►
From YouTube: IETF106-MATHMESH-20191118-1000
Description
MATHMESH meeting session at IETF106
2019/11/18 1000
https://datatracker.ietf.org/meeting/106/proceedings/
B
A
B
B
Anyone
have
any
additions
or
changes
they
want
to
make
to
the
agenda
going
once
going
twice
sold
then
oh
well,
this
is
the
first
or
second
time,
depending
on
what
you
into
yesterday
that
you've
seen
it.
It
will
not
be
the
last
it
can
it
used.
Okay,
this
will
not
be
the
last
time
you
see
it
so
read
it
now,
so
you
don't
have
to
read
it.
Wednesday
Thursday
Friday,
continued
I
can't
get
the
the
page
or
the
screen
size
thing
to
work.
So
all
right
and
then
Wes
had
a
few
notes
to
kick
off.
A
So
quick
couple
of
notes
on
how
today
is
gonna,
run
and
sort
of
the
purpose
of
this
Boff.
It's
gonna
start
with
a
number
of
presentations
by
Phil,
giving
sort
of
a
overview
of
the
math
mess
mathematical
mesh
technology
that
he's
bringing
to
the
ITF.
It
comes
from
a
much
larger
framework
than
he'll
be
presenting
today,
but
he
has
lots
of
information
on
that
outside
this
meeting
and
he's
starting
with
propose
starting
candidate
of
password
management,
which
you'll
go
into
a
bit
later.
A
The
goal
for
us
today
is
to
see
if
there
are
pieces
of
this
solution
that
are
of
interest
to
you,
regardless
of
whether
the
larger
framework
is,
you
know,
your
exact
need.
Are
there
pieces
that
might
work
in
other
working
groups
or
pieces
that
that
might
work
in
other
frameworks
within
the
ITF?
So
the
purpose
of
today
is
to
to
do
just
that.
What
is
attractable
to
the
IETF
work
and
assuming
that
there
is
interest
in
at
least
some
of
them?
A
So,
finally,
as
for
the
agenda,
the
flow
of
today
is
going
to
be
fairly
rigorous
on
the
clock
management
side
of
things
we're
going
to
keep
two
fairly
strict
times
in
terms
of
both
the
presentations
that
Phil's
going
to
give,
and
then
the
the
clarifying
questions.
Sections
do
note
that
the
five-minute
clarifying
questions
are
just
that.
We're
gonna
leave
discussion
for
a
good
bed
ugly.
A
C
Okay,
so
what
I
want
to
do
here
is
to
give
a
brief
introduction
to
what
the
mesh
is
about
and
what
problems
are
trying
to
solve.
For
those
of
you
who
have
long
flights,
we
also
have
a
video
version
of
the
complete
presentation,
seven
hours
of
them
and
those
you
can
download
from
the
math
mesh
site,
so
I'm
not
going
to
get
into
the
detail
technical
pieces
on
any
one
component
here.
C
Okay,
so
the
objective
of
the
mesh
is
to
make
computers
easier
to
use
by
making
them
more
secure.
So
the
first
thing
that
we
want
to
do
is
to
set
a
you
know.
We
want
to
stop
trying
to
do
good
enough
security
and
make
it
easy
for
the
user
to
do
things
and
also
get
security
as
a
byproduct,
and
so
the
first
thing
we're
going
to
do
is
Alice.
C
We
can
leave
that
so
and
then,
once
we've
done,
that
we're
going
to
use
that
framework
to
exchange
maintenance
messages
between
those
devices
that
we've
all
glued
together
and
that
will
allow
us
to
use
strong,
end-to-end
encryption
with
all
the
applications
Alice
uses,
as
if
Alice
had
one
super
device,
rather
than
a
whole
bunch
of
itty-bitty
devices,
separate
okay.
So
in
order
to
do
this,
we've
got
three
core
problems.
We
need
to
solve.
C
The
first
is,
we
need
to
provision
private
keys
to
all
the
devices,
so
every
device
is
going
to
have
a
set
of
private
keys
for
encryption
and
authentication
and
signature,
and
then
the
second
core
problem
is:
how
do
we
get
the
public
components
of
those
keys
to
where
we
need
it
to
be
in
order
to
establish
our
end-to-end
cryptography
and
our
data
at
rest,
a
cryptography
so
go
to
the
next
slide?
Oh
and
the
fact
that
the
third
problem
is
to
secure
data
at
rest.
C
So
today
security,
we
have
a
whole
bunch
of
siloed
applications
that
are
independent.
That
Alice
has
to
configure
on
each
of
her
machines
separately
and
the
configuration
can
be
a
real
hassle.
I
was
trying
to
secure
to
enable
s/mime
on
a
really
well-known
email
application.
It
took
me
15
minutes
to
do
that.
Configuration
and
I
know
what
I'm
doing.
C
C
You
can
decide
to
do
any
two.
You
can
decide
to
do
all
three.
If
you
want
to
do
the
green
box,
you
have
to
do
all
the
blue
boxes
because
there
are
dependencies.
So
if
we
build
the
mesh,
we
can
then
build
a
whole
bunch
of
applications
on
top
of
it,
as
I've
been
thinking
about.
How
do
we
manage
IOT
devices?
How
do
we
enable
SSH
s,
mine
PGP?
How
do
we
make
all
these
things
really
easy
to
use?
So
there's
a
huge
expand.
You
know
this
is
a
platform.
C
There
are
lots
of
things
you
can
build
on
it,
but
that's
obviously
too
much
for
one
working
group
so
go
to
the
next
slide.
So
what
I'm
proposing
that
we
do
for
phase
one?
Is
we
pick
one
or
possibly
two
of
those
applications,
and
we
use
that
to
as
the
proof
case,
in
order
to
build
the
mesh,
because
yeah
I
I
don't
want
to
be
trying
to
build
15
applications
and
do
it
through
a
standard
process?
C
You
know
I,
don't
think
that
works,
but
I
also
don't
want
to
be
designing
a
platform
with
no
reference
application.
So
I
think
we
need
to
pick
one
and
the
reason
I
suggest
passwords
is
first
of
all,
it's
the
smallest
one.
It's
about
50
lines
of
code
that
is
specific
to
the
password
Boult.
Here
we
go
to
the
next
slide.
C
It's
also
where
the
pain
is
for
the
user.
This
is
how
we
can
make
computers
easy
to
use
by
making
them
more
secure,
because
if
you
take
away
the
pain
of
passwords
from
the
user,
you're
doing
you
know
you're
doing
them
the
biggest
favor,
we
can
do
them
in
terms
of
usability
today.
The
long
the
shortest
password
that
is
secure
is
much
longer
than
the
longest
password.
Then
you
can
possibly
expect
a
user
to
remember
and
no
I'm.
C
C
It
doesn't
add
too
much
to
the
code
base
and
it's
an
immediate
value,
because
this
is
something
that
even
if
one
person
is
using
it
and
nobody
else
in
the
world
ever
uses
the
mesh
that
person
can
get
value
from
having
an
end-to-end
secure,
password
manager.
So
it
doesn't
rely
on
the
network
effect
which,
as
we
all
know,
is
the
chicken
and
egg
problem
until
you've
got
two
critical
mass
and
one
of
the
feedbacks
have
got
from
certain
banks
has
been.
C
We
can
apply
this
to
solve
the
functional
password
problem,
which
is
everybody's
familiar
with
password,
username
and
password
when
it's
in
the
web
browser.
There
are
often
used
names
and
passwords
that
are
embedded
in
scripts
and
those
are
necessary
in
order
for
one
piece
of
infrastructure
to
talk
to
another,
a
piece
of
infrastructure,
and
these
are
really
poorly
maintained
in
many
enterprises,
they'd
like
to
get
a
handle
on
it.
