►
From YouTube: IETF105-SECDISPATCH-20190722-1330
Description
SECDISPATCH meeting session at IETF105
2019/07/22 1330
https://datatracker.ietf.org/meeting/105/proceedings/
B
Hi,
if
you're
here
for
something
other
than
Zack
dispatch,
oh
where
you
would
like
to
be
otherwise
welcome.
Kathleen
Moriarty,
Richard,
Barnes.
B
C
A
F
F
F
And
then
asks
you
to
basically
for
stuff
that
could
be
binary,
and
so
that
was
a
bit
confusing.
So
it
turns
out
that
it
turns
out
that
there
are
no
actual
real
implementations
out
there
of
it
that
actually
put
the
content
transfer
encoding
header
in
because
it's
actually
deprecated
by
all
the
HTTP
documents,
so
implementers
are
left
wondering.
Does
that
mean
that
I
should
put
binary
in
the
in?
What's
there
or
base64-encoded?
And
the
answer
is
the
document
said
to
base64
encode
it,
so
they
did
with
the
result
that
people
were
like.
F
Oh
okay,
it's
basic,
C
4,
encoded
well
is
Bruschi
base64
encoded,
even
though
it
doesn't
say
it,
and
therefore
we
got
into
confusion
things,
and
it
also
makes
it
a
little
more
confusing,
because
people
like
to
run
things
with
curl,
which
is
really
hard
to
dump
binary
objects
into
it,
but
really
easy
to
jump.
Base64
things
in
and
people
don't
always
realize
whether
they're
providing
a
convenient
encoding
to
curl
or
whether
they're,
actually
that's
what
they're
transmitting
anyway.
So
this
is
a
document
that
basically
shrimps
to
clarify
these
four
four
points.
F
Two
of
them,
errata
were
raised
by
Shawn
Turner
next
slide.
Actually,
the
content
part
two
of
them
are
raised
by
by
Sean
Turner
on
this
topic.
There
is
an
ASN
one
complaint
about
the
document
that
it
does
it
wrong
and
I
actually
and
not.
I
have
no
idea
if
it's
right
or
wrong
and
I
need
help
on
that,
and
then
finally,
there's
a
typo
that
apparently
in
extra
space
that
apparently
when
implementation
believed
was
mandatory
and
insisted
was
there
and
then
they
realized
it
was
just.
F
It
was
a
typographic
issue
in
the
document
when
they
tried
to
interoperate.
So
those
are
four
things
that
just
a
simple
clarification
document
on
it.
I,
don't
think
it's
worth
revising
the
best
Ness
document.
Next,
slightly
I,
don't
believe
it's
worth
revising
the
document
are
doing
abyss.
At
this
point,
you
may
have
seen
my
zero
zero
zero
one
documents
which
went
on
the
assumption
that
content
transfer
encoding
was
actually
being
sent.
We
actually
could
upgrade
everything
to
binary,
if
only
we
could
change
the.
F
C
C
F
F
G
G
Non
Thompson
I
have
a
slight
preference
for
going
to
an
existing
working
group.
If
you,
but
an
existing
working
group,
if
you,
if
you
can
find
one
that
is
willing
to
take
on
the
work
some
of
these
working
groups,
don't
really
have
the
charters
for
it,
which
makes
it
a
little
tricky.
So
I
don't
really
mind
I.
F
G
The
thing
that
occurs
is
perhaps
you
could
monkey
patch
this
in
some
way,
using
content
encoding
to
avoid
that
base64
issue.
But
I
don't
know
if
we
have
a
base64
content
encoding
so
that
that
would
be
new
work
and
so
it
might,
you
know,
content
transfer
encoding
is
not
a
thing
in
HTTP,
so
yeah.
Let's
not
pretend
that
happen,
but
we
might
be
able
to
do
something
that
will
for
those
that
implement
this
correctly
up
to
the
new
standard,
won't
result
in
any
confusion
terms
so
of
the.
F
Four
or
five
actions
that
are
defined
all
but
one
are
posts,
and
so
you
have
to
the
client
has
to
somehow
guess,
having
never
spoken
to
the
server
before,
like
whether
it
accepts
this
new
format
or
not,
and
that
turns
out
to
be
non-trivial.
Unless
we
I
don't
know
we
go
LPN
or
something
I,
don't
know
what,
but
do
know
me
I
think
it's
do
not
fix
just
yeah
so
just
document
it
yeah.
H
All
right
so
the
hi
I'm
Sean
Turner,
the
joke
comm
is
we
should
just
rename
lamps
P
kicks
wait
forever,
but
I
think
you
should
probably
send
it
there.
Since
it's
already
kind
of
the
P
kicks
thing,
even
sorry
shouldn't
you
should
send
it
to
lamps
lamps
and
you
should
rename
P
kicks
or
lamps
Topeka,
X
Prime
or
something
great
like
that
made
long
live
forever.
I
think
we
should
definitely
fix
these
things.
I
think
I,
don't
know.
H
I
was
considering
whether
we
could
use
the
HTTP
except
header
to
try
to
tell
the
server
what
you
support.
There
was
something
that
Mark
Nottingham
suggested
at
one
point
that
maybe
there's
some
way
we
could
figure
out
how
to
do
that.
I,
don't
know
if
that'll
work,
but
it's
something
to
propose
and
I
guess
in
the
errata
that
I
submitted
there
were
some
suggestions
for
workarounds
about
should
be
except
to
do
this
so
that
so
maybe
those
weasel
worrying
work
and
maybe
it
won't
fit
and.
G
Month
olds,
back
on
the
post
issue,
there
is
now
say
that
talks
about
content,
encoding
and
client
requests
and
I
think
that
we're
almost
in
that
area-
and
so
there's
a
there's,
a
bunch
of
text
about
how
to
deal
with
that
in
that
RC
I
can
send
it
positive,
which
document
is
this?
Our
seed
med
mid
that
I
can't
remember
off
the
top
of
my
head,
but
I'll
find
it
for
you
and
send
it
off.
72.
F
G
F
C
E
C
I'm
looking
to
units
I'm
like
a
pause
block,
okay,
great
so
well
consider
this
dispatched
two
lamps,
then
thank
you.
Next
up
is
dave
carroll
or
some
controller
Ike.
K
So
I'm
here
to
talk
about
controller
Ike.
This
is
something
we
started
doing
in
SD
when
work
and
it's
been
growing
in
the
routing
group,
a
lot
of
interest
in
it.
It
is
basically
a
key
management
protocol
there.
