►
From YouTube: IETF105-ANIMA-20190723-1000
Description
ANIMA meeting session at IETF105
2019/07/23 1000
https://datatracker.ietf.org/meeting/105/proceedings/
B
A
A
C
A
C
A
A
Yeah
we
hand
over
the
blue
sheets
around
make
sure
you're
signed
before
you
leave
the
room
and
we'll
each
job
square
per
anybody
you
want
here
for
you
cheaper.
Thank
you
thank
you
Mike
and
the
waited
minutes
taker
anybody
the
world
here.
Thanks,
be,
you
has
always
so
nice
both
of
you
and
we
have
the
remote
participation
online
and
all
the
slides
already
uploaded
online.
So
people
can
check
it
over
afterwards
and
the
meninist
is
animal
ITF.
Oh,
that's
a
mistake
put
out
here
for
there
somehow
that's!
A
Basically,
the
ministry
is
one
of
the
official
working
place.
People
should
to
make
discussion
there.
Actually
the
cheers
will
you
know,
make
some
information
out
of
the
Middle
East
discussing
and
the
face
to
face
meeting
here
is
just
you
know,
basically
use
our
time
here
will,
based
on
what
we
already
make.
The
congestion
makes
a
disgusting
animal
honest,
and
this
is
chaired
by
meshing
and
the
terrorist
okay
and
okay.
This
is
the
main
agenda.
We
have
a
group
and
we
have
a
working
group
document
update
for
this
time.
A
We
applied
to
sessions
so
the
morning
session
is
for
the
almost
everything
but
pretty
relevant
stuff.
So
the
afternoon
session
we
have
90
minutes,
that's
for
risky
and
we
should
go
first
for
the
working
group
document.
We
have
ASAP
automated
country
plan,
update
and
grasp
API
update.
Then
we
give
the
progress
report
our
recharge
progress,
but
here
then
I
actually
move
the
last
item.
A
A
Then
we
have
the
Sonora
comments
for
a
year
to
a
city
or
town
bad
brand.
Okay,
this
is
the
agenda
for
the
morning.
Anybody
has
any
issue
a
month
price
go.
This
is
a
kindle
afternoon.
We
have
all
the
a
risky
relevant
draft,
including
risky
itself
for
update
and
also
the
constraint
the
vulture
updates,
twelve
them
working
group
draft
already,
and
we
have
constant
joint
put
proxy
for
risky
protocols.
Peter
I
didn't
have
your
slides,
yet
no
somehow
you
said
please
to
priest
to
send
it
again.
A
Thank
you
and
we
have
support
of
instinct,
relies
enjoyment
in
press
key
and
the
SME
integrate
with
risky.
That's.
That
session
starts
this
afternoon.
One
half
okay!
When
given
the
last
four
years,
when
the
workgroup
already
produce
only
two
RFA's
but
I
will
actually
finish
five
documents,
another
sway
you're
sitting
in
the
rock
for
the
Miss
ref,
but
hopefully
we
have
the
CD
DL
Cooper
already
in
the
RFC
I
believe
and
the
ACP.
We
hope
to
face
it
this
last
meeting
and
get
it
in
the
ice
before.
Oh,
that's
already
iest,
but
yeah
yeah.
A
D
A
C
C
Effectively,
I
didn't
receive
replies
for
that
since
last
week
and
since
then,
I've
been
working
to
get
/,
20
posted,
which
I
did
yesterday,
and
the
reason
was
that
a
the
the
reviews.
You
know
it's
a
very
large
document
right.
So
basically
what
we
miss
a
number
of
documents.
We
have
a
number
of
pages
between
brewski
and
ACP
document
and
so
and
effectively
one
ad
had
to
taste
and
in
four
to
80s,
because
Eric
rest
collars
term
expired
also
between
104
and
105,
so
basically
been
had
to
jump
into.
C
C
He
was
also
moving,
so
that
was
basically
why
I
took
the
three-month
between
104
and
105
to
get
all
the
feedback
that
was
done
with
at
the
idea
of
104
with
19
into
you
know
back
to
me
last
week
and
and
and
I
rested
now,
so
there
is
also
kind
of
the
oversight
somewhere
between
me
and
Elissa.
In
terms
of
Alyssa's
feedback
is
the
only
other
outstanding
discuss
on
the
iesg
and
that
was
actually
closed
in
August
last
year.
C
So
in
summary,
I
think
the
outstanding
issues
are
to
discuss
from
Ben.
One
is
about
the
encoding
of
the
ACP
domain
information
in
the
certificate
and
the
second
one
is
about
details
of
the
security
profiles
of
the
different
protocols
and
that's
what
we're
going
to
talk
about
in
the
end
of
the
presentation.
I
quickly
wanted
to
go
through
the
changes
that
were
done
between
19
and
20,
that
I
hope
are
unconscious,
but
interesting
and
not
the
hundred
others
that
are
on
contentious
and
non
interesting.
C
C
But
rather
it
really
depends
on
each
individual
Association
protocol
because
depends
on
proof
of
ownership,
which
is
a
process
done
by
the
security
Association
product
called.
So
that's
basically
referred
to.
There
is
more
specific
reference
to
the
certificate
chain,
verification
which
is
actually
defined
in
50
to
80.
C
Why
do
we
need?
Actually,
you
know
to
be
able
to
identify
the
est
server
as
a
valid
est
server,
and
if
so,
how
do
we
do
it?
So
70/30
was
asking
to
do
this
by
having
est
servers,
have
the
ID,
KPC
and
CRA
extended
attribute
in
the
certificate,
and
so
that
is
also
now
required
here
for
EST
servers
in
the
ACP.
B
They
work
for
lawyers,
but
because
people
that
jacket
are
applying
implementations
and
people
that
don't
check
it
can
do
whatever
they
want
and
they
can
always
do
whatever
they
want.
And
you
know,
legal
stuff
won't
change
whether
they
do
it
or
not,
I'm
putting
the
bit.