C
Now,
if
you
wanted
to
just
do
that
well,
the
mesh
would
be
a
bit
like
using
a
sledgehammer
to
crack
a
nut
because
we're
also
provisioning
public
key
pairs
onto
every
device,
but
in
doing
that,
we're
also
providing
the
path
to
replace
passwords
entirely
and
use
emerging
technologies
like
the
web
authentication
infrastructure
that
the
w3c
has
developed.
You
know
if
we
could
provision
a
public
key
pair
onto
every
one
of
the
user
devices
that
then
becomes
practical.
Its
next
slide
so
for
from
a
technical
view.
C
Alice
is
going
to
create
a
personal
mesh
and
become
her
own
ultimate
route
of
trust.
So
she
can
outsource
that
to
a
third
party
you
know
like
she
does
for
malware
and
anti-spam
or
whatever
and
she's
going
to
create
a
choice.
You
can
outsource
it,
but
she
can
always
reclaim
her
autonomy.
She's
always
going
to
be
the
root
of
trust
for
her
own
digital
Gestalt.
C
She
can
create
a
master
she's
going
to
create
a
most
personal
master
profile,
which
has
you
know
the
usual
px
type
of
stuff.
This
is
basically
key
axioms
and
you
have
a
master
signature
key
that
never
changes,
and
so
we
can
use
the
fingerprint
of
that
as
Alice's
permanent
fingerprint
and
it
has
administration
keys
that
can
revolve
and
all
that
good
online
offline
stuff.
C
So
next
slide
from
Alice's
point
of
view,
she
has
installed
an
application
on
a
mobile
phone
she's,
creating
account
alice
at
example.com,
and
now
she
can
add
her
devices
to
a
personal
mesh
by
maybe,
as
simply
as
scanning
a
QR
code
on
the
device
with
a
phone
or
it
might
be.
She
goes
to
the
device
she
installs
an
app
on.
It
says:
I
want
to
connect
to
Alice
at
example,
and
then
we
do
a
password
comparison
of
two
fingerprints.
C
So
the
user
experience
here
is
really
simple,
not
much
more,
not
different,
much
different
from
what
users
do
already
today
and
it
establishes
that
this
device
is
connected
to
this
personal
mesh
with
you
know,
good
work
factor,
you
know,
120
bits,
128
bits
whatever
and
if
so,
Alice
checks.
These
two
fingerprints
look
the
same.
She
accepts
the
connection,
and
now
the
device
is
connected
and
once
the
device
is
connected,
it
stays
connected
until
Alice
says
to
disconnect
it.
C
So,
once
the
device
is
connected
to
a
personal
mesh,
it
will
stay
connected
until
Alice
says
to
drop
it.
So
next
slide
and
I
think
all
coming
to
and
once
a
device
is
connected,
they
can
share
access
to
all
the
catalogs
that
are
connected
to
a
device.
So
each
connected
device
now
has
a
shared
world
view.
C
She
has
connected
no
matter
which
device
she
it
is
and
no
matter
which
vendor
has
provided
it
if
she
adds
a
bookmark
to
one
device,
that
change
will
be
visible
to
all
the
others,
and
what
this
means
is
that
every
connected
device
can
authenticate
the
messages
that
are
producing
all
this
of
being
of
Alice
and
do
the
right
thing.
So
this
allows
us
to
establish
a
single
dashboard
for
IOT
devices.
So
next
slide.
C
So
there
are
three
basic
mesh
components:
there's
the
schema
per
component,
which
is
basically
very
similar
to
sam'l
or
PKK's,
but
in
JSON
instead
of
XML
or
asn.1.
Sorry
about
that
xml
encoding
thing.
It
wasn't
a
good
idea,
then
there's
the
mesh
account,
which
is
unusually
for
an
indie
black
profile
protocol.
A
mesh
account
belongs
to
the
user,
not
to
a
service
provider.
It
is
created
independently
and
can
be
bound
to
a
different
service.
C
So
this
allows
Alistair
hat,
maintain
separate
identities
for
her
business,
personal,
restaurant,
golf
and
whatever,
but
manage
them
all
as
being
the
same
thing
as
far
as
she's
concerned,
and
then
there's
a
service
which
basically
just
acts
as
a
synchronization
point.
For
the
catalogs
that
connected
and
provides
an
always
available
point
of
contact
for
messaging.
So
if
we
go
to
the
final
slide,
I
think
it's
the
final
one.
So
what
we
have
now
is
the
five
minutes
of
discussion.
C
Clarification,
there's
more
information
on
each
of
these
systems
on
the
website,
go
into
the
details
of
the
architecture
in
the
videos
which
are
fairly
comprehensive
and,
as
I
said
the
Tecna
be
discussing.
This
is
on
the
green
box.
We're
going
to
be
coming
back
to
each
of
the
blue
boxes
in
turn,
so
so.
A
D
C
C
If,
however,
you've
got
20
machines,
then
if
you
add,
if
you
change
a
password
on
my
machine,
you
want
those
changes
to
be
replicated
across
all
the
other
ones,
and
you
want
to
be
able
to
do
this
in
such
a
way
that
you
do
not
have
a
password
vault
in
the
sky,
which
has
a
a
that
is
available
to
the
service.
That
is
animating
it.
So
you
don't
want
to
store
the
plaintext
passwords
in
the
cloud
now.
C
There
are
various
ways
that
you
go
around
it,
but
if
you
want
to
deal
with
the
specific
problem
of
Alice
has
20
devices
and
she
loses
one.
Then
you
need
to
be
able
to
turn
off
access
of
that
device
without
affecting
any
of
the
other
devices
or
going
into
rekeying.
And
if
you
want
to
do
that,
then
you
need
to
have
more
mechanism
than
anything
that's
out
there
at
the
moment.
So.
C
And
it
should
be
a
drop-in
replacement
in
that
the
people
who
are
in
those
businesses
can
go
to
this
technology.
They
don't
need
to.
You
know
this
isn't
blow
up
their
business
model,
it's
providing
them
with
a
new
business
model
that
allows
them
to
provide
more
for
the
customer.
Great
I
have
one
more
question:
what
happens
if
I
have
one
device
and
I
lose
it?
Okay,
if
you
have,
there
is
a
mechanism
that
we
can
use
for
key
recovery
for
that
I.
A
E
Well,
could
you
go
to
the
user
experience
lights?
It's
a
couple
of
slides
before
thanks
for
having
that
slide,
it
I
think
I
think
you
can
pass.
No,
no!
You
bastard
it's.
So
this
is
technical,
but
then,
after
yeah,
this
use
of
you
so
I
like
this
idea,
but
like
who
runs
this
server.
Where
Alice
has
her
account.
Who
provides
me
with
the
app?
Is
it
tied
to
certain
devices
and
what
motivation
do
device
manufacturers
have
to
follow
this?
F
C
It
is
centralized
in
the
sense
that
each
user
at
any
one
given
time,
has
a
single
sync
synchronization
point.
However,
you
can
change
that
synchronization
point
at
any
time
that
you
like,
because
the
account
belongs
to
the
user
and
not
to
the
service
provider.
So
if
you
want
to
change
your
service
provider,
you
can
and
there's
nothing
that
the
service
provider
can
do
to
stop
you
and
you
will
have
no
interruption
in
service.
Okay,.
G
Is
Dena
clarification
question
most
your
language
seems
to
want
to
make
it
easier
for
us
to
manage
our
multiple
devices,
but
right
now
in
the
real
world,
most
people
just
have
one
cell
phone
and
the
real
problem
is
is
managing
all
the
web-based
passwords,
which
is
in
the
hundreds
you
got.
That
should
be
the
high
priority
problem.
The
solver
doesn't
solve
it
at
the
same
time
with
the
device
problem.