What
is
it
Ike
is
basically
a
key
management
protocol
that
will
drop
in
in
place
of
standard
Ike,
except
it
works
through
a
controller.
You
know
the
concept
is
there
is
no
peer-to-peer
direct
messaging
at
a
high
level,
it's
pretty
simple.
So
what
we're
doing
is
a
different
exchange.
K
K
So
the
problem
we
came
up
with
that
we
had
to
address
was
that
we
had
we're
doing
large-scale
networks.
We
were
doing
10,000
plus
nodes
in
a
full
mesh
and
there
was
too
much
hike
going
on
the
amount
of
traffic
over
the
network
was
too
high.
The
complexity
just
was
not
manageable,
as
an
N
squared
and
so
by
coming
up
with
a
controller
based
model,
we've
reduced
the
messaging
to
order
n
control.
Basically,
each
peer
creates
a
different
public
value,
sends
it
to
the
controller
controller,
collects
these
all
and
sends
them
all
down.
K
The
concept
is
very
simple
where
this
gets
interesting
is
when
you
try
to
synchronize,
if
you
obviously
you'll
have
to
do
rekeying
and
when
rekeying
happy,
you
have
the
problem
that
keys
get
distributed
to
different
periods
at
different
times
for
redundancy
reasons.
You'll
want
to
have
multiple
controllers,
the
state
isn't
always
the
same,
and
so
the
draft
that
we
put
forward
is
addresses
the
synchronization
and
shows
how
you
can
handle
that
with
a
centralized
controller
base
to
key
exchange.
K
What
isn't
it
we're
not
pushing
this
as
a
replacement
to
Ike?
Obviously,
I
guess
stood
the
test
of
time
it's
around,
but
in
certain
models
this
is
we
find
this
it
to
be
a
little
more
ideal.
It
is
also
not
a
two-way
attribute
negotiation
protocol.
You
can,
you
can
end
up
with
two
peers
in
Ike
that
we
may
offer
different
things
and
the
other
wants
in
in
this.
K
There
is
much
more
of
a
limit
you've
got
to,
but
but
in
this
model
worth
coming
from
a
centralized
controller
and
so
we're
not
as
worried
about
needing
to
negotiate
completely
disparate
options.
There
is
a
small
ability
to
negotiate
a
hierarchy
for
you
know
you
may
have
a
couple
of
algorithms
and
you
can
negotiate
down.
I
won't
go
into
the
details,
but
it's
in
there
and
the
other.
The
other
key
to
this
is
we're
not
providing
the
secure
communication
to
the
controller.
K
So
this
is
a
protocol
that
is
embedded
in
something
else
in
the
VIP
Telos
cisco,
the
the
Pella
sp1
products.
We
have
our
own
protocol
that
is
secure
in
the
routing
working
groups.
We
are
working
with
bgp,
insecure
bgp
messages
and
that's
all
taken
care
of
as
part
of
the
communication
to
the
route
reflector.
K
So
why
do
we
want
to
do
this?
So
the
key
for
us
is
optimization.
We
reduce
the
complexity,
reproduce
the
messaging
from
N
squared
to
n,
but
there's
there's
other
attributes
to
this.
That
are
really
have
been
really
helpful
for
us
in
SD
Wham's.
So
one
of
the
one
of
the
keys
that
we
found
is
we
have
customers
that
want
to
do
control
over
a
managed,
secure
network.
K
The
other
side
of
it
is
we
work
at
at
least
one
customer
that
had
some
very
odd
shaped
networks.
They
had
links
that
were
not
bi-directional,
and
so
you
have
a
case
where
two
peers
cannot
talk
to
each
other
by
directionally,
but
they
can
each
talk
to
the
controller,
and
so
we
can
provide
a
way
to
do
key
management
and
still
have
a
one-way
IPSec
tunnel.
K
So,
where
is
this
being
used?
I'll?
Throw
it
a
few
drafts
here.
These
are
things
that
are
being
pushed
forward
in
some
other
working
groups.
I
know,
IDR
I.
Think
it's
tomorrow
is
gonna,
be
talking
a
lot
about
security
architecture
and
directions
that
this
is
headed,
and
this
is
it
hopefully
intended
to
be
one
part
of
that
architecture.
K
Wednesday
got
it
not
tomorrow,
and
you
know-
and
this
has
been
discussed
drafts
with
this-
have
been
presented
in
best,
it's
been
discussed
in
IDR,
even
the
I
to
NSF.
Work
has
looked
into
this,
and
this
could
fit
in
very
well
with
the
I
to
NSF
infrastructure,
though
not
as
the
not
as
the
messaging
portion.
Just
the
configuration
much
like
Ike,
who
will
skip
by
that.
K
So
when
is
when
is
stuff
happening,
there
are
currently
two
implementations
of
this
draft
that
are
known
to
be
there
to
be
fair
and
honest.
They
are
very
incestuously
related,
so
maybe
it's
not
quite,
but
the
stuff
is
working.
It
is
going.
It's
also
currently
under
consideration.
A
number
of
working
groups
that
are
looking
to
try
to
integrate
a
controller
based
key
management
for
for
SD
lands
for
overlay
networking,
and
then
this
is
kind
of
my
last
slide.
N
N
K
N
If
you're
counting
messages
versus
bytes,
things
are
very,
very
different,
but
anyway,
so
on
your
pain,
I
mean
so.
This
is
like
by
the
way,
skip
in
case
nobody
here,
people
don't
remember
history.
This
is
basically
the
same
protocol
that
Sun
originally
proposed
Friday
SEC
and
was,
and
we
ended
up,
selecting
Ike
and,
as
we've
skipped
you're
paying
a
lot
for
this,
which
is
you're
not
getting
PFS,
and
you
have
the
odd
protocol
design
without
confirmation.
N
N
Guess
I
guess,
as
I
said
of
my
email,
an
alternative
design
is
to
do
effectively
is
to
basically
do
key
establishment
only
when
you
need
it
and
then
basically,
overhead
you're
paying
is
whatever
messages
you're
sending
in
addition
to
the
actual
communication
you're
setting,
because
I
assume
you
do
intend
to
send
packets
right
do
intend
to
send.
K
N
I
guess
I
would
encourage
you
to
sharpen
I,
encourage
you
to
see
the
requirements
where
I
wasn't
stating
the
design
you're
looking
for,
because
it
seems
to
me
that
the
requirements
bit
won't
back
out
of
this.
Don't
necessarily
get
you
to
the
conclusion
you
just
got
to.