There
won't
change
whether
they
do
it
or
not,
but
the
intention
of
the
CM
CRA
I
think
you
could
get
it
right,
it's
it's
so
that
you
know
that
you
are
speaking
to
a
representative
who
can
actually
enroll
you
in
that
specific
that
specific
CA
well.
B
B
Rc
70/30
says
like
you:
will
have
that
and
5280
says
something
about
it.
I
think
and
that's
you
have
it
it's
a
bit
of
no
enemies.
It's
not.
If
you
are
using
open
SSL,
that's
not
one
of
the
IDs
which
is
predefined.
I've.
Had
you
add
it
and
it's
an
added
in
a
way
that
you,
you
just
need
a
source
code
update
to
do
it
so
is
annoying
front.
But
that's
what
the
spec
says.
It's
right.
B
C
I
mean
I
think
the
attack
is
that
at
some
point
in
time
a
client
figures
out
that
the
trust
anchor
certificates
are
expiring,
so
he's
renewing
the
trust
anchors
and
if
then,
he
gets
randomly
to
some
attacking
est
server
on
the
ACP.
Some
you
know
sitting
nowhere
IOT
device
that
has
been
intruded.
How
do
you
prohibit
that.
B
C
B
B
C
I
was
coming
trying
to
come
up
with
the
best
possible
explanation
why
it
really
makes
sense
to
add
exactly
that
type
of
code
that
you
were
saying
so
and
if
that's
actually,
you
know
if
nobody
can
come
up
with
a
good
reason.
I'd,
rather,
you
know,
go
against
what
you
know.
The
isg
review
said
and
stick
to
to
simpler
software,
but
basically
we'll
need
to
be
sure
that
really
it
is
not
clear
that
there
is
actually
any
attack
vector
that
it
prevents
okay,
so
right,
so
what?
C
C
So
there
is
a
new
section
as
part
of
the
security
review
to
talk
in
general
about
the
security
Association
product
called
requirements
independent
of
what
they
are
especially
important
for
somebody
who
writes
a
follow-up,
a
security
profile
with
existing
protocols
or
new
protocols.
So,
first
of
all,
I
think
this
is
finally
the
right
place
to
have
the
every
statement
that
we
don't
need
Network
wide
MTI,
because
this
is
all
hop-by-hop.
C
One
is
the
one
that
we
haven't
done.
Work
for,
that
would
be
follow-up.
Work
is
if
we
have
something
like
Wi-Fi
Mexico
or
something
that
at
layer,
2
has
very
strong
encryption,
and
at
that
point
in
time
we
would
only
need
to
figure
out
a
secure
Association
for
the
ACP
that
leverages
that
accordingly
and
also
does
ACP,
you
know
authentication
as
a
valid
ACP
member
and
the
other.
One,
of
course
is
when
we
have
strong
physical
security
within
a
data
center
in
the
NOC.
C
That's
obviously
what
we've
defined
is
if
we
connect
for,
but
this
text
also
now
gives
some
good
reasons
beyond
the
fact
that
you
won't
have
strong
physical
security
outside
of
those
constraint
places,
but
also
that
you
can
never
do
this.
Auto
configuring
fully
this
strong
physical
security,
that's
something
that
really
needs
to
be
defined
by
policy,
and
that
really
makes
it
not
really
very
useful
in
general.
C
So
this
is
just
a
workaround
really
so
then
there
was
a
section
about
ripple
routing
to
unknown
destinations,
which,
basically
is,
is
a
function
on
the
ripple
route
to
discover
wrong
traffic,
and
that
was
one
of
been
discussed.
This
point
otherwise
I
thought
it
was
very
simple
to
resolve.
So,
given
how
we're
trying
to
have
no
new
forwarding
plane
requirements
routes
would
have
this
requirement.
C
We
have
this
diagnostic,
so
I
wrote
up
a
paragraph
that
says
that
you
know
devices
that
can't
have
more
intelligent
functions
like
not
being
a
registrar
not
being
able
to
have
ACP
connect
and
not
allowing
you
to
configure
the
route
at
all.
Those
would
be
devices
that
don't
have
the
requirement,
because
whenever
those
devices
would
become
the
actual
route
of
a
network,
then
all
the
more
intelligent
devices
are
already
gone,
and
you
know
Diagnostics
isn't
really
possible
anymore,
because
the
network
can't
be
reached
from
the
outside.
C
You
know
credentials
to
have
registrar's
connected
to
the
mass
and
that
typically
makes
it
a
lot
easier
for
identity
theft,
for
people
to
basically
claim
oh
and
this
organization
getting
access
to
the
masa
and
then
basically,
of
course,
being
able
to
attack
you
from
really
what
you
know.
Masa
would
consider
valid
certificates.
So
that's
now
in
their
text,
so
then
yeah
more
text
about
a
CP
configuration
as
one
of
the
you
know,
hopefully
also
very
simple.
You
know
you
just
configure
one
command
and
then
you
can
attach
in
the
NOC
devices
to
it.
C
Should
likely
so
then
there's
the
section
a8,
which
was
talking
about
the
general
purpose,
way
to
negotiate
across
incompatible
security
associations
more
intelligently
with
you
know
something
how
to
how
do
you
negotiate
between
DTLS
and
IPSec?
If
you
do
both
and
you
have
certain
desires,
so
that
was
a
very
convoluted
thing
and
we
decided
already
much
earlier
that
that
was
too
far
out
that
we
ever
wanted
to
do
this
at
our
at
this
point
in
time.
C
So
the
an
output
nodes
for
the
RFC
editor
in
there
so
that
it's
not
going
to
be
included
in
publish
means
I
want
to
have
all
these.
You
know
far
out
thing,
at
least
in
the
last
version
of
the
draft,
because
when
people
go
back
and
look
at
the
history
of
the
stuff,
that
makes
it
a
lot
easier,
but
that's
gone
and
finally,
some
Diagnostics.