C
G
H
C
Okay,
so
there's
two
cases
here:
one
case
is:
if
you
know
that
you've
lost
the
phone
before
the
thief,
assuming
that
it's
not
password-protected
or
you
know,
biometry
protected
or
whatever
yeah.
If
you
realize
before
the
thief
opens
it
up,
then
you
can
disable
it
by
calling
the
service
do
not
perform
the
other
side
of
the
decryption.
C
For
that
password
and
I'll
come
to
the
map
on
that
in
a
moment.
If,
however,
the
thief
gets
there
first
well
you're
hosed,
and
that's
just
simply
because
if
you
designed
the
system
so
that
you
can
get
it
at
your
password
without
any
other
pin
whatever
well,
if
a
thief
has
got
it
the
thief,
is
you
so
there's
nothing
that
I
can
do
and.
H
My
question
is:
does
this
work
for
the
situation
where
I
I
have
a
phone?
Everyone
in
my
family
has
a
phone
and
it
turns
out
that
my
TV's
also
a
phone
and
needs
access
to
some
of
our
common
passwords,
but
I
don't
necessarily
want
to
share
transitively
my
facebook
password
with
my
son
through
the
TV,
absolutely
okay.
Yes,
that's.
C
C
Okay,
so
next
ten
minutes,
okay,
so
so
the
first
of
the
technology
presentations
is
on
UDF,
which
started
out
as
uniform
data
fingerprint,
because
we
were
going
to
redo
PGP
fingerprints
and
has
become
something
else.
It's
become
cryptography
on
Rails
anybody,
people
here
familiar
with
Ruby
on
Rails
as
a
framework.
It's
a
really
great
idea.
You
have
one
name
to
refer
to
everything
everywhere
and
it
simplifies
your
code.
Well,
I
want
to
bring
that
to
crypto.
C
So
let's
go
to
the
next
slide
and
then
it
kind
of
like
mushroomed,
because
we
started
off
with
this
idea.
Okay,
we've
got
base
32
encoding
of
cryptographic,
outputs,
so
we've
got
content
digests
and
here
we've
got
a
char
2
and
a
char
3
digest.
I
could
do
message,
authentication
code
and
there's
that
you
know
there's
a
there's
a
heap
of
technology
there.
You
can
do
them
at
various
lengths.
C
They
resist
semantic
substitution
attacks
and
great
stuff
like
that,
and
then
people
started
to
say
well
what,
if
we
wanted
to
put
in
other
things
like
nonces
into
this
form
or
a
symmetric
encryption
key
and
that
becomes
really
useful.
So
we've
got
a
key
here:
that's
the
input
to
a
key
derivation
function
that
can
then
be
used
to
create
ourselves,
encryption,
keys
and
initialization
vectors
for
a
piece
of
data,
and
then
Michael
said
well.
What
about
private
keys?
Can
you
generate
a
private
key
from
one
of
these?
C
C
So
if
I'm
doing
SSH
I
need
to
copy
my
private
key
onto
multiple
devices,
instead
of
doing
it,
how
it's
done
today
by
a
significant
fraction
of
the
sysadmin
population,
which
is
to
send
it
by
unencrypted
email
I,
can
enter
the
UDF
and
then,
of
course,
if
you're
doing
all
this
stuff
with
private
keys,
aren't
you
gonna
want
to
have
Shamir's
secret
sharing,
so
you
can
do
the
key
recovery
and
so
there's
a
whole
bunch
of
mechanism
in
there.
It's
a
next
slide,
and
this
allows
us
to
do
one.
C
What
I
call
cryptography
and
rails,
which
is
in
the
mesh.
The
only
form
of
key
identifier
that
is
used
in
the
mesh
itself
is
the
content
digest
of
the
public
key,
and
the
reason
for
that
is,
if
you
have
one
way
of
referring
to
the
doctor,
the
key
in
every
place,
and
it
simplifies
all
the
path
map
that
we've
traditionally
done
through
PKK's.
C
So
if
we
go
to
the
next
slide,
the
other
thing
that
we
can
do
and
I
don't
know
if
they've
still
got
the
there's
a
demonstration
of
this
on
the
both
poster,
we
can
create
encrypted
QR
codes.
So
what
we've
got
here
is
a
QR
code,
which
is
a
combination
of
a
hint
that
allows
us
to
discover
a
website
that
can
be
converted
to
a
web
service
endpoint
and
an
encryption
key
and
to
resolve
this.
C
We
first
of
all
resolved
that
the
example.com
two
web
service
endpoint
and
take
the
content
digest
of
the
encryption
key
and
use
that
to
locate
the
document
that
is
encrypted.
We
retrieve
that
encrypted
document
and
then
decrypt
that
document
with
the
original
encryption
key,
which
we
hadn't
shared
with
the
site,
and
so
now
we've
got
a
way
that
we
can
put
QR
codes
on
on
documents
and
piece
of
paper
that
allows
that
document
to
link
to
an
encrypted
copy
of
the
document
in
the
cloud.
C
So
imagine
that
you're
doing
your
taxes
and
you've
got
all
those
w-2
forms.
You
could
just
scan
the
w-2
form
and
back
comes
an
encrypted
version.
You're
doing
your
invoices,
you
can
scan
the
invoice
come
back
with
an
encrypted
version,
there's
a
whole
bunch
of
stuff
that
the
combination
of
this
in
QR
codes
solves
the
reason
that
I
put
it
into
the
mesh
was
that
I
wanted
a
way
of
doing
contact
exchange
so
that
if
I
need
Alice
in
a
bar
or
whatever
we
can
bump
phones.
So
next
slide.
Sorry.
E
C
Is
a
reason
for
that
which
is
Stephen
wolf
and
one
of
the
authors
of
naming
things
with
patches,
and
so
basically
this
is
coming
back
to
some
of
the
work
that
I
did
previously
and
reapplying
it.
So,
yes,
this
is
I'm,
not
pretending
that
any
of
this
is
new
I'm,
not
trying
to
be
new
I'm,
not
an
academic
and
trying
to
solve
a
problem
and
I'm
quite
happy,
boring
stuff.
That's
ten
years
old
or
twenty
years
old.
I
Behnke
doc,
could
you
go
back
one
slide,
please
so,
just
to
double
check,
I'm
understanding
this
right
with
sort
of
encrypted
URL
thing.
The
idea
is
that
I
can
put
a
QR
code
somewhere,
and
anyone
who
looks
at
that
QR
code
can
fetch
the
plain
text
to
the
content,
but
the
content
itself
is
hosted
on
a
site
that
does
not
have
access
to
the
plain
text,
because
it's
encrypted
to
the
key
that
is
local
on
the
QR
code.
Yeah.
That's.
C
Basically,
it
great
so
basically,
what
you
have
is
the
QR
code
becomes
a
bearer
token
that
allows
you
to
locate
and
retrieve,
and
that
was
been
yeah,
and
you
know
it's
what
it
was
you
know.
I
was
trying
to
do
data
at
rest,
security
here
and
that
stuff
that
you
know
I
did
with
Stephen
what
ten
years
now
yeah
2011
I.
Think,
and
you
know
it
just
looked
like
the
time
to
put
that
in.
A
D
Yes,
I
mean
come
yes,
echo,
so
I'm,
sorry,
I
think
I
just
don't
understand
how
this
specific
I
understand
how
one
would
go.
One
of
these
things
were
much
sure.
I
understand
how
you
built
it
so
that
first
URL
yeah
the
thing
the
path
component
won't
be.
The
practically
is
the
caption
key
right
yeah,
but
the
presumably
lots
of
crap
on
example.com
right
lots
of
resources.
So
what
tells
me
a
resource?
It
is
well.
C
Do
the
example.com
piece
you
throw
it
at
web
service
at
DNS
service
discovery?