N
K
C
C
Propose
an
alternative
hypothetical
here:
imagining
everyone
has
bi-directional
connectivity
to
a
controller.
One
one
design
you
could
adopt
is
to
do
normal
Ike
directly
between
the
normal
Ike
from
one
peer
to
another,
but
tunneled
via
those
controller
connections
right
as
well,
so
so
that
you
do
normal
Ike,
full
mesh,
but
over
the
controller
connection,
because
you
have
bi-directional
constant
connectivity
that
way
so
I
guess
I,
I,
think
kind
of
what
occurs
asking
is
like.
How
does
this
design
differ
from
that
one?
C
F
Was
right
that
so
my
follow
up
that
might
clarify
what
Richards
and
my
question
is:
do
you
have
a
goal
to
be
able
to
work
between
split
brain
controllers
where
there's
multiple
controllers
and
they
no
longer
the
partitions
in
parts
of
the
network
and
still
have
things
happen?
In
other
words,
do
you
have
an
idea
that
you
might
also
be
doing
ike
between
controllers
to
build
meshes
between
networks
that
were
partitioned?
As
for
us
from
there
on
their
control
links?
I
have.
K
O
O
Last
but
not
least,
a
VPN,
and
there
is
requirement
to
be
able
to
add
security
features
to
evpn
and
leverage
that
controller,
and
this
is
one
of
the
draft
that
we
are
introducing
in
the
best
and
ideal
working
group,
and
it
is
getting
good
traction
and
the
idea
is
I.
Have
the
controller
I'm
doing
this
signaling
for
my
VPN
and
many
other
things,
I'd
like
to
be
able
to
use
the
same
controller
to.
O
To
leverage
it
for
point-to-point,
tunneling
soda,
so
the
signaling
connection
is
point-to-multipoint
the
signaling,
but
the
tunnel
IPSec
tunnel
that
they
set
up
as
a
result
of
their
signaling,
his
point-to-point
and
the
work
in
terms
of
how
the
signaling
is
done.
As
I
said,
we've
introduced
a
trap
in
best
and
we're
getting
fairly
good,
very
good
interest
on
it.
P
Then
the
downbar
from
choo-choo
I
I
strongly
support
this
proposal.
I
think
the
IPSec
have
been
the
industry
for
many
decades.
Right
primarily
is
peer
to
peer.
However,
in
today's
environment,
for
example,
for
enterprise
going
to
the
cloud
or
Enterprise
going
to
multiple
clouds,
you
have
an
edge
device.
It's
no
longer
just
one
connection
to
make
here
we're
talking
about
multiple
connections:
I
have
an
edge
device.
P
I
may
have
five
10
tenants
connected
to
my
edge
device
each
attendant
in
to
talk
to
their
peers
right
so
from
one
edge,
supposedly,
if
I
have
just
simply
10.
No,
that's
not
talking
about
100
nodes,
Network
10,
node
Network,
if
I
had
to
talk
to
connect
with
all
my
dear.
So
that
means
I
have
to
have
9
connection
to
all
my
peers,
but
if
I
have
5
tenants
attached,
each
of
them
need
a
cassette.
P
So
that's
5
times
9,
so
for
one
node
today,
I
have
to
support
45
peer-to-peer
key
management,
that's
a
lot
of
work
and
in
addition
to
that
for
SD
one
or
the
device
connecting
to
the
multiple
cloud.
There's
always
always
a
controller.
Doesn't
matter
it's
not
just
for
this
particular
purpose
for
other
purposes,
neither
controller
so
as
a
device.
Today,
you
already
have
a
secure
connection
with
the
controller.
P
Through
that
secure
connection,
you
can
distribute
all
those
key
informations,
not
directly
key
information
per
se,
but
rekey
mechanism,
all
those
kind
of
requires
to
rekey
so
that
make
the
whole
network
scalable.
Otherwise,
just
unimaginable
OneNote
probably
have
to
handle
hundreds
of
keys
and
that's
just
not
manageable,
by
a
small
virtual
device,
especially
I
support
this.
Maybe
this
exactly
mechanism
doesn't
have
to
be
the
one,
but
it's
controller.
Paged
IKEA
has
to
be
in
something
to
be
discussed
idea.
So.
Q
Okay,
yeah,
you
have
mirror
culture
effect
Alyssa.
This
was
presented
in
nitro,
NSF
and
I.
To
a
surface.
Has
this
document
about
using
a
controller
to
initiate
IPSec
and
you
have
two
modes
or
cases
and
one
with
I
can
run
without
like
a
class
installed,
and
we
saw
this
is
kind
of
a
middle
ground
and
what
I'm
missing
is?
What
does
this
give
you
that
the
I
less
that
case
it
does
not
give
you.
K
So
so
in
the
I
and
it's
a
flow
projection,
the
eyeglass
case
is
simply
having
keys
produced
at
the
controller
and
pushed
down
to
the
ends.
So
the
controller
now
owns
or
knows
every
key
used
in
the
network.
There's
certain
obvious
limitations
to
that
sort
of
model.
In
the
past,
I've
spoken
in
I
to
NSF
about
trying
to
integrate
this
into
that
flow.
K
And
since
then
this
is
somewhat
evolved
with
the
routing
groups,
and
the
notion
would
be
that
I
to
NSF
would
be
used
to
configure
the
static
configuration
for
either
an
IKE
or
a
controller
Ike.
But
then
the
actual
dynamic
messaging
would
happen
through
a
route
reflector
not
through
the
I
to
NSF
yang
model.
I.
Think
that's
a
much
cleaner
design
with
what
I
to
NSF
has
put
forward,
but
I.
Q
K
So
the
architecture
that's
currently
being
put
forward
in
best
as
far
as
these
dynamic
routing
models
has
a
configuration
server
that
configures
nodes
as
they
come
online.
They
need
to
do
some
sort
of
ztp
or
something
else
to
connect
to
the
network
and
they
get
a
configuration
pushed,
but
then
there's
the
dynamic
routing
where
they
send
the
overlay
routing
to
the
RR,
and
that
would
be
a
more
ideal
place
to
send
key
management
updates.
N
Yeah
so
I
think
insert
dispatch
here
and
we're
not
like
building
the
protocol.
It
sounds
to
me
like
there's
some
confusion
about
the
actual
requirements
here.
Maybe
you
put
people
is
by
me
and
since
designing
aches
is
kind
of
like
difficult
and
getting
em
right
is
not
easy,
but
they
could
be
really
useful
to
get
like
a
somewhat
clearer
statement
about
how
this
problem
domain
is
sufficiently
different
from
other
problems.