C
So
noting
that
the
idea
of
ID,
maybe
more
insecurity
so
did
I,
oops
I,
think
I
forgot
to
mention
what
was
it
so
then,
basically
Michael
in
January
had
provided
really
nice
text
to
improve
the
way
that
the
ACP
addressing
in
with
the
V
long,
where
we
have
so
many
bits
gets
expressed.
So
basically
he
introduced,
you
know
just
there
is
no
encoding
change
at
all.
It's
just.
You
know
this
bit.
That
decides
whether
this
field
is
8
or
16
long.
You
have
given
it.
C
C
C
Summarized
it's
something
like
you
know:
ACP
RFC
number,
plus
the
ACP
address,
plus
some
options
at
the
ACP
domain,
and
so
there
are
a
lot
of
reasons
cited.
Why
we
think
this
is
a
good
thing.
Backward
compatibility
is
of
coding,
new-new
asn.1,
so
especially
I
was.
You
know,
worried
about
that.
You
know
whenever
I'm
doing
Diagnostics,
even
existing
programs
could
show
you
the
ACP
address
information
without
having
to
be
revved
up.
C
So
then
Ben's
discuss
was
that
he
was
suggesting
to
use
a
new
other
name,
encoding
point
for
the
IANA
and
proposed
to
one
of
binary
encoding,
so
meaning
no
asn.1
structure.
So
my
thinking
and
that's
what
I
sent
back
to
him
and
that's
what
I'd
love
to
see
more
feedback
from
the
working
group
as
well,
so
I
think
we
do
always
need
a
human
readable.
Knock
bet
end
to
a
processable
string
as
a
standard
representation.
So
why
do
we
need
two
different
standard
presentations?
And
so
something
like
local
at
domain?
C
B
C
B
So
that's
actually
the
part
that
should
that's
kind
of
fragile,
annoying
figuring
out
how
to
encode
it
completely
irrelevant.
Okay,
there
are
no
libraries
and
all
I
don't
hear
otherwise,
which
return
CSR
attributes
might
have
to
hand
coded
in
the
instead
one
I'm
using
a
said
one
primitives
regardless.
So
that
part
doesn't
matter
anything.
You
like
it's
going
to
be
equally
hard,
even
if
it's
RFC
22
knee
equally
hard
and
the
CSR
adjoining
side
of
things
right:
okay,
on
the
other
side,
I'm,
just
thinking,
okay,
on
the
other
side
of
things.
B
So
then
the
the
the
CAA
has
to
then
process
the
CSR
where
in
the
asses
there
are
some
issues
with
getting
things
in
and
out,
but
I
would
say:
they're
not
really
a
lot
worse
or
better.
In
my
experience,
but
there
are
other
CA
software
you
are.
Writing
probably
has
as
much
harder
to
change
and
much
harder
to
update,
particularly
if
it's
out
ported
I,
don't
know
if
you
saw
I
missed
it
yesterday
morning,
Kathleen
Moriarty.
B
No,
so
she
hasn't
a
document
on
acne
integration
for
the
registrar.
So
the
situation
where
the
RA
or
the
registrar
is
using
Acme
to
get
certificate
from
a
CA
and
what
happens
RFC
22
name
is
completely
supported
and
it's
a
must
for
that,
whereas
other
other
name
kind
of
things
are
probably
far
less
supportive.
So
that's
probably
outside
of
our
space
of
work.
You
put
a
CSR
for
anything.
B
You,
like
just
the
Acme
guy
at
the
other
end,
isn't
going
to
deal
with
the
specialized
thing
for
us,
so
I
think
your
argument
is
correct
that
we
need
to
stick
with
with
well
known
stuff,
because
that
stuff
is
hard
after
the
human
readable
nests
of
it.
None
of
it
is
particularly
human,
readable
all
over
cars
and
asn.1
decoder
to
see
so,
if
you
think
about
it
that
way
right!
Yes,
there
are
you
eyes
that
show
you
RFC
22
names,
but
they're,
not
human,
readable
I
can't
read
that
certificate
easily,
with
with
with
more
command.
B
It
still
becomes,
it
still
becomes
very
at
that
level,
it's
very
as
a
care.
If
you're
at
that
level
of
doing
things,
then
it's
you
and
me
and
three
other
people
in
the
room
doing
it
anyway.
Okay,
everyone
else
needs
a
piece
of
software
to
see
the
artist
28:20
2d
as
well
as
they
would
for
any
other.
Well.
C
I
was
actually
looking
at
out.
You
know
what
you
know:
a
pre
standard
implementation
of
the
white
list,
which
is
just
the
list
of
identifies.
Then
you
have
the
strings.
They
also
nicely.
You
know
whatever
ipv6
address
at
my
domain
right,
so
I
think
there.
There
are
a
lot
of
you
know,
operational
processes
where
I
think
this
really
does
get
read
by
humans.
B
I
do
that
I
will
see.
I
will
see
the
the
the
I
will
see
it
sure,
pointing
to
name
on
my
screen
and
I
will
see
other
names
and
a
ski
on
my
screen,
both
of
them
in
the
middle
of
a
blob
of
garbage
right.
What
is
it
equally?
Well,
you
can
see
them
that
that
way
to
get
anything
more
complicated
than
that
you
need
to
have
software.
It
knows,
what's
going
on
and
I'm
saying
this
probably
as
easy
to
do
other
neat
printing
as
it
is,
but.
B
C
B
B
It's
human
readable.
The
argument
is
certification.
Authorities
are
conservative
in
what
they'll
process
and
it's
hard
it's
very
hard
to
get
them
to
doing
things.
So
if
your
registrar
does
not
have
a
built-in
certificate
authority,
it's
gonna
be
the
case
for
most
people's
code.
Then
then
it's
it's
a
problem.
If
you
are
coding
a
certificate
authority,
it's
probably
as
easy
to
do:
RFC,
22,
Nemeth
or
other
name
anyway.
They
tend
that
they
both
require
coding
expression
on
the
CSR
attribute
side
of
things.
Okay,
okay,.
C
C
C
No
restrain
it
would
contain
the
same
string,
but
we
can
now
relax
the
string.
