►
From YouTube: IETF102-TRANS-20180719-1100
Description
TRANS meeting session at IETF102
2018/07/19 1100
https://datatracker.ietf.org/meeting/102/proceedings/
A
A
A
Ok,
so
then,
let's
continue
so
the
696
to
do
base.
We
have
six
items
left.
You
can
see
them
at
the
bottom
of
the
screen
that
we
would
like
to
resolve
so
that
we
can
get
this
document
out.
So
the
first
item
is
the
document
status
has
been
some
description
on
the
list
changes
from
proposed
Stannah
to
experimental
I'm.
It
seems
that
everybody
is
okay
with
extra
mental,
but
there
was
some
pushback.
So
if
there's
anyone
who
wants
to
say
something
about
this.
B
C
Malik
did
assert
it's
unfortunate.
The
nature
of
public
certificates
are
that
we
have
to
do
experiments
on
the
public
Internet
and
that's
some
what's
undesirable
at
times,
but
it's
unavoidable
in
order
to
figure
out
how
these
things
work
at
scale.
There's
no
there's
no
test
environment.
You
can
use
for
the
public,
Internet
and
so
yeah.
D
To
clarify
the
the
we're
doing
an
experiment
on
this
protocol,
it's
at
the
protocol
itself
because
it
hasn't
been
implemented
and
tested
is
experimental
state.
So
you
know
we.
We
believe
that
there's
a
commitment
to
implement
over
the
next
few
years,
but
just
it's
you
know
it's
transitioning
from
the
current
format
to
the
next
format.
It's
gonna
take
time.
It's
gonna,
take
effort,
so
yeah.
C
C
C
We
support
the
draft
we
intend
to
we're
working
with
Google.
We
were
at
their
CT
days.
We
work
very
closely
with
them,
having
the
only
other
implementation
other
than
theirs,
and
so
yeah
we're
very
supportive
about
this.
We
have
internal
desires
to
do
even
more
exciting
stuff,
with
CT
that
I
hope
I'll
be
able
to
talk
about
in
the
future.
I.
E
I'm,
a
Devin
O'brien
from
the
Google
Chrome
team,
so
kind
of
piggybacking
off
of
what
Tim
said.
Oh,
we
actually
do
have
plans
to
begin
experimentation.
I
mean
right
now
our
priorities
have
been
bringing
CT
enforcement,
and
so
that
has
taken
our
you
know:
limited
engineering
resources
and
sort
of
funneled
it
towards
there.
But
within
the
next,
probably
six
to
nine
months,
we
we're
laying
out
our
plans
to
do
experimentation
to
sort
of
get
like
hardened
data
so
that
we
can
back
up
some
of
these
like
aspects
of
696,
you
list.
E
A
Okay,
so
the
next
item-
and
this
came
from
a
Curry's-
unfortunately
not
here-
but
he
suggested
to
remove
the
preventing
track
and
Klein's
claim
because
it
was
a
bit
too
strong
and
it
would
cause
problems
with
RSA
PSS.
So
we've
got
a
full
request
for
that
and
the
question
is:
does
anyone
object
to
this
claim
to
be
removed.
A
F
It's
also
possible
to
just
sign
a
message
like
an
sth
just
once,
and
then
you
know
just
store
that
signature
and
just
return
that
signature
for
future
requests
for
the
sth
and
I
think
this
is
important
because
we
don't
know
yet
exactly
how
gossip
is
going
to
work
and
it
might
not
be
possible
to
deploy
gossip
experiments
if
there's
a
concern
that
that's
going
to
lead
to
tracking.
So
this
is
the
sort
of
thing
which
we
could
always.
You
know
remove
this
requirement
in
the
future.
F
A
G
B
A
Okay,
so
some
me
not
so
let
skip
this
for
now.
Mew
I'll
go
to
the
other
one.
So
there's
another
proposal
to
clarify
what
we
mean
by
the
current
ntp
time.
There
was
there
was
some
some
discussion
but
I
think,
since
these
are
new
items,
I
think
we
really
need
to
be
be
a
little
strict
and
say
if
someone
doesn't
give
us
text-
and
we
have
nothing
to
talk
about
that-
so
will
not
continue
with
these
items.