That
means
that
we
can't
lovers,
and
they
already
have
and
I
think
then
exchange
you
and
I
had
earlier
suggest
to
these
I.
N
Don't
understand
this
properly,
I'm
telling
my
fault,
but
so
I
think
interest.
Dispatching
this
what
we
were
helpful
BJ
said
we
have
a
clear
problem
statements
that
actually
make
clear
like
what
this
use
case,
how
it's
different
and
potentially
in
ways
that
are
more
constrained
in
a
way
in
perhaps
bandwidth
in
ways
that
are
less
constrained.
Insurers
have
any
controller
available
right
and
then
we
can
see
what
protocol
actually
makes
sense
from
a
super-intense.
L
Asterick
Union,
we
hadn't,
you
know,
presentation
of
tha
gave
me
some
time
ago.
I
remember
and
conclusion
was
that
we
said
that
I
need
to
do
which
I
paycheck,
so
we
don't
want
to
do
it
the
night,
basic
crew.
So
if
somebody
could
propose
that
that's
a
solution
to
that,
we
are
not
going
to
take
it
like
this
again
me
because
this
doesn't
have
anything
to
check
the
other
problem.
I
have
disease
is
that
it's
assumes
like
arrow
saying
you
don't
have
really
requirements.
L
This
assumes
that
your
whole
network
is
stuck
because
they,
if
you
have,
if
you
start
building
this
network
one
by
one,
you
have
one
node
that
you
add
one
node,
then
even
a
dog,
then
her
unsecured,
okay,
because
every
time
you
add
a
note,
you
need
to
send
that
one
note
sent
a
packet
to
controller
controller,
sent
a
packet
to
everybody.
To
tell
us.
Oh
that's
happening,
you
know
public
key
here
and
then
somebody
else
it
says
again.
L
So
every
time
you
set
up
notice
and
end
packets-
and
you
add
in
notes
it's
n
times
in
so
into
it.
So,
but
your
if,
of
course,
if
you
have
everything
ready,
you
have
10,000
notes
there,
you
can
send
the
10,000.
You
know
perfect
case
at
the
same
time,
and
you
know
the
network
starts
the
other
problem
I
have
there
is
that
you
have
to
always.
You
know,
you
know.
L
The
benefits
for
Ike
is
that
you
create
the
keys
only
when
you
need,
if
you
have
10,000
nodes
there,
you
don't
have
to
trade
in
Harran
SS
when
you
boot
up,
you
create
only
those,
it
says.
If
you
need
it,
when
you
talk
to
somebody
and
in
most
of
the
networks
or
environments,
you
don't
need
to
talk
to
everybody
in
the
network
every
time
all
the
time
you
talk
to
you
know,
handful
of
people
who
are
no
next
to
you
are
all
discography,
so
you
have
very
you
know.
L
K
Let
me
address
both
of
those
actually,
this
works
really
well
in
dynamic
networks.
When
you
start
bringing
nodes
online,
the
node
simply
has
to
contact
one
source,
the
route
reflector
as
it
were
in
there
in
the
routing
model,
and
update
it
with
its
diffie-hellman
information,
as
well
as
the
overlay
routes
that
it
knows
alright
and
the
overlay
router
is
regularly
sending
these
updates
to
all
the
other
routers.
So
it's
it
gets
to
them
anyway,
he's
not
adding
to
any
load.
We
had.
You
know
if
you
have
99
nodes,
and
you
add
one
more.
K
L
K
R
K
S
Sunnis
since
you're
doing
a
performance
optimization
here,
I
was
wondering
whether
you
posted
something
about
the
details
of
that
performance
improvements,
because
I
was
caught
a
little
bit
confused
on
the
discussions
on
the
scalability
aspects,
which
I
didn't
quite
see
in
like
in
the
number
of
notes
that
were
mentioned.
I,
don't
I
would
like
to
see
some
of
those
details
clarifying.
S
O
How
many
sensory
I
think
there
was
a
misunderstanding
by
the
other
gentleman
who
was
here
and
talking
about?
If
you
add
a
note,
then
you're
gonna
end
up
sending
tons
of
messages.
That's
not
the
case
when
you
add
a
note
that
note
talks
to
the
rot
reflector,
which
is
the
controller
and
gets
the
information
from
the
controller,
so
you're
not
sending
any
other
messages
and
the
saving
is
on
the
ingress
notes
or
the
note
that
you
keep
adding
to
the
network.
Those
can
be
a
very
low
power,
low.
T
T
So
I
noticed
that
there's
been
some
people
coming
in
the
mic
and
talking
to
you
about
better
ways
to
do
this,
you
know
Eric,
head
of
suggesting
territory,
isn't
Alaska
I'm,
sorry,
I,
don't
know
your
name,
we're
talking
about.
You
know
different
ways
to
solve
this
problem
or
to
do
it
better
or
something
else.
So
it
looks
like
there's
enough
interest
in
this
kind
of
a
problem,
and
so
I
think.
When
is
probably
you
know
real
soon
now
and
probably
right
now,
but
I
think
we're
I,
don't
see
why
I
can't
go
into
IPSec.
T
This
is
no
more
of
a
weirdo
key
exchange
them
like
the
G
DOI
stuff
that
we
did
so
it's
it
seems
like.
If
process
is
the
reason
we
wouldn't
do
this,
it
seems
like
a
really
poor
outcome
for
the
ietf.
It
looks
like
there's
enough
interest
and
do
something
like
this
looks
like
it
solves
a
problem.
So
I
mean,
let's
put
it
in
IPSec.
If
we
got
to
change
the
Charter
than
let's
change
the
Charter,
it's
so
what
well.
T
K
Have
to
say
you
know:
I
don't
want
to
disagree
with
the
IPSec
can
be
working
working
group
chairs.
But
to
me
this
is
an
IPSec
thing,
yeah
we're
using
the
sole
easy
purpose
in
just
a
second.
You
know
we're
using
this
solely
for
the
purpose
of
wreaking
IPSec.
It's
know
it's
providing
a
function
that
I
provides
it's
providing
a
function
that
the
GUI
stuff
did
you.
L
D
L
But
that's
not
make
it
that
doesn't
make
it
I
basic,
and
the
people
in
the
IPSec
can
make
group
are
interesting,
IPSec
which
includes
arc,
and
they
were
not
interesting
on
this
because
they
see
that
they're
only
you
know
very
small
piece
of
this
is
the
ESP
that
is
common,
what
they
are
going
now.