That's
my
proposal
right.
We
can
relax
the
string
insofar
as
that
we're
not
limited
to
64
bytes
on
the
local
part
when
we
start
having
more
options
right,
but
I
would
keep
the
string
because
I
like
really
the
string
encoding
as
making
really
easy
for
human
readability.
B
C
B
C
Is
fine?
We
what
we
can
take
we'll
take
this
to
the
list
of
busy,
so
now
the
security
profiles,
so
they're
kind
of
you
know
so.
Basically,
all
the
security
profiles
stuff
has
been
improved
and
redone,
so
generic
ACP
certificate
requirements
right
must
be
compliant
with
50
to
80.
Obviously,
the
minimum
fields
required
are
those
required
by
the
domain
membership
check.
C
Anything
beyond
that
is
whatever
the
operator
wants
to
use
the
certificate
for,
in
addition
to
the
ACP
membership
check,
and
it
would
for
Diagnostics,
it
would
be
lovely
to
copy
the
IDF
ID
identifiers
of
a
device,
but
of
course
it's
a
privacy
risk
and
then
the
stuff
crypto.
So
the
choice
is
here
now
if
I've
tried
to
come
up
with
something,
so
this
is
basically
exactly
for
review.
C
So
now
the
question
is
what
crypto
parameters
on
this
purely
on
the
certificate
side
are
missing
right.
So
obviously
the
minimum
signing
links
whatever
recommendation.
You
know
people
shout
in
the
room,
I'll
take
as
default
and
then
go
with
it
or
I
mean
asking
Ben
and
the
others.
So
basically
there
there
some
of
these
documents
here,
where
I'm
going
to
reach
out
to
other
people.
That,
hopefully,
can
give
me
more
answer.
There
is
some
somewhat
of
a
complaint
here,
even
though
I
have
the
no
whining
sticker
here.
C
I
haven't
really
found
a
good
RFC,
for
you
know,
basic
certificate
requirements
and
I
found
the
good
RFC
for
ikely
two
requirements
for
inter
ability,
but
even
that
says
cryptographic
recommendations
for
certificates
are
out
of
scope
of
the
document.
Pkix
community
will
do
with
it.
So
obviously
you
can't
build
into
our
operating
actually
two
implementations.
If
you
don't
have
you
know,
interoperating
certificates,
so
I
wondering
why
they
were
able
to
lay
them
out
on
that
one
without
a
reference.
B
Certification
authorities
do
what
they
do
and
they
do
it
with
minimal
kind
of
respect
for
what
we
tell
them.
Okay,
the
the
unless
your
mozilla
person
or
a
Google
person
and
can't
read
them
a
right
act
as
to
whether
what
you're
going
to
support
in
your
browser
next
week,
they
are
doing
what
they
do,
which
is
2048
bit
RSA,
which
is
and
then
256
bit
ECDSA
with
the
set
P
256.
There's
a
K
or
a
1.
I
can't
remember
that:
that's
what
they
that's,
what
they
do
right
now
in
the
web
browser
space.
B
C
B
B
C
So,
basically,
now
the
two
references
for
the
recommendations
from
end
of
2017
8:22,
one
and
eight
two
four
seven
are
in
there.
Luckily
I
found
them.
Nobody
pointed
me
to
them,
so
in
IPSec
it
stripped
down
to
just
one
security
profile,
which
was
chosen
because
it's
the
best
performant
one.
We
really
don't
need
backward
compatibility,
given
how
there's
a
new
implementation
likely
to
no
stripping
down
it's
just
software
and
we
obviously
can
add
more
IOT
profiles
for
those
links
later
on,
because
it's
hope,
I
hope.
We
don't
need
an
MPI.
C
So,
on
the
crypto
side
in
the
signaling
IP
2,
we
must
use
the
full
certificates
because
we
need
the
ACP
information.
So
that's
pkcs7,
ret
x.509
certificate
must
have
all
the
intermediate
serves
in
the
chain
and
the
proposed
ipsec
profile
is
AES.
Gcm
16
know
now
encryption
and
obviously
may
support
any
more
crypto
profiles
that
are
not
of
lower
security.
So
now
the
question
is
what
crypto
parameters
are
missing
from
the
specification
so
now
I'm
going
to
reach
out
to
the
folks
who
wrote
these
two
profiles
to
tell
me
if
I
was
actually
missing.
C
C
Then
we've
got
as
the
final
one
TLS
as
used
end-to-end
within
the
ACP
and
the
normative
reference
for
that
is,
of
course,
the
use
by
a
grasp
itself,
but
any
other
protocol
across
the
ACP.
That's
newly
built
should
obviously
also
use
TLS
and
there's
obviously
an
interesting
issue.
When
we
bring
in
IOT
device
that
don't
want
to
do
TCP,
then
we
need
to
create
more
MTI,
not
only
TLS,
but
you
know,
server
devices
would
need
to
support.
You
know
some
secure
app
in
addition
to
TLS.
C
So
this
is
the
ongoing
discuss
with
Ben
what
security
profiles
to
demand
a
basically
recommended.
Three
I
was
thinking
of
the
middle
one,
but
then
he
was
also
saying
that
the
nature
of
the
RSA
EDC
s
key
size,
elliptic
curve.
So
basically
there
may
be
one
or
two
parameters
missing,
so
I
hope
I
can
resolve
these
things
very
quickly,
and
that
was
basically
it
and
then
was
just
an
hour.
All
the
time.
F
Okaythis
have
a
much
shorter,
I
hope
next
slide.
Just
the
quick
reminder.
What's
in
this
document
it,
it
really
is
the
I
guess.
I
color
is
pink.
It's
the
pink
bit
the
the
API
for
a
functional
library
for
calling
and
functions
the
grasp
core
from
an
autonomic
service
agent.
Next,
the
contents
of
the
turfed
I'm
not
going
to
go
through
it,
because
we've
had
this
discussion
before
in
a
different
room
or
possibly
even
in
the
same
room.