You
know,
Stuart's
chess,
your
stuff,
so
you
look
for
SRV
and
txt
records
and
those
can
identify
the
the
web
service
endpoint
and
if
neither
of
those
are
populated,
then
you
fall
back
to
well-known
service
discovery,
and
so
here
we've
got
example.com.
So
this
piece
here,
the
HCBS
example.com,
well-known
mmbf,
all
that
stuff
is
just
some
stuff
that
is
defined
by
the
UDF
example.com
piece.
I'm.
D
Okay,
so
we
use
that
to
complete
the
with
that
Sublette,
but
that's
not
content.
Rest
then,
because
because
the
because
that's
the
direct
necessarily
the
encryption
key
right
right,
okay,
so
on
so
that
I
am
now
not
making
a
clarifying
question,
but
a
technical
point
which
is
an
unattractive
property.
This
design
is
that
on
anybody
else
who
has
access
to
the
URL
is
able
to
forge
new
content
and
you
cannot
detect
it
and
the
typical
way
to
prevent
that
is
to
have
the
URL
that
had
the
top
thing.
D
C
C
So,
okay,
let's
go
to
the
next,
so
okay,
so
that
so,
let's
go
to
the
dare
piece.
So
so,
since
we
I
was
doing
this,
this
mesh
stuff
I
needed
a
way
of
wrapping
up.
My
schemas
and
I
didn't
want
to
use
sn1,
because
you
know
I
just
am
fed
up
of
having
arguments
over
it,
and
so
Jason
is
the
format
of
the
hour.
C
So
let's
do
it
in
Jason
and
so
go
to
the
next
slide,
and
so
the
basic
spec
is
simply
pkcs7
for
jason,
reusing,
most
of
the
same
crypto
approaches
with
a
few
changes
that
allow
the
use
of
dare
envelopes
in
sequences,
and
this
particular
change
is
we
generate
instead
of
having
the
key
output
of
a
key
agreement,
be
the
master
secret.
That's
used
to
the
the
encryption
key
and
then
specify
the
initialization
vector
separately.
We
use
a
key
derivation
function
in
order
to
generate
to
derive
our
initialization
vector
our
encryption
key
mat
key.
C
So
that's
the
basic
envelope
piece
so
go
to
the
next
slide.
Oh
yes,
and
then
also
the
other
piece
that
came
up
is
that
you're,
probably
aware
in
the
crypto
world
there's
an
argument
that
goes
on
as
to
whether
you
should
sign
and
then
encrypt
or
encrypt
and
then
sign,
and
there
are
actually
disadvantages
to
both,
and
so
the
proper
way
to
do.
C
It
is
actually
to
sign,
encrypt
and
then
sign,
and
so
one
of
the
ways
that
we,
this
particular
key
derivation
because
of
the
way
that
we'd
wanted
to
use
these
envelopes
in
the
mesh
is
critical,
that
we
sign
the
cipher
text
and
that
would
be
able
to
verify
the
signature
from
the
cipher
text
alone.
But
then
what?
If
you
need
to
be
able
to
prove
that
the
person
who
signed
the
content
had
knowledge
of
the
plaintext?
C
Well,
we
can
generate
a
witness
value
out
of
the
key
derivation
function,
and
that
provides
almost
exactly
that
piece
of
information.
It
isn't
quite
the
same
and
we
can
explai
discuss
the
difference
offline.
So
let's
go
to
the
next
slide.
So
if
we
were
just
going
to
do
envelopes,
it
probably
isn't
that
interesting.
But
the
main
reason
that
we
do
this
in
the
mesh
is
so
that
we
can
create
append-only
logs,
which
are
sequences
of
dare
entrant
Lopes,
and
this
allows
two
things
incremental
encryption,
sorry
incremental
authentication
via
Merkel
tree.
C
So
all
that
stuff,
that's
in
certificate
transparency
we've
got
in
there
so
that
we
can
sign
the
sign.
The
final
head
of
the
Merkel
tree
and
then
we
can
authenticate
any
envelope
in
the
sequence
and
I
believe
it's
used
in
some
minor
currency,
thingy
somewhere
I
forget
what
its
name
is,
and
it
also
gives
us
incremental
encryption.
So
the
idea
here
is
that,
if
I've
got
a
log
file
from
my
server,
I
would
like
to
be
able
to
encrypt
each
entry
into
that
log.
C
But
I
don't
want
to
do
an
RSA
key
exchange
for
every
entry.
I,
add
and
I
saw
an
even
if
I'm
doing
a
lip
tic
curve.
I
don't
want
to
have
to
do
a
key
exchange
for
every
entry,
because
then
I'm
gonna
have
to
do
it
key
exchange
for
every
decrypt
as
well.
It's
just
too
much,
and
so
what
this
provides
us
with.
C
So
this
structure
allows
us
to
create
an
incremental
encryption,
have
the
key
exchange
in
the
first
record
and
then
use
that
same
key
exchange
in
any
subsequent
packet
and
just
have
a
pointer
back
to
where
the
key
exchange
went.
And
so
the
only
thing
you
need
to
do
to
make
this
secure
is
to
make
sure
that
each
of
the
envelopes
that
you
have
has
a
different
nonce
and
then
the
key
derivation
function
works
properly
and-
and
this
can
be
used
also
insists
W
pack
has
been
proposed.
C
I
did
not
know
about
W
pack
when
I
was
working
on
this.
Nor
did
I
am
to
propose
a
replacement
for
zip.
However,
while
I
was
designing,
it
I
implemented
a
zip
archive
format
as
a
sanity
check
on
the
design
to
make
sure
that
it
worked,
and
so
this
might
be
some
something
that's
relevant
to
the
W
pack
people,
so
next
secret
next
slide.
Okay,
so
why
do
all
this?
Well?
C
There's
basically
through
the
meat
of
it,
is
three
commands
for
status
to
get
the
status
of
the
containers,
upload
a
change
to
a
container
or
download,
and
because
we've
got
that
merkel
free
going
on.
We
maintain
integrity
checks
all
the
time.
The
service
can
check
the
integrity
of
a
proposed
upload,
but
cannot
read
any
of
the
contents
of
the
container
because
they're
encrypted
so
next
slide,
and
so
so
do
we
have
any
discussion
on
dare
what
discussion.
G
So
it
sounds
like
you
said:
you
wanted
at
the
same
time,
let's
solve
encryption
data,
a
trust
problem
while
you're
doing
these
other
things.
That's
great.
It
also
sounds
like
you're
solving
the
internet
identity
problem
once
and
for
all,
maybe
and
at
the
same
time,
you're
solving
device
synchronization
this
true
identity.
C
G
C
Here
is
a
really
overbaked
thing,
but
I
find
that
as
I
look,
you
know
what,
when
I
find
haven't,
have
got
an
idea
where
to
go,
I,
look
for
more
requirements
and
then
I,
try
and
simplify
and
I
think
that
this
structure
yeah,
you
don't
want
to
use
blockchain
to
do
bgp
or
dns
or
whatever
it's
just
the
wrong
thing,
because
blockchain
was
designed
to
do
one
thing
and
trying
to
repurpose.
It
is,
you
know
like
trying
to
do
everything
with
a
hammer,
so.
G
C
G
Proof
of
waste
right.
Yes,
so
one
other
clarification
question,
but
that's!
Okay!
If
it
sounds
like
since
you're
thinking
holistically,
that's
wonderful,
but
are
you
worried
that
you
may
solve
the
password
problem
at
the
expense
of
identity,
solving
the
identity
or
device?
Synchronization
problem
won't
work
as
well
as
you
would
like.
So
as
a
designer.
Do
you
think
you
can
do
all
these
things
really
good
or
one
really
good
and
the
other
one
just
mediocre,
because
it's
all
together?
It's.
J
C
Honestly
think
that,
at
the
point
that
I've
got
the
documents
now
there
is
very
little
the
bones:
I
mean
if
he's
really
concentrated
and
I,
don't
think
that
it
won't
compromises.