So
if
anyone
really
strange
feel
strongly
about
this,
they
should
actually
volunteer
to
also
provide
the
text.
A
A
E
E
E
It
doesn't
mandate
that
you
support
any
extension
metadata
fields
so
at
a
later
date,
if
we
decide
that
some
CT
log
endpoint
wants
to
go
and
return
additional
metadata,
that
can
be
done
at
a
later
date,
maybe
in
like
a
further
draft.
This
is
kind
of
just
laying
the
framework
such
that
we
have
this
error
format
to
fine
now
and
we
can
leverage
it
later.
E
C
C
Well,
it's
still
kind
of
half-baked,
but
I,
really
like
the
idea
of
having
a
format
that
we
can
start
experimenting
with
and
returning
error
data,
because
one
of
the
feedback
that
we
do
get
from
lots
of
the
people
who
consume
our
logs
is
in
fact
that
they
get
error
response
codes
back
and
they
have
no
idea
what's
going
on
and
what
they
should
do.
In
response.
E
Quote
from
Trustwave
again
so
the
the
JSON
format
it's
actually
defined
in
RFC
I,
think
it's
78,
oh
seven,
and
it
defines
in
there
there's
a
couple
standard
fields
in
that
Jason
problem
document,
but
it
also
allows
for
extensibility
in
the
future.
It
basically
says
that
if
a
if
a
client
consuming
that
problem
document
sees
a
field
that
it
doesn't
understand,
it
must
ignore
it.
So
if
that's
not
treated
as
an
error
case,
if
you
know
it'll
later
at
a
later
point,
we
want
to
add
some
additional
metadata.
C
E
Inquiry
again
for
justice,
us
so
yes,
well,
I,
I,
think
it'd
be
great.
If
we
could
say
must,
like
you
returned
so
I
believe
from
every
endpoint
to
find
in
69-62
beast.
There
are
error,
codes
and
error
messages
to
find.
It
would
be
nice
that
you
know
that
they
all
come
back
in
this
problem
document.
The
document
format.
D
If
we're
talking
about
publication
as
an
experimental
standard
at
some
point
in
the
future,
you
know
if
everything
goes
well,
we're
going
to
transition
to
a
different
standard
status,
and
at
that
point
that's
a
new
document,
and
if
this
turns
out
to
work
well
and
it's
and
people
like
it,
we
can
turn
it
into
a
mosque.
But
you
know
it
should
for
now.
A
Okay,
now
is
the
last
item.
I,
don't
know
where
this,
where
this
came
from
it
just
was.
It
appeared
on
a
list
of
of
items
that
were
sent
to
the
list,
but
I
don't
know
who
originated
this
and
I
can't
find
any
discussion
of
it,
but
the
option
for
City
log
so
signal
when
rejections
were
due
to
rate
limiting
and
again,
we've
got
the
same
thing.
If
this
is
important
and
we
would
need
a
volunteer
to
write
text.
A
Okay,
so,
okay,
so
so
we'll
skip
those
items
now.
So
let's
go
back
to
the
D
Trans
threat
analysis,
so
this
has
been
mostly
a
work
of
steve,
canned
and
and
and
then
the
last
about
three
IETF
meetings.
I
think
we
see
you
know
small
updates
every
four
months
and
two
people
mostly
arguing
about
what
it
should
be
and
most
other
people
not
caring
anymore.
What
happens
to
this
document?
So
we
really
don't
want
to
keep
the
working
group
open
for
just
this
document.
A
D
You
know
I
I,
think
the
one
way
to
frame
the
question
is:
is
the
value
of
the
document
greater
than
the
cost
of
getting
it
closed?
And
at
this
point
right
and
at
this
point
we're
just
not
seeing
a
lot
of
interest
in
the
document
right?
It's
it's
I,
don't
and
it's
hard
to
know
if
it's
that
people
have
lost
their
taste
for
discussion
of
it
and
but
and
that
they
really
do
care
or
that
they
just
don't
care.
I
should
say
you
just
don't
care
so.
B
Rich
Sol's
Akamai.