I
don't
know
it
goes
through
design
principles.
Some
comments
on
asynchronous
operations
because
grasp
is
an
asynchronous
protocol.
F
F
Don't
think
so,
because
I
think
we
need
experience,
we
need
people
to
write
api's
for
various
operating
systems
and
languages,
and
you
see
if
we
can
extract
the
standard
practice
from
them
and,
of
course,
the
way
I
designed
this
API,
because
I
designed
it
suits
my
programming
style
and
other
people
might
want
to
do
it
differently.
So
I
think
we
need
to
get
something
out
into
the
field
and
then
be
prepared
for
feedback
on
it
in
a
year
or
two.
So
next
slide,
please.
F
F
Haven't
received
a
complete
review
from
anybody,
but
it's
one
of
the
things
you
do
in
working
group
law
school
there
were
there
were.
There
were
comments
at
an
earlier
stage
and
since
then
you
know,
we've
responded
to
comments
and
hadn't
received
further
comments.
Even
despite
asking
the
list
for
comments,
so
you
know
either
people
don't
think
we
should
do
this
job
or
we
should
try
and
provoke
some
for
some
reviews.
A
F
F
A
A
A
A
A
And
we
actually
reach
the
convergence
before
the
IDF
103rd
and
we
have
submitted
that
to
iest
review
and
later
last
year.
November
in
since
then
we
have
eight
update
rushing
already
and
the
latest
one
was
proposed
earlier
this
month,
and
it's
supposed
has
you
know
calling
all
the
discussing
we
hear
from
iest
rads,
actually
I.
Believe
we
clean
all
the
blocks
this
morning.
A
So
that's
going
way
off
for
iest
now,
which
I
will
show
you
later
and
we
hopefully
go
for
the
external
review
and
first
go
for
IB
and
then
later
for
the
IDF
meninist
for
wider
comments,
but
at
actually
means
we
will
not
get
the
our
new
header
in
this
month,
maybe
sometime
next
month.
So
even
those
drafts
we
had
learned
in
the
new
chatter
as
milestone
had
to
be
weighed
and
accuracy
of
them
will
present.
C
A
Laughter,
the
major
point
we
received
during
those
discussing
is
the
idea,
particularly
the
ISD
ATandT,
want
us
to.
You
know
flood
our
working
group,
and
we
should
currently
whatever
the
working
group
adopt.
It
should
be
delivery.
Us,
you
know
a
complete
object
in
time,
so
not
a
next
page.
Actually
there
is
a
wiki,
you
know
everybody
could
check
it
and.
C
C
A
I
plan
to
do
that,
so
this
is
that
what
you
know,
whey
proteins,
a
for
the
primary
milestone,
and
actually
we
pick
up
one
from
each
error
we
identified
for
the
working
group
that
doesn't
mean
you
know.
We
were
only
works
on
those
crafts.
That
only
means
those
crafts.
Here's
a
mature
situation
up
to
now
too
first
and
the
church
will
manage.
The
rest
depends
on
you
know
how
fast
those
drafts
coming
out
of
the
working
group,
because,
as
I
said,
we
don't
want
to
you
know
either
block
our
new
work,
all
get.
A
Constant
water
already
being
working
group
document
and
constant
joint
proxy
will
be
present
this
afternoon
and
three
of
them.
We
would
like
to
hear
you
know
how
the
weather
the
working
group
supports
the
autopsy,
but
we
weren't
talking
at
this
meeting.
It
has
to
wait
for
the
new
charter.
Basically,
that's
it
any
questions,
suggestions
once
twice:
okay,
let's
move.
G
G
So
the
idea
of
this
draft
is
to
present
a
use
case
that
we
have
that
where
we
we
believe
that
the
stuff
that
animal
is
doing
may
be
helpful
for
us,
so
I'm
kind
of
new
to
anima,
so
maybe
I
will
there
may
be
some
assumptions
from
our
side
that
are
incorrect.
So
please
don't
be
sad
on
with
me,
but
this
is
the
already
able
to
to
see
whether
anima
can
or
specifically,
rats
can
can
be
helpful
in
for
the
use
case
that
we
have.
So
the
motivation
is
basically
we.
G
We
are
working
in
several
points
on
what
we
call
for
computing.
So
basically,
it's
visualization
push
the
world
toward
eh,
where
we
have
like
very
volatile
environments
is
not
like
a
data
center
because
we
may
have
resources
on
mobile
phones.
Access
points
base
stations,
cars,
this
kind
of
very
heterogeneous
and
volatile
environment,
and
on
that
we
are
basically
working
on
neutralization
approaches
and
use
cases
that
may
benefit
or
use
those
those
resources
in
this
very
kind
of
dynamic
environment.
G
G
Ok,
so
this
is
the
one
potential
scenario
that
we
are
talking
tackling
in
in
this
place.
Basically,
we
have
like
different
fog
notes,
basically,
resources
where
we
can
put
functions
in
like
an
NSF,
see
kind
of
way
and
this
function.
For
example,
we
have
a
chain
of
f1
and
f2
may
be
running
on
on
this
fog,
node,
B
and
I'm
out
a
initially
for
example,
and
then
fog
node
a
is
moving
away
and
we
need
to
move
the
function
that
is
running
a
fog,
not
a
function,
one
to
a
different
resource.
Fog
no
see.
So.
G
Basically,
this
with
current
orchestration
mechanisms
is
hard
to
do,
because
it's
very
much
reactive
kind
of
thing,
and
we
believe
that
we
we
need
some
kind
of
more
predictive
things
in
order
to
be
able
to
cope
with
this.
So
basically
we
have
we
call
for
resource
information
platform,
so
something
that
allows
to
get
more
dynamic,
more
up-to-date
events
from
the
resources
and
to
also
be
able
to
predict
stuff
and
be
able
to
trigger
event.
So.
A
A
G
Maybe
an
end
user
device
so,
for
example,
the
mobile
it
may
be
device
in
the
in
the
network.
It
may
be
a
device
at
the
edge
of
the
network
like
an
access
point,
so
I
mean
in
the
draft.