The
other
there's
a
few
pieces
in
the
current
specs
that
maybe
we
should
strip
out,
because
originally
when
I
was
looking
at
these
sequences,
I
proposed
multiple
ways
of
doing
the
sequences
you
could
have
chains
or
whatever
I
think
at
this
point
we
should
just
strip
out
everything.
That's
you.
I
Benkei
doc,
so
I'm
gonna
get
the
terminology
wrong.
Unless
you
take
this
slide
back,
I
think
one
or
two
honestly
ideas
that
sorry.
We
have
like
a
three-tier
structure
where
I
can
have
like
an
individual
dare
envelope,
that's
like
the
smallest
quantum
of
and
write
stuff
and
then
I
might
sort
of
consolidate
a
bunch
of
those
into
a
sequence.
I
I
think
is
the
next
term,
and
so
those
could
be
related
things
like
one
envelope
per
password
and
my
password
manager
sort
of
thing
and
then
I
can
have
a
bunch
of
these
sequences
which
might
be
related
and
I
build
those
together
into
their
container,
which
is
maybe
I,
can
think
of.
That
was
like
a
database
of
stuff
that
gets
synchronized
and
the
container
is
gonna.
It's
gonna
include
like
the
updates
and
removals
and
like
this
is
the
the
latest
version
of
this
thing
that
appeared
previously
in
the
container
pretty.
C
C
C
F
C
I,
what
I'm
proposing
here
is
just
the
data
structure.
What
I'm
doing
yeah
I
mean
like
you,
you
I
do
have
a
consensus.
Protocol
I,
I
I,
presented
that
at
the
Boston
hub
meeting,
and
it
does
not
involve
proof
of
work.
Basically,
the
way
that
I
can
get
around
the
need
for
proof
of
work
is
by
having
multiple
chains
and
to
then
have
cross
assertions
between
them
and
then
the
problem
with
those
things
is
that
you
always
end
up
with
the
problem
of
who's,
the
ultimate
root
of
trust.
C
You
know
who
teach
and
the
way
that
I
saw,
that
is
to
fold
it
back
on
the
user,
so
the
Alice
by
when
she
reincorporate
her
mesh
service.
It
says
at
a
station
into
her
chain
that
becomes
her
personal
root
of
trust
and
so
over
time,
our
each
time
Alice
is
synchronizing.
She
is
reinforcing
her
own
proof,
so
we
can
discuss
that
offline
I
mean
yeah.
F
I
C
C
For
what
I'm
trying
to
do
I
think
it's
acceptable
I've
not
really
tried
to
do
any
performance
stuff.
If
people
want
to
propose
something,
that's
better
and
quite
happy.
I
know
that
there's
a
whole
literature
there-
and
you
know
I
I'm
bringing
this
here
because
I
need
help.
I
mean
like
I've,
been
keeping
this
around
in
my
head
for
five
years
and
III
desperately
need
your
help.
I
cannot
continue
to
build
this
on
my
own
okay,
we're.
C
M
C
Basically,
it
means
that
I
can
use
the
same
synchronization
primitive
for
passwords,
for
bookmarks,
for
contacts
and
for
everything
else
and
for
synchronizing
messages
to
the
spool.
And
yes,
if
you're,
oh,
if
you
were
only
going
to
do
passwords,
this
wouldn't
be
the
absolute
optimal
way
of
doing
it,
because
most
people
aren't
gonna
have
enough
passwords
to
make
it
worthwhile
I
know,
even
if
you've
got
a
thousand
passwords
like
I.
Do
that's
probably
not
going
to
be
enough
to
justify
this?
However,
once
you
realize
yeah,
the
passwords
is
how
you
access
the
web.
G
G
C
Yeah,
okay,
so
so
this
is
the
final
one
of
the
blue
talks,
which
is
meta
cryptography,
and
this
is
not
new
cryptography.
Well,
maybe
the
this
is
not.
C
This
is
all
stuff
that
should
be
part
of
the
cannon,
but
didn't
make
it
because
the
cannon
or
cryptography
that
we
using
kind
of
closed
in
1990
when
Pam
and
PGP
launched
so
so
I'm
taking
a
leaf
out
of
Tim
O'reilly
book
and
I'm
rebranding
it
so
that
we
can
go
back
and
look
at
what
we
were
doing
that
we
should
have
been
doing
all
along
so
we're
rebranding,
threshold,
cryptography
and
some
other
stuff
with
meta
cryptography.
The
next
slide.
So
what
do
I
mean
by
that?
C
C
So
if
you're
doing
PKI
the
big
the
big
bugbear
rpki
has
always
been,
how
do
you
actually
provision
keys
or
issue
certificates?
And
it's
really
tricky,
because
if
you
do
it
wrong?
Well,
everything
falls
apart,
and
so
you
can
generate
keys
on
devices
and
that's
okay.
If
the
device
can
has
a
sufficiently
good
random
number
generator,
if
it
doesn't
have
a
good
random
number
generator,
you've
got
a
weak
key
and
you
get
hosed.
C
You
can
generate
your
private
key
in
a
centralized
location,
which
means
that
you
can
do
it
under
controlled
circumstances
and
make
sure
that
you've
got
strong
key.
But
then
you
can't
really
trust
it.
I
mean
when
I
was
a
CA
people
kept
coming
at
me
and
saying
I
want
you
to
generate
the
keys
for
me
and
I'm,
saying:
oh,
no,
no,
no
I'm
not
doing
that
for
you,
and
so
this
was
a
way
that
I
came
up
with
it.
Would
allow
me
to
do
it
for
diffie-hellman.
C
So
one
of
the
amazing
facts
about
diffie-hellman
is
that
if
you
take
two
private
keys-
and
you
add
them,
you
can
calculate
the
corresponding
public
key
simply
from
the
to
public
components.
So
if
you
look
at
the
two
red
boxes
here,
the
two
are
at
the
top.
So
if
private
key
X
private
key
Y
Z
equals
x,
plus
y
okay,
so
they're
all
Dickie
Harmon,
we
can
create
different
keys
for
all
of
them,
but
look
what
was
happening
on
the
black
side.
The
public
key
public
key
X
is
X
dot.
C
C
C
C
C
C
We
can
do
encryption
in
the
cloud.
We
can
have
a
key
manager
in
the
cloud
that
can
control
use
of
decryption
but
cannot
decrypt,
and
we
can
prove
that
this
cloud
service
has
absolutely
no
knowledge
of
the
private
key,
because
we
give
the
service
the
random
number.
So
all
the
service
has
is
a
random
number
and
a
bunch
of
encrypted
files.
Oh
and
we
do
have
so.
C
We
have
a
different
random
number
for
each
person
that
we
join
to
the
group
and
what
this
means
that
we
can
do
now
is
that
we
can
do
group
encryption.
We
can
have
a
pile
of
documents
that
are
already
encrypted
and
we
can
add
a
new
person
to
our
encryption
group
and
they've
now
got
access
to
all
those
documents,
all
the
ones
that
were
written
in
the
past,
because
all
we
need
to
do
is
to
provide
the
of
the
halves
of
the
keys
to
the
various
people,
and
now
the
cloud
service
can
enable
them.
C
Conversely,
if
the
we
decide
they're
a
bad
egg-
and
we
don't
want
them
to
have
a
decryption
capabilities,
we
can
shut
them
off
at
the
server.
We
can
tell
the
server
do
not
decrypt
for
Bob
anymore
or,
alternatively,
again
we
can
have
velocity
controls
in
the
server,
so
the
server
can
say:
okay,
you've,
decrypted
thirty
thousand
diplomatic
cables,
this
hour,
I'm
not
going
to
let
you
have
thirty
thousand
and
one,
and
so
it
provides
us
with
what
I
call
confidential
document
control.