So,
as
I
said
heap
has
his
babies
using
ESP.
It
has
exactly
same
common.
You
know,
understanding
that
this
one
I
mean
I,
don't
want
to
have
a
heap
coming
here.
L
Jido
is
actually
using
I
person
to
messaging
between
the
you
know,
peers
and
it's
actually
using
like
person
to
frame
that's.
Why
it's
much
more
concern
that
there
was
lots
of
people
who
were
saying.
Oh,
do
we
actually
want
to
do
that?
The
option
was
to
have
a
separate
you
know
working
group
or
or-
and
we
decided
that
it
still
has
some
most
of
the
same
people
would
be
interested.
That's
why
it's
in
there
I
wish
I
can
make.
P
Again,
since
it's
a
dispatch
group
I
think
we
should
first
which
consensus
is
of
some
work.
We
should
do
from
istea
perspective
and
heard
a
comment
about
adding
one
new
node
or
trigger
so
many
messages.
I
just
want
at
one
more
point
that
in
like,
for
example,
use
SDI
as
an
example.
All
the
notes
have
to
get
controller
to
dictate
who
we
can
communicate
you,
because
we're
talking
about
the
overlay
Network
I'm
here
in
Montreal
I
have
my
period
in
Dallas
and
I.
P
Don't
just
talk
to
Dallas,
maybe
I'm
not
even
allowed
to
talk
to
him.
The
controller
has
to
dictate
who
I
talk
to
so
it
makes
more
sense.
I
have
a
controller
dictated
I
get
controlled
a
key
so
that
they
can
send
to
the
control
group,
but
that's
just
one
more
requirement
that
thing
we
should
okay.
Thank
you.
U
I
mean
so
there's
I
think
still
some
lack
of
clarity
among
many
people
in
the
audience
part
about
what
the
requirements
are.
We
heard
some
talk
in
passing
about
the
overlay
Network
and
maybe
an
implication
that
the
second
is
really
bad
and
maybe
the
implication
that
with
overlay
Network,
you
need
to
actually
need
to
give
every
node
the
key
from
every
other.
U
Would
get
into
some
the
scaling
and
number
of
messages
questions
that
were
raised,
so
it's
not
really
clear
that
the
people
in
the
room
have
the
information
that
they
need
to
make
the
dispatch
question.
Maybe
we
should
have
more
discussion?
Maybe
we
should
have
a
mailing
list
that
we
can
do
that
or
do
you
want
to
keep
it
on
sexist
nuts
yeah.
C
C
B
I'd
say:
you've
gotten
a
lot
of
good
feedback,
there's
a
really
active
discussion.
So
you
know
some
of
the
points
that
came
out
for
revising
their
requirements
so
that
they
were
clear
and
a
revision
of
the
draft
would
be
helpful
if
the
ABS
want
it
on
a
separate
list.
That,
of
course,
is
is
an
option
or
we
continue
to
leave.
It
discussed
on
SEC
dispatch
for
a
while
until
it's
found
at
home,
but
it
there's
their
interest.
I'm.
B
K
R
I'm
Tom
Baker
I'm
here
to
present
on
the
mathematical
mesh,
so
internet
security
is
broken.
It's
broken
because
we
keep
being
told
it's
broken
in
the
news,
and
if
you
look
at
what
we
do
here,
we
use
very
little
cryptography
that
isn't
described
in
Bruce
Schneier
blue
book.
We
don't
use
anything
from
the
red
book.
We've
improved
some
of
our
algorithms,
but
we're
still
approaching
the
problems
in
the
same
way,
the
things
like
s/mime
open,
PGP,
the
user
spending
too
much
effort,
they're,
not
using
them
and
they're
not
going
to
change.
R
So
we've
got
to
change
our
approach
and
if
you
look
at
the
problems
out
there
most
of
the
breaches
of
a
data
at
rest
and
we
focus
on
transport,
we've
got
to
look
at
the
data
at
rest
problem
as
well,
because
that's
where
the
breaches
are,
the
approach
that
I
want
to
approach
apply
here
is
meta.
Cryptography
I
want
to
go
beyond
the
PGP
Canon,
and
one
key
cryptography
des
allows
you
to
solve
a
lot
of
problems.
You
know
ATM
systems
were
made
possible
by
debts.
R
R
So
it's
about
moving
towards
more
keys,
more
separation
of
roles,
more
separation
of
duties,
and
this
allows
you
to
do
some
really
cool
stuff
like
have
a
cloud
service
that
with
all
the
encrypted
data
but
can
encrypt
stuff
but
doesn't
have
the
ability
to
decrypt
because
it
doesn't
have
any
other,
it's
the
key
manager.
It
doesn't
have
acne
actual
keys,
so
the
solution
I've
come
up
with,
for
this
is
more
than
just
an
application.
R
It's
really
a
platform,
and
when
you
look
at
what
you
need
to
support
this
and
make
it
usable
by
end-users,
you
need
to
do
three
basic
things.
You
need
to
be
able
to
join
together
that
all
their
devices
into
one
Gestalt
so
that
they
can
read
the
word
document.
Read
the
Excel
spreadsheet,
read
their
email
on
any
one
of
them.
Now
people
aren't
going
to
use
PGP.
If
you
can't
read
your
email
on
every
one
of
your
devices,
you
currently
do
so
you
don't
have
a
way
of
doing
that
key
portability.
R
You
have
to
have
a
way
of
establishing
trusted
relationship
with
other
users,
and
you
have
to
have
a
secure
control,
plane
messaging
to
support
all
of
the
above,
and
the
thing
is
that,
when
you've
got
all
that
infrastructure
to
support
this
one
application,
well,
you
can
use
it
to
secure
almost
everything
else
or
to
make
the
use
of
anything
else
easy.
When
I
show
this
to
Dave
Clark,
he
said
well,
SSH.
Can
you
do
something
about
making
SSH
easy
to
use
because
thing
about
SSH
is
ok,
it's
not
that
difficult
to
use.
R
That's
not
the
first
application
I'm
looking
to
sell
it
as
the
bunch
of
technology
out
there
I'm
going
to
go
through
a
summary
of
just
a
few
of
them,
but
there's
more
technology
there
and
it
can
be
used
and
it's
all
MIT
license
is
all
unencumbered.
As
far
as
I'm
aware,
it
should
be
good
to
go
so
one
of
those
technologies
is
PGP.