There
are
more
definitions
about
what
we
we
mean
by
a
node
and
maybe
also
references
to
I'm
sure
the
reference
to
the
place
where
we
are
doing
these
things.
But
it's
a
it's.
A
generic
concept
I
agree
that
it's
like
resources
going
beyond
the
classical
data
center.
G
G
A
G
For
example,
my
written
a
function
to
a
different
note
or
a
scaling
of
the
resources
that
are
associated
to
are
allocated
to
one
function,
these
kind
of
things,
so
this
is
basically
kind
of
the
the
overall
a
scenario
oops
this
one.
Thank
you.
So
we
have
the
different
notes
where
we
may
have
have
been
talking
about
HT,
NFV
terminology
and
in
some
of
them
in
this
case,
in
all
of
them
we
have
this
fog
agent
and
there
will
be
a
controller
in
the
infrastructure.
G
So
basically,
what
we
want
to
use
anima
for
and
in
my
stuff
class
in
this
case,
is
to
basically
bootstrap
discover
all
these
folk
agents
make
the
connection
or
the
association
between
these
folk
agents
and
the
fog
monitoring
controller,
add
infrastructure.
So
this
is
basically
what
we
are
aiming
at.
I
will
not
go
into
all
the
details,
but
we
have
some
dioramas
in
the
in
the
draft
how
this
fog
nose
may
both
trapped.
The
fog
agents
may
discover
that
there
is
a
controller.
G
They
may
change
different
information
on
the
capabilities
of
these
four
gauges
and
based
on
that,
we
may
have
association
between
the
controller
and
the
four
gates.
These
are
simple
scenario
and
maybe
multiple
controllers
and
maybe
multiple
associations.
All
these
kind
of
things
are
at
least
introducing
the
in
the
current
version
of
the
of
the
draft.
So
we
try
to
analyze
how
we
can
use
glass
for
this,
and
we
already
discuss
mechanisms
or
dissolution
this.
G
My
goal
was
to
basically
introduce
this
use
case
that
I
guess
it's
a
bit
different
from
what
we
have
been
discussing
in
anima
lately
and
to
see
there
are
people
that
may
be
potentially
interested
in
this.
We
have
a
ready
code
for
staff
based
on
the
visualization
working,
and
we
want
to
start
doing
things
with
using
rasp
for
this.
This
is
not
yet
there,
but
if
people
are
interested
in
in
this,
please
say
that
in
the
mailing
list
or
contact
me,
offline
and
I
will
be
very
much
happy
to
to
collaborate.
G
G
Well,
this
is
something
that
we
wanna,
we
wanna
investigate
and
we
wanna
try.
So
we
have
focused
on
the
discovery
part,
and
we
believe
that
this
may
be
useful,
but
this
is
good
feedback
to
to
see
how
to
understand
and
we
will
need
to
implement
the
stuff
and
test
and
see
how
it
works.
But
this
is
part
of
ongoing
exercise.
F
Today
the
thing
about
UDP
for
non
discovery
and
non
flooding,
thoughts,
Trust
is
the
you
know.
We
hit
the
problem.
The
UDP
is
an
unreliable
protocol.
There
are
two
ways
to
fix
that
one
is
to
put
the
reliability
into
grass
breeches
horrible
thing
to
do.
The
other
is
to
require
that
any
operations
using
it
would
be
basically
doing
it
important
operations.
So
if
something
does
fails,
you
just
repeat
it,
which
is
quite
a
tight
constraint
on
the
application.
So
it's
an
area
where
we
actually
need
some
feedback
before
we
do
any
workout
Tallis.
C
C
G
Yeah
I
think
we
I
mean
there
are
some
additional
details
in
the
in
the
draft,
but
we
can
definitely
work
on
on
that
and
try
to
to
provide
more
more
stuff.
Yeah
I
mean
this
was
just
starting
draft
to
present
this,
but
definitely
there
are
many
things
that
needs
to
be
to
be
a
leader.
So
if
basically
I
think
that
there
are
some
people
interesting,
so
we
can
discuss
offline
and
and
then
we
will
try
to
put
more
meat
on
on
the
draft.
Okay,
thanks.
D
H
H
The
previous
one,
thank
you
yeah.
This
is
a
brief
reminder
of
what
is
the
crafter
doing.
We
propose
several
functions
which
could
be
considered
as
infrastructure.
Isis
is
actually
a
skill
within
the
United.
Nations
are
selectively
riding,
which
is
a
optimization
to
the
current
flood
of
grasp,
and
the
other
tool
is
a
more
sophistication
to
the
even
Q
messaging
and
distributed
data
storage,
and
we
know
in
order
to
support
the
new
functions
we
need
the
cross
to
be
extended,
so
we
propose
some
update
to
add
some
new
message
and
the
answer.
H
H
Next,
please
yeah,
that's
basically
the
update
so
for
the
cross
distribution.
The
most
sophisticated
is
actually
hiding
within
the
modules,
rather
than
very
sophisticated
expansion
to
current
either
API,
or
course,
messages.
So
in
standardization
perspective
it
is
fairly
fairly
easy,
nothing
very
difficult
to
do.
C
E
F
F
Anyway,
this
is
just
a
reminder
of
what's
in
the
drafts,
I,
don't
think,
there's
much
point
in
having
substantive
discussion
and
until
we
can
officially
put
them
into
the
Charter
put
them
into
the
milestones.
This
one
still
needs
work.
Nobody
is
saying
that
it's
ready
for
publication
or
anything
but
I
believe
the
under
the
new
charter.
This
would
be
very,
very
suitable
candidate
for
adoption,
so
it
still
has
the
same
contents
as
it
did
last
time
describes
the
logical
structure
of
an
autonomic
service
agent,
how
it
interacts
with
the
autonomic
infrastructure.
F
F
Then
a
discussion
on
the
lifecycle
is
used
since
autonomic
Service
agents
are
pieces
of
code
that
are
very
likely
to
be
installed
dynamically
and
an
updated
dynamically
on
a
working
system.