C
This
is
not
a
full
CRM
system,
because,
if
you
I've
been,
if
you
want
the
ability
to
decrypt
the
document,
you've
got
it
and
that's
it.
You
know
this
is
not
going
to
control
the
onward
distribution.
It's
not
going
to
force
you
to
delete
it
if
you
are
taken
out
of
the
group
yeah.
So
what's
what
Bob
is
already
decrypted
before
he
was
thrown
out
of
the
group
he's
still
got.
C
A
N
You
may
not
have
the
answer
to
this
I'll
chop,
your
head
and
that's
okay,
it's
unclear
to
me
how
what
you're
presenting
remains
as
simple
as
it
is
and
meets
the
sort
of
group
requirements
your
mission
without
turning
into
something
as
complicated
as
MLS,
so
either
they're
doing
something
vastly
over
complex
unnecessarily
or
maybe
your
presentation
is
making
it
look
easier
than
it
is.
Is
that
fair
I.
C
Think
that
your
analysis
is
correct,
I'm,
not
sure
whether
it
would
be
politic
of
myself
to
answer
your
question.
I
did
try
to
persuade
the
MLS
people
to
look
at
this
stuff
when
they
were
starting
the
difference
between
what
they're
trying
to
do
and
what
I'm
trying
to
do,
though,
is
a
matter
of
the
different
sitting
ideology
in
it.
C
They're
trying
to
do
off-the-record
they're,
trying
to
make
their
messages
disappear
over
time,
and
what
I'm
trying
to
do
is
if
I
got
a
new
employee
that
I've
on
boarded
and
brought
into
my
group
I
want
to
give
that
new
employee
access
to
all
the
documents,
all
the
chats,
all
the
emails,
all
the
context,
information
all
the
online
discussions
or
the
video
conferences
that
took
place
before
and
so
we're
actually
trying
to
do.
Two
separate
things
now:
I
have
tried
to
get
my
head
around
there
at
the
MLS
problem
and
apply
this
stuff
to
it.
E
Well
it
so
my
previous
question
about
who
has
the
app
and
why
do
device
manufacturers
follow?
This
is
still
unanswered.
I
I
get
some.
Something
is
clear
to
me
now
that
anybody
can
be
a
service
provider
include,
including
the
user
can
set
up
its
own
server.
So
that
part
is
clear,
but
is
there
some
standard
mesh
app
that
will
work
regardless
of
what
device
I
buy
or
which
organization,
I,
use
and
who-who
will
have
this
app,
so
those
guys
remain
unanswered.
Okay,.
C
Sorry,
so
when
you,
what
in
order
to
use
the
mesh
you
can
that
there's
a
mesh
management
tool
and
that
will
create
a
device
profile
that
contains
all
the
keys
for
that
device,
and
so
you
don't
need
the
did.
The
device
manufacturer
does
not
need
to
cooperate
in
order
to
use
this
stuff.
However,
if
we
want
to
do
the
type
of,
if,
however,
the
device
manufacturer
did
want
to
cooperate,
there
are
some
opportunities
that
this
stuff
makes
possible
that
aren't
available,
otherwise.
C
So,
for
example,
the
key
provisioning
piece,
what
you
can
do
is
say
the
device
manufacturer
has
a
key
that
is
unique
to
each
device
embedded
into
the
device.
Okay
and
the
device
comes
with
that.
Well,
that's
a
key
that
cannot
be
extracted
from
the
device
which
makes
it
really
interesting
to
me.
It's
also
a
key
that
I
cannot
possibly
trust,
because
the
device
manufacturer
might
have
been
coerced
any
piece
in
the
in
the
supply
chain
might
have
been
coerced
or
manipulated
or
whatever.
C
However,
what
I
can
do
is
I
get
this
device
I,
then
layer
on
a
key
contribution
of
my
own
and
I've
now
got
I
going
to
be
doing
my
device
level.
You
know
my
trusted
Hardware
public
key
stuff
and
also
my
secondary
layered
key
stuff,
and
that
allows
me
to
use
that
untrustworthy
key
in
a
trustworthy
manner
and
sorry.
M
M
C
Service
is
trusted
to
remove
people
from
groups.
A
person
can
only
be
added
to
a
group
by
the
group
administrator
and
the
group
administrator
controls
the
key
locally,
so
adding
users
to
the
group
is
always
end
to
end
now.
If
you
get
into
you
know,
if
you
want
to
go
beyond
the
level
of
security
that
ordinary
internet
uses,
what
you
know
say
you
want
to
do
this
in
the
government,
types
that
you
raishin
or
you
want
to
do
it
in
a
banking
type
situation.
C
Where
you
have
huge
amounts
of
money
involved,
we
can
apply
separation
of
duties.
It
isn't
described
how
to
do
it
in
you
know
the
that
isn't
being
rarefied
into
code,
but
I
absolutely
know
how
to
do
it,
and
there
are
disclosures
and
prior
arts-
and
oh
I
should
have
mentioned.
I
believe
that
this
this
should
all
be
an
income,
but
as
far
as
I'm
concerned,
I,
don't
believe
that
there's
any
all
right
last
clarifying.
O
C
Okay
I
mean
if
the
computer,
if
the
user
hat
is
allowed
to
install
their
own
applications,
they
can
always
run
the
mesh
as
an
application
if
the
device
has
been
locked
down
and
so
that
they
have,
you
have
to
have
the
permission
of
the
manufacturer,
whoever
to
run
it
and
they
don't
allow
secure
applications.
Well,
that's
not
going
to
be
possible,
but.
C
I
Is
Ben
Caidic
again
to
sort
of
respond
to
Jeffrey's
point
I.
Think
it's
probably
useful
to
remember
that.
So
the
starting
premise
here
is
that
we
want
to
make
something
that
is
as
easy
to
use
or
easier
to
use
than
what
people
are
currently
doing,
and
you
know
to
some
extent
that
might
limit
the
security
properties
that
we
know
how
to
provide
within
those
constraints.
And
so
you
know
the
fact
that
we
have
this
slightly
weird.
Who
is
trusted
to
do
what
behavior
worried
like
the
this?
I
C
Absolutely
actually,
this
is
one
of
the
things
that
has
really
been
guiding
the
whole
design
in
that
traditionally,
because
we're
security
people
we
try
and
provide
absolutely
the
most
security
that
we
can
and
then,
after
we've
done
all
that
stuff
is
kind
of
like
oh
well.
How
are
we
gonna
make
this
tolerable
here
is
the
opposite
way
of
looking
at
things.
It's.
How
do
we
make
it
as
easy
as
possible
to
use
the
computer
as
possible,
and
then
how
can
we
do
that
securely
and
how
can
security
help
us
do
that
so
yeah,
ok,.
A
C
A
For
the
next
section
we
were
going
to
discuss,
you
know
how
does
a?
How
do
we
is
this
an
interesting
place
for
the
ATF
to
spend
work
on?
What
is
the
problem?
Space
of
interest
like
password
management
might
be
a
reasonable
starting
point.
Is
there
a
solvable
problem
here?
In
other
words,
do
people
agree
that
this
is
a
solvable
problem?
Phil
doesn't
have
to
necessarily
win
that
battle,
which
components
of
you
know.
Phil's,
you
know,
might
be
useful
in
a
starting
charter,
or
at
least
you
know
these.
You
know
he
proposed
a
set
of
solutions.
A
That
doesn't
mean
we
have
to
pick
his
in
the
problem
space
that
the
IETF
ends
up
wanting
to
work
on
and
who
is
you
know
willing
to
help
work
on
it,
of
course,
and
you
know,
is
password
management
a
reasonable
starting
place
or
for
those
that
have
read
more
of
the
documents,
are
there
you
know
or
other
components
that
you
feel
would
be
even
more
appropriate
or
marked
anything
else
to
prioritize.