Fingerprints
revisited
allow
us
to
represent
any
output,
not
just
an
md5
as
a
base
32
encrypted
screen
and
apply
this
to
content
digests
to
nonces
encryption
secrets.
Jameer
secret,
sharing
h
max.
R
Allow
you
to
present
that
data
in
the
same
syntax,
now
you're
asking.
Why
aren't
these
URIs?
Well?
They're?
Not.
You
are
eyes
themselves,
but
you
can
put
them
in
any
URI
and
here's
what
you
can
get
from
you
putting
it
in
you,
your
I,
so
we
have
here
an
encryption
key
and
we've
added
to
it
a
domain
okay.
So
that
is
a
u
RN
with
a
domain.
It
can't
be
resolved
by
a
regular
browser.
R
But
if
you
take
the
fingerprint
the
content
digest
of
the
encryption
key
and
you
slap
the
well-known
service
on
top
now,
we've
got
a
locator.
We
can
pull
an
encrypted
document
and
then
use
that
encryption
secret
to
decrypt
it
okay.
So
now
we've
got
a
URI
that
allows
you
to
D
retrieve
and
decrypt
the
information.
R
So
even
if
the
crowd
is
breached,
the
data
isn't
one
of
the
technologies
is
the
replacement
for
pkcs7.
Now
this
wouldn't
be
essential
in
itself,
but
the
reason
that
I
needed
to
fill
with
it
was
because
I
wanted
to
do
the
multi
key
cryptography,
stuff
and
bowtie
and
finish
there
wasn't
much
pkcs7
left
and
so
I
get
rid
of
the
legacy
and
I
designed
it
so
that
you
can
stack
envelopes
together
to
make
a
container.
So
you
can
now
do
blockchain
type
integrity
checks.
You
can
create
a
Merkel
tree.
As
you
add
your
envelopes.
R
The
container
take
the
envelope
out,
give
it
to
somebody
check
the
signature
on
it
and
now
you've
got
one
signature
check.
One
signature
on
the
container
can
authenticate
any
message.
So
it's
a
way
of
doing
incremental
authentication.
You
can
also
do
incremental
encryption,
so
one
key
exchange
at
the
start
of
the
log
file
can
be
used
to
encrypt
a
subsequent
entry,
and
these
are
all
flexible.
You
know
their
options,
not
requirements.
R
R
So
what
I'm
trying
to
do
here?
This
is
almost
zero
trust
cryptography,
but
not
quite
I'm,
trying
to
distrust
each
party
as
much
as
possible
by
separation
of
roles.
So
if
I
buy
a
piece
of
equipment,
I
attached
it
to
I
mesh
I,
don't
want
to
trust
any
key
that
the
manufacturer
has
put
in
there
during
manufacture,
but
I
certainly
want
to
make
the
use
of
such
a
key
in
particular,
if
it's
put
in
there
during
manufacture
in
such
a
way
that
it
can't
ever
come
out
and
so
I
use
the
same
meta
cryptographic.
R
Techniques
that
allow
me
to
split
keys
to
combine
them-
and
this
is
all
technology
that
Matt
Blais
table
and
medicine
and
others
developed
in
the
1990s
and
didn't
get
used
because
it
wasn't
part
of
the
PGP
Canon,
and
so
it's
about
moving
forward
beyond
that
kind.
To
do
something
else.
So,
as
I
mentioned,
I
have
a
messaging
plane
here
now.
The
idea
here
is
not
to
replace
smtp
well,
not
immediately,
but
to
have
a
mechanism
that
is
limited
to
sending
control
messages
that
is
guaranteed
to
be
end-to-end
secure.
R
This
is
guaranteed
to
provide
certain
traffic
analysis,
resistance
capabilities
and
is
also
abuse
resistant.
Every
message
that
is
sent
as
a
message
is
access
controlled
at
the
sending
service
and
the
receiving
service.
So
it
doesn't
prevent
spam
absolutely,
but
it
makes
it
very
difficult
to
make
a
profit
sending
spam
now.
I
apply
this
to
manage
that
secure
contact
exchange
to
manage
the
connection
of
devices
to
a
personal
mesh,
but
it
can
also
be
used
for
other
things.
Yeah
50
line
application
is
provides
us
with
two-factor
authentication.
R
A
few
more
lines
allows
us
to
go
beyond
two-factor,
so
say:
I
want
to
add
somebody,
you
know
say:
I'm,
adding
some
payee
to
my
bank
account.
My
bank
could
send
me
a
message
to
say:
do
you
really
want
to
use
to
add
this
person
to
the
account
yes
or
no
I
can
say
yes,
and
that
goes
a
signed
statement.
That
is
a
second
factor
authentication
because
it's
bound
to
the
device,
but
it's
also
bound
to
the
semantics
of
the
transaction
that
are
actually
accepted,
which
is
something
you
don't
get
with
the
numeric
code.
R
R
The
Alpha
is
out
there
on
github
and
I
need
to
start
releasing
this
in
the
fall,
because
that's
when
universities
start
and
that's
when
undergrads
and
graduate
students
start
looking
for
projects
and
so
I
want
to
get
this,
and
you
know,
I
want
this
to
become
a
standard
somewhere.
The
ITF
looks
like
it's
probably
the
best
fit.
It
may
not
be.
You
know
if
the
ITF
doesn't
want
it.
I'll
have
to
take
it
somewhere
else.
So
the
question
is,
you
know:
is
this
ready
for
ITF
work?
R
You
know:
do
we
need
to
look
at
it
as
an
RTF
thing?
First,
if
should
we
start
the
working
group,
you
know,
should
we
do
it
as
experimental
or
whatever,
but
you
know
I'm
coming
here
now,
because
I'm
gonna
start
deploying
and
the
minute
that
I
start
to
get
users
I'm
going
to
be
protecting
those
users
I'm
not
going
to
be
wanting
to
make
changes
that
might
introduce
backwards,
compatibility
so
well
unless
there's
a
real
value
to
doing
it.
So
you
know,
speak
now
or
hold
your
peace
yeah.
So
that's
it
so
comments.
V
R
R
R
Now,
as
far
as
integrating
with
two
key
cryptography
now,
you
can
use
the
mesh
to
distribute
private
key
pairs
to
two
devices
views
with
s/mime
or
with
PGP
or
anything
else.
The
only
restriction
that
you
have
there
is
that
you
would
have
to
be
using
if
you're
going
to
make
use,
but
if
you
just
want
to
distribute
RSA
keys,
you
can,
if
you
wanted
to
use,
make
use
of
the
freaky
stuff
within
PGP.