The
problem
that
Laura
raised
a
long
time
ago,
which
may
of
course
in
the
end
news
its
own
draft
I
of
coordination
when
you
have
autonomic
service
agents
that
are
both
interfering
with
the
same
bits
of
configuration,
if
you
like,
so
you
have
to
make
sure
that
they
don't
fight
each
other.
F
Now
those
are
the
main
topics,
and
you
know
the
question
I
got
asked
hypothetically,
since
we
can't
ask
it
until
the
new
charter
is
in
place,
is
whether
the
working
group
is
ready
to
adopt
this
work,
which
doesn't
imply,
of
course,
that
you
agree
with
what
it
says.
That
implies
that
you
think
the
subject
matter
is
something
the
working
group
should
work
on.
D
A
A
J
In
fact,
the
the
point
in
the
draft
or
the
lifecycle
and
coordination
was
just
to
highlight
important
aspect,
considering
the
guidelines
I
hope
to
go
into
all
the
details
that
will
be
covered
by
the
potential
draft
on
lifecycle.
And,
yes,
we
believe
it's
important
that
this
is
in
this
draft
heat
at
morehouse
pointers,
laughs,.
A
F
So
again,
if,
if,
if
the
life
cycle
and
coordination
material
is
covered
in
other
drafts,
we
would
have
to
adapt
the
text
in
this
draft.
You
know
due
to
not
you
know,
to
not
cause
difficulties
with
the
dedicated
drafts,
but
at
the
moment
we
can't
do
that,
of
course,
because
there
aren't
any
such
drafts
so
anyway,
I
basically
I
would
encourage
people
to
read
this
because
it.
A
F
F
So
this
discusses
use
cases
for
boat
transfer
in
an
autonomic
Network,
some
of
the
use
cases
there
are
probably
others.
It
discusses
a
general
method
for
doing
bulk
transfer
inefficiently,
I
have
to
say
intentionally,
it's
inefficient.
If
you
like
using
grasp.
This
cross
was
not
designed
as
a
bulk
transfer
protocol,
and
it
gives
a
worked
out
example
of
how
to
do
it
for
an
elementary
file
transfer,
and
it
doesn't
make
the
point
that
if
there
is
an
existing
boat
transfer
mechanism,
you
know
that
is
more
appropriate
for
an
application.
F
B
F
Specifically,
the
question
is
why
we
need
to
do
it
and
are
happy
to
do
it
in
a
somewhat.
You
know
inefficient
way.
Rather
than
using
you
know,
a
well-known
file,
transfer
protocol
or
file
sharing
protocol.
You
know,
I
I,
agree,
I
mean
I,
don't
see
any
urgency
in
this,
although
I
do
actually
use
it
when
I
want
to
transfer
files
on
my
desk
Queen.
F
My
Linux
box
in
my
windows
box
I
do
actually
use
this
now
running
code
and
I,
use
it
quicker
than
you're
putting
files
somewhere
else
and
bringing
them
back
or
whatever
the
other
alternatives
might
be.
So
it
works,
but
I
agree,
I,
don't
think
it's
urgent
and
if
you
say,
if
you're
asking
answering
my
question
by
saying
not
yet
to
the
adoption
question,
I
I,
don't
care
about
that.
That's
fine.
A
F
Exactly,
but
you
know,
I
could
imagine
a
context
where
you
might
have
very
where
you're
trying
to
minimize
the
amount
of
software
you
after
load
in
your
in
your
target
system,
and
this
might
be
a
cheaper
way.
You
know,
of
achieving
low
low
urgency
well
transfer
than
cheaper
in
terms
of
footprint
right
so
III
wouldn't
say
we
should
exclude
it
as
a
use
case,
but
I
agree.
It's
certainly
not
important
to
to
push
it
to
first.
F
F
F
F
So
video,
of
course,
is
that
grass
doesn't
have
it's
in
intrinsic
security,
so
it
must
run
over
a
secured
ACP
substrate,
which
should
be
isolated
from
the
normal
user
data
plane
traffic,
and
we
had
a
very,
very,
very
long
argument
with
Erica
schooler
before
we
got
grasped
through
the
isg,
and
that
basically
was
a
very
strong
must
in
the
in
the
document
that
resulted
now.
The
regular
ACP
constructed
at
layer
3
is
complex
and
I.
F
Don't
think
that
even
even
tell
us
what
disagree
with
that
statement
and
it's
aimed
at
large
networks
since
clearly
we're
not
going
to
do
things
like
running
running
ripple
over
and
building
a
complete
vrf
environment
and
so
on,
except
in
a
reasonably
complex,
large
network.
So
we
think
there
are
scenarios
where
a
layer,
2
solution
could
be
used.
You
know,
for
example,
a
small
enterprise
which
is
all
in
one
building
or
spread
across
a
couple
of
buildings,
but
it's
large
enough
that
they
want
an
autonomic
network,
probably
cuz.
F
They
don't
want
to
pay
the
crew
of
geeks
to
run
their
network
they'd.
Rather
the
network
ran
itself
or
an
enterprise
which
prefers
to
segment
its
network
into
small
units
for
management,
and
there
are
a
lot
of
enterprise
networks
that
do
that.
You
know
because
it's
the
simplest
way
to
think
about
security
is
to
have
lots
of
little
pieces
and
keep
each
one
secure.
If
you
decided
to
do
that,
you
might
prefer
to
build
your
ACP
locally
on
each
of
those
pieces
of
the
network.
So
next,
please.
F
F
F
F
F
It
actually
isn't
a
very
difficult
requirement
because
it's
not
a
requirements
on
the
network
except
for
the
support
of
multicast,
which
doesn't
need
to
because
it's
level,
2
multicast
right
I
mean
you're,
not
saying
there
are
any
IP.
You
don't
tell
people,
they
have
to
buy
an
ipv6
router
for
this.
They
just
have
to
have
a
piece
of
wire
or
virtual
wire,
which
is
capable
of
carrying
ipv6
packets.