Do
you
want
to
add
anything.
B
P
Might
still
need
to
answer
questions,
but
it's
not
mine,
so
so
some
other
pieces
here
that
was
sort
of
mentioned
in
passing
seemed
quite
fascinating.
The
the
ability
to
take
you
know
a
hardware-based
key
like
off
of
a
TPM
or
something
some
more
and
then
augment
it
with
something
else,
so
that
you
now
can
can
leverage
that
Hardware
would
have
cost,
but
still
not
completely
trust
the
manufacturer,
the
doc.
These
slides
refer
to
some
IOT
use
case
and
I.
P
One
of
the
things
I
want
to
explore
is
is
whether
we
should
do
that
here
now,
because
I
want
to
make
sure
we
can
do
this
for
devices
that
don't
have
user
interfaces
for
all
this
on
the
device
might
be.
You
know
the
barcode
of
the
key
fingerprint
of
that
public
key,
that's
in
the
TPM,
and
make
sure
that
that
stuff
works,
because
that's
a
very
interesting
to
me
at
least.
Q
Hi
Roman
Dean,
you
know
hat
so
since
the
words
working
group
were
used,
I
guess
I'd
be
interested
to
hear
from
the
community.
Are
we
talking
about
a
working
group
whose
success
is
governed
on
we
solved
the
password
problem?
Are
we
looking
at
a
working
group
that
is
picking
out
specific
technologies
that
we
talked
about
here
and
we're
gonna,
advanced
and
mature
those
technologies,
and
we
happen
to
maybe
solve
password
stuff
along
the
way
that.
C
Q
So
high
roaming
back
I'll
put
the
hat
back
on,
so
my
I
I
think
I
understand
country
what
you're
saying
I
guess:
I
struggle
want
to
hear
a
lot
more
conversation
about
I,
don't
know
how
to
measure
success
and
I
understand
that
password
is.
You
know
way
to
test
that
we
got
it
right,
but
I
dressed
I'd
want
to
hear
more
discussion
on
what
success
would
be
advancing
any
of
those
technologies
kind
of
what
the
constraints
would
be.
H
H
It's
I
heard
an
hour-long
conversation
at
a
meeting
in
September
of
the
Oh
PC,
where
they,
these
is
a
operational
IOT
consortium
where
they
they
completely
rat
holed
into
that
conversation
about
that
and
and
krill
it
critically.
It
was
obvious
that
that
was
a
serious
stumbling
block
for
them
to
adopt
any
onboarding
such
concise.
It
solution
because
it
was
clear
to
them
that
you
was
pointless
to
onboard
a
device
that
didn't
have
a
valid
configuration
right.
You
on
board
it
automatically.
H
Then
you
send
the
technician
up
to
send
out
to
set
up
the
actual
configuration.
Well,
you
missed
the
whole
point
of
automatic
onboarding.
If
someone
had
to
go,
configure
it
right
and
so
I
think
that's
a
actual,
really
interesting.
Second
use
case.
That
really
has
nothing
to
do
with
passwords
and
isn't
necessarily
the
Snowden
problem,
but
is,
in
fact
tractable
at
a
small
space.
I
Benkei
dock,
so
with
no
hat
I
promise
I'm
actually
pretty
excited
in
the
same
vein
as
Michael
about
you're
getting
to
work
on
some
of
this
broader
technological
solution,
because
there's
a
lot
there
that
excites
me
I
think
there's
a
lot
of
potential
in
some
of
these
new
technologies,
especially
the
sort
of
meta
cryptography
stuff,
to
make
solutions
for
a
lot
of
use.
Cases
that
we
just
haven't
been
doing
in
the
ITF
before,
but
I
think
there's
probably
a
lot
there
that
that
would
be
interesting
to
look
at
more
I.
I
Think
I've
also
looked
at
the
drafts
for,
like
the
UDF
and
the
Dare
stuff,
a
little
bit
more
and
there's
a
lot
of
interesting
ideas
in
there
and
there's.
You
know,
saying:
there's
still
a
lot
of
room
for
more
co-authors
to
come
in
and
flush
out
some
of
the
bits
and
make
sure
we're
getting
the
details
right.
So
I
think
there's
still
work
to
be
done
to
to
get
that
into
the
best
shape,
but
I
think
it's
worth
pursuing
and.
D
There
girl,
answering
I
just
have
something
else,
so
I
guess
on
the
question:
I
was
gonna
get
at
earlier,
but
it's
not
clarifying,
so
I
did
not
ask
it.
Is
there
are
quite
a
few
people
who
already
are
doing
password
sink
systems?
We
have
one
I
know:
Google
has
one
ever
every
one
password
as
one
there's
like
law,
etc.
We,
by
the
way
or
not
unaware
of
these
ideas.
In
fact,
the
initial
conventional
Firefox
system
use
a
fake
for
this,
which
has
some
solar
properties
to
unfold,
especially
here.
D
Which
of
any
of
those
which
of
any
of
those
companies
who
build
systems
like
this,
which
is
to
consume
this
technology,
so
I,
don't
know
who
you're
directing
your
question
to?
Well?
Certainly
not
me,
but
anybody.
Anybody
hey
is
anybody
in
this
room?
Who
is
anybody
this
room
or
something
like
that
that
likes
interesting
I?
Think
I
can
tell
you
that,
like
I,
I,
guess
I
guess
speaking
for
baking
for
Firefox
like
this
is
somewhat
different
set
of
trade-offs
in
science
we
decided
to
make
I,
don't
think
we'd
shift
a
piece.
A
So
let
me
rephrase
that
for
one
sec
so
to
answer
other
people's
question
of
what
would
be
a
reasonable,
successful
outcome
of
this
working
group,
a
reasonable
successful
outcome
would
be
interoperable
password
management
right.
Oh
there's
two
sides
to
your
question
right:
there's
the
user.
You
know:
do
users
want
it
and
are
there
companies
willing
to
do
it
even
with
or
without
I.
D
I
thought
that
don't
have
like
the
phone
number,
the
guys
are
chrome,
do
passwords,
saying
right,
just
not
and
I
don't
like
no
Chris's
phone
number.
I
can't
call
him
it's
not
like
the
companies
to
do
this,
don't
want
and
her
professor
management
but
I
guess
what
I'm
saying
is
that
if
they
did
the
the
those
presentation,
this
use
case
was
presented,
as
this
is
presented
as
using
the
password
management
example
to
drive
the
technical
partnership
building
these
other
other
systems,
and
what
I'm
saying
is:
is
that
it
that's
true?
D
D
Well,
I
mean
Firefox,
has
a
customer
sink
positions
passwords
as
somewhere?
It's
a
difference
that
design
trade-offs
in
this
and
I
would
not
change
these
design.
Trade-Offs,
I,
don't
believe.
Chris
I,
don't
know
if
you
can
speak
for
the
iCloud
design,
okay,
so
I
guess
I
don't
know
but
like.
But
similarly,
if
those
people
are
not
in
this
room,
then
we
have
no
idea
if
the
requirements
are
and
we
solve
the
problem.
So
so
I
guess
my
question,
I'm
asking
asking
is:
are
the
are
the
consumer?
Are
their
demonstrated?
D
B
B
D
I
guess
I
guess:
I
can
tell
you
that,
like
there
are
at
least
three
big
systems
that
are
that
had
people
in
this
room
that
build
the
build
password
steam
systems,
which
is
to
say
Firefox,
Chrome
and
Apple
they're
all
in
this
room
now
I,
don't
the
relevant
people
in
this
room.
It's
not
like
they're
Cubs,
don't
resent
it
represented
here.
F
We
went
ashore
that
makes
sense,
so
it's
in
the
IETF.
We
don't
really
work
on
interesting
problems
because
they're
interesting.