Well,
you
know
it's
got
like
the
same
level
of
interest
that
the
rest
of
trans
and
gossip
has
these
days.
I
would
say:
yeah,
maybe
less
interest,
because
it's
been
worn
down
by
the
infighting
flip
a
coin
call
for
consensus
and
move
it
forward.
I
think
it's
a
worthwhile
document.
It's
a
shame
that
it's
going
to
get
wrapped
around
the
axle
over
this
one
discussion
of
what
is
or
is
not
an
attack
or
how
to
describe
that
attack,
cut
the
whole
thing
out.
B
A
Okay,
then,
just
a
summary
on
on
some
of
the
items
that
haven't
really
seen
much
much
progress
as
it's
the
gossip
city,
gossip
decline,
behavior
end
up,
binaries,
I,
think
I
think
it
would
be
good
if
that,
if
we
see
more
work
going
that
way
that
that's
just
a
new
working
groups
will
be
started
up
or
above
started
up
and
did
that
work
there
I
don't
think
we
need
to
remain
open
for
it,
because
the
the
progress
is
really
really
slow.
At
this
point,.
D
A
Similar
for
the
DNS
SEC
transparency,
I
did
a
draft
PowerPoint,
which
I've
presented
at
Athena's
option.
You
can
have
a
look
at
it
there,
but
I
also.
Don't
think
we
need
to
keep
the
working
group
open
for
this
specifically
also
because
it
will
probably
not
reuse
much
of
the
certificate
transparency
format,
so
it
would
be
something
fairly
new
anyway.
So
I
think
it
can
also
find
it's
a
new
way
into
the
into
the
IDF.
I
A
Considered
considered
that
specific
case,
so
yeah
you're
right
actually
I
skipped
one
item.
It's
the
redaction.
The
redaction
has
come
back
and
forth
to
the
working
group
like
three
or
four
times
now
and
and
again,
I
think
we
should.
We
should
just
if
there's
an
interest
in
there
we
should
do
you
have
those
people
that
are
driving
it
to
start
up
off
and
maybe
working
group,
because
they've
come
here
and
vanished
on
a
number
of
occasions.
So
I
think
that
should
just
be
split
off
from
this
work.
Amateur
from
Linda.
D
There's
folks
that
I
mean
this
is
a
browser
vendor
you're
kind
of
imposing
their
view
of
the
world.
No
offense,
but
chrome
has
proposed
a
mechanism
that
sort
of
addresses
kind
of
indirectly
redaction
through
on,
through
the
use
of
basically
enterprise
in
an
enterprise,
namespace
defined
in
chrome,
it's
to
permit
stuff
that
won't
get
logged
at
all
rather
than
stuff.
That
has
a
label
edited
and
I
that
doesn't
really
address
your
juice
case
in
the
slightest.
So
maybe
the
chrome
folks
could
say
something
about
that.
Tim.
C
The
chrome
folks
were
very
early
on
this
and
everybody
else
has
been
just
starting
to
come
up
with
their
own
CT
policies,
and
so
I
would
encourage
people
who
think
redaction
is
important
to
you
continue
having
discussions
with
the
root
programs
about
their
root
policies.
If
we
can
get
a
root
program
interested
in
discussing
a
concrete
proposal,
then
we
can
start
discussing
it
again,
but
yeah
I,
don't
think
this
working
group
has
to
hang
around
just
for
people
to
come
back
and
do
that.
D
C
I
I
I
guess,
I,
you
know,
I
I
agree
that
this
doesn't
need
to
hold
a
river,
but
I
mostly
wanted
to
come
and
see
if
anybody
else
is
interested
in
talking
about
these
things,
maybe
outside
the
group,
I
also
would
like
to
see
the
binary
transparency
work
received
in
it,
and
my
my
group
is
very
interested
in
binary
transparency
in
something
like
a
JavaScript
context,
with
maybe
a
browser
extension.
So
again.
If
anybody
wants
to
talk
about
that
outside
the
group,
please
let
me.
C
So
on
the
questions
of
IPS
IP
certificates
are
weird
and
actually
quite
rare.