That's
not
a
that's,
not
actually
a
requirement.
It's
not
to
meet.
F
F
F
B
F
F
F
F
Ipv4,
it's
not
as
well
defined
and
nicely
defined
as
it
is
for
ipv6,
so
I
haven't
actually
thought
about
this
very
deeply.
F
C
C
Testing
question
is
just
what
you
use
for
the
lair
through
discovery
of
neighbors
yep,
which
obviously
cannot
be
tagged,
and
then
you
probably
also
don't
want
to
do
something
that
uses
existing
discovery
protocols
by
develop
your
city
because
they
may
be
blocked.
So
you
basically
need
a
layer
to
allocation.
Do
your
discovery,
which
could
be
later
to
grasp,
negotiate
a
v10
and
wonderful,
so
yeah.
You
know.
F
A
A
B
When
I
first
looked
through
it,
they
did
not
seem
to
have
a
key
management
protocol.
That
is
not
true
anymore,
but
the
proposal
initially
that
I
had
was
that
we
would
write
as
we're
running
and
the
ECP
were
running
like
overly
local
v6
addresses.
Okay,
that
we
would
propose
instead
of
ESP.
We
would
propose
max
act
as
another
option
and
that
we
would
key
it
that
way
and
that
it
would
be
effectively
transparent.
Some
links
might
mean
access
and
some
not
as
far
as
I,
remember
hope,
knapsack.
It
is
point-to-point.
B
B
B
B
Is
that
that
we
could
get
is
what
I'm
hearing
then
from
you
tell
me,
is
that
we
could
have
by
whether
we
used
the
the
I,
Triple,
E,
key
management,
algorithm
or
IP
to
the
point
is
that
we
would
wind
up
negotiating
a
point-to-point
set
of
tunnels,
one
of
which
VLANs
could
be
the
ACP.
The
other
ones
would
be
for
the
system,
but
that
what
we
would
need
is
the
additional
tag
is
the
VLAN
tag.
B
Okay
and
I
understand
it
that
it's
all
designed
inline
cards
to
run
at
their
line,
speed
and
that
they're
all
very
happy
about
that.
But
from
from
from
month
my
point
of
view
I,
don't
think
we
need
any
more
discovery.
I
think
that
we
can
do
it
all.
The
only
question
is
to
what
extent
I
don't
know
very
much
about
the
I
Tripoli's
key
management
protocol.
I
do
know
it
does
take
certificates
and
we
have
certificates
okay.
B
So
the
only
real
question
is,
you
know
we
might
want
to
put
something,
for
instance,
define
a
IP
to
attribute
that
says,
oh
by
the
way,
I
could
have
done
max
AK,
at
which
point
you
may
go
well.
Actually,
let's
start
again
with
max
sets
key
management
system
and
we'll
end
into
the
IP
okay.
That
may
be
the
right
answer,
but
given
that
you
have
to
follow
the
traffic,
that
may
not
be
something
that
everyone
wants
to
do
in
every
situation.
So
maybe
maybe
there
are
advantages
to
to
not
doing
it.
B
C
C
C
Help
for
that
right
so,
as
Michael
said,
the
key
difference
I
think
here
would
be
to
relying
on
a
pre-established
layer,
a
bridging
domain,
which
by
itself
is
insecure
and
can
break
right
because
on
the
existing
solution
of
the
ACP,
the
big
benefit
is
you
don't
rely
on
the
existing
bridging
stuff
to
work?
The
ACP
will
work
even
if
you're
bridging
breaks
and
this
your
solution.
F
C
So
I
think
those
are
kind
of
the
differences
I
think
could
be
put
in
there
and
then
yes,
I,
think
one
of
the
things
that
we
might
want
to
look
into
is
that
this
whole
thing
you
know
also
negotiating
a
layer
to
VLAN
and
then
trying
to
figure
out
how
to
secure
that
layer
to
layer
two.
So
maybe
you
know
catch
up
with
somebody
like
norm
fin.
There
are
a
few
later
to
experts
here
in
brainstorm.
C
L
L
L
So
if
you,
if
you
see
that
it's
a
layer,
two
Ethernet
connection
from
point
A
to
point
B,
it
very
well
might
be
that
it
is
implemented
of
some
other
packet
infrastructure
and
you
have
severe
restrictions
of
what
tag
values
you
can
use
it
does
it
cannot
assume
it
cannot
be
assumed
that
it
will
be
bi-directional.
It
cannot
be
assumed
that
you
will
be
able
to
send
multi-point
multi
destination
frames
in
the
same
way.
L
L
F
H
F
H
E
F
This
this
final
slide-
it's
probably
hardly
worth
discussing,
but
one
thing
we
need
to
do
in
the
engineering
of
this
is
to
make
sure
that
the
upper
layer,
which
is
grasped
and
the
lower
layer
which
is
the
ACP,
talk
to
each
other
in
a
reasonably
standardized
way,
so
that
you
know
we.
We
have
ACP
code
that
will
work
over
under
grasp
and
we
have
crossed
grow
their
work
over
ACP,
regardless
of
what
choices
are
made
in
the
on
the
two
sides
of
that
boundary.
B
There
may
be
two
separate
things
and
I,
don't
think
the
issue
of
what
are
the
addresses
is
the
issue
that
you
have.
The
issue
is:
what
is
your
apology
and,
and
we
actually
know
what
the
that
we
know
what
address
is
we've
allocated
to
the
what
you
LA's
we've
allocated
within
the
the
thing
because
they're
in
the
certificates?
F
C
C
F
F
In
my
mind,
you
know
the
ACP
that
you
are
currently
pushing
very
hard
for
thee
is
G,
is
very
complex,
right
and-
and
the
idea
here,
which
perhaps
wasn't
stated
clearly
enough
at
the
beginning-
is
to
try
and
have
something
simpler
for
simpler
scenarios.
If
we
can't
make
it
simpler,
then
there's
no
point
making
it
at
all
yeah.
But
that's.