stuff
is
Wow.
I
L
So
other
things
needing
to
authenticate
these
cameras
fully
get
that
but
I'll
go
back
to
what
I
said
before,
which
is
you
know?
In
that
case
they
were
not
chained
to
a
global
CA
I
see
benefits
in
chaining
to
a
global
public,
CA,
okay,
so
the
device
certificate
information
would
have
to
conform
to
all
of
the.
N
A
Of
this
needs
to
go
back
to
the
cat
forum,
because
there
are,
there
are
some
use
cases.
They
did
not
really
foresee
your
plan
for
then,
and
it's
turning
into
our
problem.
L
A
This
is
a
topic
that
keeps
coming
up
and
keep
smiiing
crossed
and
then
comes
back
again
and
I
think
would
be
useful
to
get
a
sense
of
the
room
of
whether
or
not.
This
is
something
that
people
feel
ought
to
be
worked
on
here,
so
at
a
very
high
level,
just
hum,
if
you
think
that
name
redaction
needs
to
be
addressed
by
the
IETF
hum.
Yes,
if
you
think
it
does
yes.
A
Hum
for
know,
if
you
don't
think
they
should
be
what
the
ITF
should
be
working
on
it.
Oh,
that
was
interesting.
Okay,
so
I
mean
basically
that
those
who
have
expressed
an
opinion
expressed
it
in
favor
of
taking
on
some
work
in
this
area.
So
this
will
go
out
to
the
mailing
list
where
I
expected
well,
we'll
continue
to
see
from
some
quarters
and
support
from
others.
So
all
right!
Okay,
thank
you
very
much
all
right.
So
really.
The
next
thing
that
we
need
to
talk
about
was
sort
of
the
future
of
the
working
group.
A
Right
now,
where
we
are,
is
that
we've
got
a
we've,
got
three
documents
that
are
deliverables
that
and
that
are
close
to
being
complete.
We
keep
talking
about
new
work,
so
far,
nobody's
really
brought
any
in
that's
mature
enough
to
adopt
fully
baked
enough
to
adopt.
There
are
certain
things
that
do
keep
coming
back
name,
redaction
is
one,
it
sounds
like
there's
renewed
interest,
and
this
will
go
after
the
mailing
list.
A
Another
that
I,
actually
you
need,
is
a
client
behavior
drops,
and
that
needs
to
be
coming
out
of
the
browser
community,
but
we
haven't
gotten
a
draft,
so
we
can't
really
do
anything
about
it
without
the
document.
So
this
is
something
I
don't
know.
This
is
an
issue
that
the
browser
vendors
are
just
not
that
interested
in
and
that
they
feel
we
can
live
without
or
not.
Q
A
Right,
I
guess
this
needs
to
go
back
to
the
mailing
list
as
well.
You
know
I
need
to
just
you
know:
fish
or
cut
bait,
I,
guess
that's
the
safest
thing!
Yeah
and
the
other
are
other
applications
that
that
there's
interest
in
logging,
one
is
DNS
SEC,
the
other
is
binaries
and
software
distributions.
And
again
it
sounds
like
you
guys
are
going
to
be
talking
about
the
NSA
over
the
next
and
and
these
are
weeks,
the
binary
logging
stuff.
We
don't.
A
M
Mozilla
is
doing
this
piggyback
thing,
but
Bryan
Ford
wrote
a
note
to
the
list
about
his
Kothari
stuff,
which
he
won't
he'll,
be
discussing
at
CFR,
G
Cheney
AK
in
particular,
which
actually
looks
quite
interesting
and
if
I
I
want
to
see
what
what
he's
actually
something
I've
read
the
papers
that
he
pointed
to,
but
that
actually
I
think
does
hold
some
promise.
So
we
should.
We
should
keep
that
in
mind.
G
Yeah
ad
here
I
mean
you're,
pretty
much
done
with
your
target
work.
So
unless
you're
like
gonna,
have
you
know
we're
coop
with
him
for
doing
what
these
are
things
these
documents
are
alive,
I
mean
like
you,
should
go
quiescent
and
and
pick
it
up
later.
I
mean
you
can
have.
You
know
BT
trans
way,
if
that
becomes
warm,
but
if
it's
not,
if
it's
like
you
know
at
the
state
where
it's
not
we're
not
ready
to
do
it,
then
probably
you
should
just
sit
around
this
Islam
B.
So
I
guess
I,
don't
know.