A
nomination
of
the
IPS
that
have
IP
certificates
is
a
little
bit
less
dangerous
because
they
have
to
be
public
IPS
anyway,
and
the
information
that
you're
leaking
is
that
a
certain
ipv4
address
has
have
a
HTTPS
certificate
at
one
particular
point
in
time.
That's
perhaps
not
the
most
sensitive
piece
of
information
in
the
universe.
C
The
IP
certificates
have
a
lot
of
interesting
problems
that
are
being
actively
discussed.
Just
because
of
the
fact
that,
as
you
mentioned,
the
security
properties
are
very
different
and
the
lifetimes
of
static
IPs
are
often
very
different
and
much
less
stable
than
DNS
names
and
the,
and
in
particular,
they
get
farmed
out
to
various
entities
on
a
regular
basis,
sometimes
very
quickly.
D
C
Well,
that's
an
interesting
question.
Actually,
in
many
cases,
actually
IP
certificates
are
more
commonly
used
in
non
browser
use
cases,
even
if
they're
issued
off
for
publicly
dressed
recruits,
just
because
of
the
fact
that
they're
used
in
server
to
server
in
IOT
use
cases
where
the
trust
store
generally
is
the
same
as
the
trust
or
that
was
stolen
from
some
root
program.
So
they
have
to
be
publicly
trusted.
But
there
probably
are
people
using
I
teach
their
IP
certificates
with
browsers
I.
Think
captive
portals
would
be
the
most
likely
use
case.
E
I
Sure
so
I
don't
want
to
take
up
lots
of
working
group
time
if
there's
if
this
is
outside
the
group,
but
this
is
Ben
Schwartz.
The
my
use
cases
generally
are
about
services
operated
by
by
clients
that
they
want
to
be
able
to
use
securely
from
a
browser,
but
the
whose
existence
they
want
to
be
confidential,
because
otherwise
those
services
could
be
subject
to
various
kinds
of
attacks
such
as,
for
example,
a
DDoS
attack.
I
So
if
the,
if
the
certificates
are
logged
publicly,
then
it
makes
it
potentially
much
easier
for
an
adversary
to
discover
the
existence
of
the
service
and
mount
an
attack
against
it.
In
ipv4
I
agree
that
you
can
essentially
enumerate
the
ipv4
space
you
can
zmapp
for
these.
The
existence
of
these
certificates,
but
n
ipv6,
that's
at
least
not
so
clear
that
that's
possible.
So
personally,
for
my
use
cases,
it
would
be
nice
if,
if
browsers,
would
take
ipv6
ipv6
IP
certificates
and
not
require
them
to
be
fully
enumerated
in
the
in
the
certificate
transparency
box.
C
These
I
think
you're
right
that
there's
ipv6
is
a
spot
where
you
could
hi,
if
you
wanted
to,
but
I'm,
not
sure
how
what
the,
how
that
sort
of
weigh
the
benefits
and
I
think
I
think
the
world
is
moving
to
a
place
where
you
know
you
eat
a
lot
of
the
redactions
stuff.
People
thought
they
were
doing
a
better
job
of
hiding
than
they
then
they
were,
and
they
had
semantics,
for
example,
had
an
option
of
please
don't
log
my
ICT
certificate,
and
it
was
rather
popular.
C
Most
of
them
ended
up
getting
logged
by
Google
anyway,
so
whether
they
were
actually
getting,
what
they
wanted
is
a
little
bit
questionable,
so
I
think
I
would
sue.
I.
Think
I
would
suggest
to
people
that
if
you
have
a
public
ipv6
address
and
your
security
is
based
on
the
fact
that
nobody
knows
your
public
ipv6
address,
you
should
perhaps
revisit
your
threat
assumptions.
E
This
was
crawled
and
put
in
here,
and
it's
not
just
by
Google
crawler
right,
there's
tons
of
white
hat
security
researchers
to
do
these
things
at
scale,
and
yes,
currently,
mathematically
ipv6
is
so
much
harder
right.
Just
as
an
aside
for
that,
but
echoing
Tim
I
think
any
model
that
relies
on
those
things
not
being
discoverable
for
long.
It
may
not
be
like
a
mall.