We
could
extend
PGP
or
s/mime
to
make
use
of
it.
R
However,
you
would
then
have
to
use
elliptic
curve
diffie-hellman
or
find
some
other
threshold
cryptography
scheme,
the
threshold
cryptography
schemes,
I
use
they're,
currently
using
IDI
for
48,
the
CFR
G
curve
and
I'm,
using
that
for
signature
and
encryption
I
can
use
curve
X
as
what
instead,
but
because
it's
Montgomery
I
have
to
write
a
different
set
of
code.
I
didn't
want
to
do
that
for
expedience
reviews.
I
can
take
offline,
so
you
killed
use
this
with
open
PGP.
You
don't
change
encryption
at
all.
The
only
thing
that
changes
is
decription.
G
G
The
ITF
it
takes
on
work
of
this
nature.
It's
kind
of
a
major
project
in
the
sense
that
WebRTC
was
a
major
project
or
sip
was
a
major
project
or
something
along
those
lines,
so
I
would
suggest
at
a
minimum.
This
requires
above
and
it's
good
that
you
bring
it
here
and
having
the
discussions,
but
it
also
suggests
that,
if
you
say
you're
not
willing
to
change
your
your
code,
there
might
be
a
problem
because
there's
going
to
take
a
little
while
to
get
this
thing
working,
oh
absolutely,.
R
I'm
absolutely
willing,
you
know
if
somebody
will
come
to
me
and
say
we
need
to
change
that
or
whatever
I'm
perfectly
willing
to
do
that.
However,
if
somebody
came
to
me
today
and
said,
hey
Phil
I
read
your
drafts
and
you
know
if
you
just
changed
this
or
you
did
this
this
way.
Yeah
I
could
make
radical
changes
under
the
hood
and
the
cost
of
that
would
be
zero.
R
If,
however,
we
go
down
the
line
and
it's
kind
of
like
people,
you
know,
did
you
yeah
so
I'm
just
saying
you
know,
please
don't
wait
until
people
have
started
to
adopt
it
to
read
the
drafts
and
then
come
and
say:
oh,
but
you
need
to
do
it
in
sn1,
it's
kind
of
like
yep,
so
I'm
absolutely
happy
to
make
changes.
You
know
I
mean
at
the
moment.
G
R
G
Do
have
a
question
for
you
how
many
other
implementers
do
you
have
interested
in
at.
N
Yeah
thanks
for
presenting
this
budgeting
stuff
here,
I
guess:
I
was
sort
of
seeing
something
same
things.
Martin
was
asking
I
guess
this
would
be
a
little
easier
for
you
to
assimilate
if
it
weren't
all
one
monolithic
thing,
I
understand
that
I
understand
you
think
of
this
components,
but
it's
hard
for
me
to
reason
about
it
that
way
so
you're
realistically
we're
not
gonna
replace
SSH.
However
much
one
might
not
like
it
and
realistic
I
mean
realistic.
We
had
this
since
normos
installed
base
of
like
of
like
things
right
and
my
experience.
N
R
About
replacing
SSH,
but
what
you
could
use
here
is
instead
of
use.
It
I
mean
the
problem
with
SSH.
From
my
point
of
view.
Is
people
use
it,
but
they
don't
necessarily
use
it
securely
and
if
you
look
at
some
of
the
guides
for
how
to
secure
SSH
that
are
out
there
on
the
web,
I
mean
it's
like
mail
yourself,
the
private
key,
so
that
you
can
have
it
on
your
devices,
and
it's
kind
of
like
so
you,
but
you
could
use
it
for,
is
to
distribute
the
SSH
keys.
So
then
you
can
use
them.
R
N
Yeah
I
guess
so
what
make
me
me
it
easier,
at
least
for
me
to
understand
situation.
I
mean
I,
think
I
understand
the
threat
hold
stuff
like
poison,
we
weld,
but
we
can
either
understand
your
vision.
I
think
if
I
understand
how
it
fit
in
with
the
things
like
sort
of
committed
to
later
or
not
yeah,.
S
R
Right
so
yes,
so
I
could
one
of
the
things
that
the
reason
I
think
that
Alice
needs
some
wit
Mayo
connecting
all
the
devices
to
something
that
she
controls
is
that
right
now,
I
have
an
enormous
number
of
IOT
devices.
I'll
be
talking
about
this
on
my
Thursday
rant
on
the
Pecha
Kucha
session,
so
I've
got
about
don't
tell
the
wife.
R
Okay,
so
I
have
an
incredible
amount
of
IOT
stuff
and
I
have
an
enormous
amount
of
accounts
with
services
to
manage
them,
and
because
of
that
I
don't
have
an
Internet
of
Things.
None
of
my
devices
will
talk
to
each
other
and
it's
got
worse,
not
better.
You
know,
I
have
all
these
nest
devices
and
they
used
to
talk
and
now
they're
not
going
to
talk,
and
so
what
we
can
do
with
the
so.
R
R
You
know
what
I
want
to
do
is
to
drive
up
to
the
house
and
for
the
doors
to
open
the
lights,
to
go
on
and
so
I
need
that
intervention
scripting,
but
right
now,
I
can't
have
it
and
we
can't
have
it
because
the
model
that
everybody
has
is
you
can
the
device
connects
up
to
the
service
in
the
cloud
to
an
account
run
by
the
IOT
device
provider?
And
then
my
hub
in
my
house
connects
up
to
that
hub
and
then,
when
the
Internet's
out,
my
house
is
offline.
R
So
in
the
IOT
world.
This
is
a
way
that
you
can
avoid,
depending
upon
that
service
and
a
way
that
we
can
get
from
this
current,
not
an
internet
of
things,
things
that
just
happen
to
have
Ethernet
or
Wi-Fi
or
Bluetooth,
but
aren't
internet,
because
they
won't
work
with
each
other.
And
the
thing
is
that
it
will
be
easier
and
cheaper
for
you
to
use
my
stuff
as
it
from
toolkit
than
to
invent
it
yourself.
H
Thanks
hi,
Sean,
Turner,
hey
Phil,
I,
think
you've
been
doing
this
for
maybe
longer
than
I
have
so
I
would
say
that,
based
on
your
pitch
right
now,
I
would
say
that
this
work
is
not
applicable
to
the
IHF
because
it
didn't
really
sound
like
you
were
willing
to
take
changes.