You
want
to
build
a
lot
of
foundation
on
sort
of
not
addressing
your
concern
but
sort
of
the
rationale
for
your
concern.
A
There
seems
to
be
no
no
potential
by
changing
the
document
status
to
experimental
so
that
that
one's
resolved,
the
remove
tracking,
preventing
tracking
clients
claim
there's
still
some
disagreement
but
where
it
should
be
removed
completely
or
revised.
So
what
is
your
a
few
unsure
I
mean
that's
a
working.
J
Of
decision
so
on
the
my
position,
I
think,
is
that,
on
like
they
good
I
strike,
I
was
trying
to
get
out
is
like
that.
What
the
maybe
you
could
pull
a
PR
from
my
understanding
is
when
I
read
it
was
that
when
you
say
well,
new
terminal
signatures
like
that
that
there's
a
sit,
the
thing
that
says
don't
do
to,
or
ministers
integers
and
yet
simultaneously
the
ITF
is
pushing
people
use
RSA
towards
PSS,
and
so
there
seem
to
be
in
conflict
and
so
and
I
understood
and
so
I
thought.
J
J
It
could
be
we're
gonna,
we're
gonna,
like
you,
we're
gonna,
say
what
you
have
to
suppose
integers,
but
it's
like,
like
I,
just
think
these
things
are
just
some
things
intentionally.
You
guys
need
if
we
have
to
resolve.
Oh
so
I'm
like
not
pressing
for
any
particular
resolution,
but
I
do
think
that
something's
got
to
give
in
terms
that
triangle
so
I,
don't
know
if
that
helps.
I
didn't
really
understand,
like
oh
ye.
My
way
to
the
no
list
was
a
frankly
pretty
inconclusive,
but
any
any
of
our
solution.
D
J
J
F
Alright
sigh
so
Andrew
here
so
I
think
that
there
was
some
confusion
about
why
this.
This
was
why
this
was
in
here
in
this
from
its
Roque
I'm,
trying
to
think
now
right.
So
it
all
goes
back
to
why
a
log
has
to
validate
the
chain
to
a
trust,
anchor
and
I
think
that
originally
there
was
a
misunderstanding,
which
was
that
the
only
reason
the
log
had
to
do
this
was
for
anti-spam.
F
You
know
to
prevent
it
from
being
spammed
with
certificates
from
you
know,
someone's
you
know
own
trust
anchor,
so
that
I
think
then
led
to
the
suggestion
that
we
say
there's.
No,
that
I
think
that
led
to
your
suggestion
that
we
should
say
that
there
is
no
security
implications
to
requiring
the
check
to
the
trust
anchor,
because
it's
just
anti-spam
but
as
I
pointed
out,
it's
not
just
anti-spam.
It's
ensuring
that
we
can
attribute
every
certificate
in
the
log
to
some
certificate
authorities,
so
that
browsers
can
take
action
against
the
certificate
authority.
F
J
That
make
sense,
paging
back
into
memory
and
I
agree
with
you,
I'm
happier
with
this
text.
I
think
it
might
be
productive
for
somebody
to
add
what
I
what
you
just
said
somehow,
because,
apparently
at
the
fact
that
apparently
several
were
confused
about
this
suggests
that
maybe
a
bigger-
and
it
is
a
subtle
point
about
CSS,
but
have
you
documented
but
I'm?
Fine
with
a
planet
is
PR
yeah.
F
C
J
D
J
G
Elisa
Cooper
it's
so
it's
kind
of
up
to
you.
It
wasn't
really
clear
to
me
when
you
were
going
through
if
it's
just
that
you
that
the
working
group
doesn't
want
to
work
on
these
anymore
and
there's
individuals
who
would
like
to
have
things
ad
sponsored.
It
didn't
really
seem
like
that,
but
that's
one
possibility,
but
the
other
possibility
is
the
drafts
expire
and
that's
it.
D
J
It
could
be
I
think,
honestly
on
the
one
holding
that
up,
so
maybe
it
will
be
better
would
be.
If
we
try
to
resolve
the
remaining
issues
and
then
just
and
and
and
and
then
you
know,
III
guess:
I
grown
I
like
what
were
you
hoping
to
Colonus,
actually
ask
you
that
I'm
sorry
were
you
hoping
to
close?
Let
me
ask
you
that,
like
now,
I
am.
D
J
Than
a
request
just
leave
it
so
technically,
yes,
I
could
but
I
guess
his
ended,
which
these
are
all
working
with
documents
it'd
be
better
to
and
unless
I
may
feel
differently
and
like
I,
this
I
think
guides.
The
charity
fight
we're
here,
but
it
might
be
better
to
just
like
keys,
are
working
rely
for
the
month
or
two
of
law.
Hard
lanolin!
Is
that
what
do
you
think.
G
Yeah
well,
I
would
only
keep
the
wooden
group
open
until
the
Biss
document
is
through
the
IHG,
because
you
never
know
there
could
be
something
that
comes
back
where
you
need
a
working
up.
Consensus
call.
So,
if
you're
going
to
do
that
anyway
and
there's
energy
to
just
process
the
other
document
relatively
quickly,
then
just
leave
it
open
until
those
two
are
done.
I
think.
E
Hi
again,
sorry,
this
is
more
of
a
procedural
question
due
to
lack
of
familiarity,
so
bear
with
me.
So,
as
I
mentioned,
we
plan
on
doing
some
experiments
to
get
like
that
at
the
back
like
we
mean,
because
basically,
there
are
like
material
improvements
and
in
bits
that
aren't
in
sequencing
right,
and
there
are
things
that
I
think
are
going
to
be
very
useful
in
the
long
run,
but
maybe
not
be
in
their
final
state
if
the
WG
closes
and
we
come
up
with
these
results
half
a
year
later.
D
We
could
potentially
spin
up
a
new
working
group
or
because
this
would
be
what
we
need
basically
dropping
about,
as
fans
assume,
ultimately
transitioning,
something
from
experimental
to
standard.
Potentially
them
I.
Don't
know,
I
may
be
another
ad
sponsorship,
but
we
could
spin
up
another
working
group
pretty
quickly
on
this
I.
Think,
okay,.
E
Yeah
and
just
the
reason
why
I
asked
this
concern
is
just
that,
like
these
things,
move
as
glacially
as
changes
in
the
PK
ecosystem
do,
and
that
seems
to
be
a
pretty
big
mismatch
to
the
speed
at
which,
like
IETF
WGS,
go
it
just
hello
Maisie.
It
seems
that
extenders
laughing
right
next
to
me
so
yeah.
D
J
J
J
Yeah
so
I
think
I
guess
what
I
would
say
is
there
are
really
two
possible
like
we
have
the
procedure.
The
coupon
they're
two
possible
like
outcomes
here
right.
One
is
that,
like
we
think
expenses,
this
is
essentially
correct
and
in
which
case
like
we
could
simply
read,
we
could
simply
you
know
rebadge.
It
is
standard
as
proposed
standard,
or
you
know,
issue
like
a
Navy
sponsored
small
things
as
well.
Some
small
Corrections.
The
second
is,
we
think,
is
not
substantially
correct
and
like
more
what
needs
to
be
done,
in
which
case
we
would.
J
You
know
eight
commands
to
and
maybe
even
call
it
trans
elastic
and
tell
me
I,
don't
know
if
there's
like
these
things
get
like
you
know,
trans
OH
or
something,
but
you
know
to
do
that,
but
that'd
be
the
process
but
think
yeah
again
it
really
depends
on
what
the
feedback
is.
The
feedback
is
it's
basically
right
then,
like
just
promoting
is
easy.
The
feedback
thing
you
don't
want
to
work
then,
like
you
have
to
do
that.
Work.
Someone.
C
C
If
you're
not
gonna
do
anything
until
104,
but
most
of
the
things
that
we're
thinking
are
basically
augmenting
trends
with
new
ideas
and
different
features,
and
things
like
that
and
I
think
those
are
better
handled
as
new
drafts
as
opposed
to
a
business,
and
so
those
can
just
go
through
the
normal
IETF
process
and
hey
we've
got
a
new
draft.
It's
got
great
new
trans
stuff,
there's
no,
where
it
can
currently
go.
Please
tell
us
where
you
want
to
send
it.