If
you
this
work
gets
adopted
by
the
IETF,
you
might
not
even
be
the
author
of
the
working
group
drafts
if
there
was
a
working
group,
so
whatever
the
working
group
consensus
would
be
to
change
it,
we
change
it.
R
Absolutely
you
know
there's
two
types
of
changes
that
happen
here
right.
One
of
them
is
somebody
says:
okay,
we
want
to
do
this
functionality.
We
want
to
add
that
yeah
that
stuff
perfectly
fine.
If
suddenly
comes
to
me
and
say:
oh
that's
great,
but
I
want
you
to
do
it
all
in
sn1,
an.
H
Email
you,
though,
that's
the
problem.
The
rights
of
the
working
group
consensus
is:
we
want
to
come
up
with
some
new
encoding
scheme
and
call
it
unki,
Squa,
sn2
or
whatever,
like
that's
just
the
way
it
will
of
the
working
group,
yeah
I,
guess:
I!
Guess
if
you
understand
that,
that's
ok
and
I
think
everyone
here
does
yeah.
R
I
mean
if
there's
a
group
of
people
who
are
willing
to
do
it
and
implement
and
deploy
I
mean
like
yeah,
but
you
know
if
it's
kind
of
like
right.
The
point
is
that,
right
now,
if
you
had
some
idea
that
you,
you
think,
would
radically
improve
the
functionality
and
there
was
no
other
reason
rather
than
your
personal
I
could.
H
Do
it
I
mean
we
all
know
that
the
standardization
process
sometimes
introduces
silly
chains
that
we
don't
understand
or
don't
like
like
at
the
end,
we
had
one
thing
that
was
a
bit
string
and
it
was
like
please
change
to
a
boolean
I
mean
like
sometimes
things
things
gotta
happen,
but
you
kind
of
got
to
do
it.
If
that's
the
consensus,
oh
yeah,
it's.
R
Basically,
like
the
same
with
security
requirements,
where
we
ask
people
to
read
the
drafts
early
rather
than
late
I'm,
just
making
that
point
that
you
know
please
read
the
stuff.
Now
don't
wait
for
two
years
for
me
to
have
users
and
then
for
me
to
say
yeah.
That
would
be
a
really
good
idea
for
us
to
do
then.
But
you
know,
oh,
you
know
legacy
deployments
great,
but
it's
also
a
tract.
J
Rich
sauce,
yes,
both
ways
so
part
of
me
feels
like
this
is
sort
of
like
contributing
to
global
warming,
because
the
oceans
are
getting
all
boiled
away
and
maybe
if
there
were
a
simpler,
smaller
piece
that
could
be
split
off
and
it
seems
that
potentially
the
UDF
stuff,
because
I
know
other
groups
have
wrestled
with
naming
key
openpgp.
I
think
was
the
last
one,
the
guy
trying
to
do
it.
J
So
I
recommend
pulling
that
work
out
skipping
the
fact
that
it's
got
75
possible
use
cases
and
it's
the
solution
to
world
hunger
and
just
address
it's
a
way
to
distribute
a
name
keys
that
is
no
web
compatible.
Oh.
E
So
I
would
take
this
single
presented
as
an
iw
conference
actually
and
talk
to
the
self
sovereign
people.
I
think
you'd
have
a
lot
in
common
with
them,
and
there
is
a
at
least
conceptually
there
is.
There
seems
to
be
some
overlap
with
what
they
try
to
do.
I'm
not
advocating
that
stuff
myself
but
I
think
well
in
humane
a
little
bit.
Maybe
but
I
would
actually
go
talk
to
this
out.
So
learn
identity,
people
they
I.
Think,
let's
I'm,
not
touching
the
word
self
sovereign
identity
go
go,
go
for.
B
E
Sovereign
identity,
you
look
at
the
stuff
that
they
talk
about
it.
It
looks
a
lot
like
this.
They
they're
trying
to
address
sort
of
the
same
problems
again
and
again:
I
I,
don't
I
personally
run
with
that
crowd.
Sigh
I
couldn't
tell
you
more
about
the
details,
but
I
do
know
that
they
meet
at
this
conference
cycle
in
in
Silicon,
Valley
called
the
internet,
identity
workshop
and
I
think
that
in
that
slide,
the
answer
to
the
question
of
where
go
talk
to
them.
First,
I
think
before
you
know
deciding
this
needs
to
be
in
ITF.
D
W
I
Hi,
so
personally,
thank
you
for
bringing
this
kind
of
here
kind
of
chatting
with
that
and
listen.
The
community
I
think
that
folks
have
poked
at
interesting
parts
of
exactly
what
you're
suggesting
I
think
that
there
were
tactical
suggestions
in
terms
of
responding
about
kind
of
scope.
What
about
this?
What
about
that?
But
I
think
the
overriding
thing
that
resonates
for
us
is.
This
is
a
big
thing.
There
is
no
way
we
can
move.
We
can
move
forward
with
something
of
you
know
the
full
scope.
R
That
I
know
one
of
the
things
I
am
trying
to
grip.
The
reason
I
brought
it
here
was
that
the
precondition
for
having
a
buff
has
to
be
that
there's
in
the
right
people
at
the
buff
and
that
they've
actually
looked
at
the
technology
beforehand.
So
I
didn't
want
to
a
soar
above
here,
because
if
I
did
you
know,
then
you
know
nobody
would
know
about
the
work.
So
you
know
I'm
very
happy
going
forward
with
a
buff
I.
R
If
people
have
you
know
my
current
research
concern
on
it
is
working
out
how
to
scale,
because
at
the
moment,
I've
I've
gone
run.
The
numbers
I
can
run
a
million
users,
but
this
is
targeting
a
billion.
So
if
people
could
help
me
on
that
right
now,
I'd
be
very
grateful,
but
yeah
I
mean
a
boss.
Would
that
would
be
my
preferred
way
ahead.
So.
B
R
B
And
we'll
announce
the
list
name
whatever
it
is
or
Phil
will
on
the
suck
dispatch
list,
so
you
can
follow
along.
Thank
you
so
from
the
first,
the
extra
from
Michael.
The
decision
was
that
we
would
dispatch
it
to
lamps
for
the
controller
Ike
the
go
forward.
There
was
to
specify
requirements,
revise
the
draft
based
on
feedback
and
to
continue
the
discussion
for
now
on
tech
dispatch,
to
figure
out
next
steps
and
for
Phil's
presentation
on
mathematical.
Mesh
that
go
forward
is
this
needs
a
buff.
It's
a
large
body
of
work
and
the
go
forward.