We
work
on
on
technologies,
for
which
there's
demand
and
I
think
this
is
related
to
Eckert's
ecords
comment,
and
so
you
know,
I
shall
put
a
massive
amount
of
work
into
this.
It's
great
stuff
he's
the
only
author
on
this
topic
right
and
even
though
we
saw
the
bath
was
coming,
there
were
no
other
contributions
and
so
I'm
wondering
just
you
know
what
the
landscape
out
there
actually
is
for
this
stuff.
F
R
Hello
is
that
working
yeah,
okay,
so
Lawrence
lund,
blade
I,
think,
there's
probably
about
thirty
to
fifty
percent
overlap
of
some
of
the
work
being
done
in
the
phyto
alliance.
There,
of
course,
centered
around
biometric
authentication
and
that's
their
solution
for
replacing
passwords,
but
there's
always
a
fallback
to
something,
but
but
the
whole
idea
of
eliminating
passwords
or
doing
something
better
about
passwords.
That's
in
parallel,
the
idea
of
binding
multiple
devices
is
areas
that
they're
exploring
that's
relevant
to
authentication
and
then
the
they
call
account
recovery
or
to
backup
systems
for
authentication.
R
I
Been
Caidic
again
so
I
guess
Melinda's
sort
of
started
to
cover
some
of
these
topics.
Could
we
go
back
to
the
so
we
run
the
original
slides
with
the
orange
and
the
greeting
in
the
blue
boxes.
Please
so
like
we're
talking
about
passwords,
because
that's
what
Phyllis
proposed
as
a
potential
use
case.
That
would
be
a
concrete
realization
of
this
technology,
but
without
trying
to
boil
ocean,
but
there's
no
particular
reason
we
have
to
be
tied
to
that.
There's
other
potential
use
cases
and.
I
You
know
if
people
are
interested
in
those
other
ones.
We
can
talk
about
those
instead
of
passwords
and
the
other
point
that
I
want
to
make
is
that,
even
if
we're
talking
about
passwords,
that's
sort
of
relying
on
the
green
box,
the
mesh
core-
and
it
might
be
worth
taking
a
step
back
to
look
at
the
blue
boxes
to
say
you
know:
do
people
understand
what
these
three
technologies
and
blue
boxes
are
trying
to
do
and
things
that
they
might
have
used
cases
for
those
as
well.
I
P
Eric
Mike,
you
asked
about
other
use
cases,
so
if
it
wasn't
clear
before
at
least
pieces
of
this
stuff,
I
would
actually
apply
to
what
I
would
call
IOT
or
at
computing
and
an
open
source
project
next
week.
If
I
have
it
because
I
think
that
there's
things
you
can
do
here
that
I
haven't
seen
anybody
else
be
able
to
do
before.
K
Like
to
me,
over
from
Nick
stole
a
tee
regarding
similar
initiatives
or
similar
work,
I
believe
that
what
what's
related
to
that
could
be
the
work
we
see
in
the
w3c
within
the
decentralized
identity
working
group.
We
are
essentially
trying
to
do
pairwise
encryption
based
on
cryptography,
there's
a
little
bit
of
blockchain
for
public
discovery
of
private
private,
key
public
keys
and
and
and
revocation
as
well.
K
So
that
might
be
very
well
related
and
there's
there's
a
lot
going
on
in
that
space
there,
like
hundred
billions
of
startups
coming
out
of
the
area,
the
the
main
goal
of
that
infrastructure
is
to
get
rid
of
passwords
as
well,
and
also
to
do
something
where
you
don't
necessarily
reveal
all
the
attributes
that
you
have
to
some
entity
just
because
you
want
to
authenticate
for
something.
So,
but
it's
like
mobile
clients,
selfs
or
an
identity
and
decentralized
identifiers
is
the
keywords
Thanks.
A
Phil
can
I
give
you
a
leading
question
since
a
couple
of
people
have
mentioned
it.
You,
you
sort
of
made
this
statement
at
one
point
that
you're
getting
rid
of
passwords
you're,
not
actually
getting
rid
of
pasturage
right
you're,
making
it
easier
to
store
longer
passwords,
which
you
also
said
at
one
point
too.
So
it's
not
a
password
list
system.
That
is
a
password
storage
system.
Well,.
C
The
past
the
the
Orange
Box
is
a
password
system.
However,
in
order
to
prevail
in
order
to
access
that
password
vault
from
particular
device,
you
have
to
connect
it
to
the
mesh,
the
use
of
personal
mesh,
which
means
that
you've
already
provisioned
a
key
pair
set
for
that
account,
which
means
that
we
can
now
layer
in
whatever
keys,
are
required
by
web
authentication,
Fido
alliance,
whatever
technology
tries
to
replace
passwords.
C
So
it
is
not
just
a
password
management
system
is
a
password
management
system
which,
by
having
deployed
it
you
have
set,
you
have
met
the
hard
precondition,
the
stumbling
block
for
getting
away
from
them,
which
is
having
a
private
key
on
the
device
that
passwords
plus
got
it.
Yes,
so
it
is
so
now,
as
far
as
you
know,
I
would
be
overjoyed
to
do.
Iot
I
mean,
like
I,
would
really
like
to
do
that.
C
I've
got
no
objections
to
doing
different
scopes
or
whatever
the
reason
that
I
chose
password
was
purely
because
that
is
something
I
can
share
a
concrete
value
to
me
as
a
user
and
no
Eric.
No,
the
Firefox,
the
Mozilla
password
management
is
absolutely
useless
to
me
because
all
my
passwords
are
in
Chrome
every
one
of
them
and
I'm
not
going
to
use
Firefox
because
I
am
tied
to
Chrome,
because
that's
where
my
passwords
are
okay,.
A
C
I
Benkei
duck,
oh
sorry,
to
jump
in
and
in
front
of
David,
but
Phil.
Would
you
consider
it
a
friendly
amendment
if
I
said
that
this
is
not
necessarily
a
password
synchronization
protocol,
but
a
key
synchronization
protocol
and
we
just
considered
passwords
as
kind
of
a
really
lousy
type
of
key
yeah,
because
yeah
I
would
want
to
consume
this
to
synchronize,
like
you
know
my
SSH
private
keys
or
by
PGP
private
keys,
and
it's
just
as
easy
to
do
that
as
to
synchronize
the
passwords.
S
Personally,
I
don't
see
a
box
here
where
people
who
live
inside
the
box
are
interested
in
a
fix.
That
is
a
wide
solution,
so
another
way
of
phrasing.
That
is
for
a
lot
of
these
individual
problems.
People
have
come
up
with
a
special
case
solution
and
while
it
is
incredibly
attractive
to
have
a
unified
solution
for
many
things,
those
historically
fail
because
it's
really
hard
to
build
a
Swiss
Army
knife
with
72
different
knives
in
it,
wherein
all
you
want
is
scissors.
D
Eric
Riley
David
said
a
number
of
things
that
I
already
said,
namely
I
think
it
would
be
best
to
pick
a
single
orange
box
and
attempt
to
solve
it
and
that
would
and
a
place
to
start
with
that
is.
Is
there
a
consuming
community
which
ones
which
ones
that
want
that
box
soft
and
which
thinks
this
interactive
way
to
solve
it
on
to
go
back
briefly
to
the
password
manager?
Example:
I,
don't
know
the
specific
password
management
products
as
well
as
I
know
the
browser
products,
the
browser
products
typically
passwords.
D
Sync,
the
password
is
part
of
a
generalized
sync
system.
Where
there's
a
system
where,
basically,
you
can
have
arbitrary
crap
saying
between
the
sink
between
the
browser,
endpoints
on
and
passwords,
one
of
the
things
so
history's
an
example,
typically
bookmarks
that
kind
of
crap,
so
I
mean
I.
Think
there's
the
one
might
imagine
that
the
browsers
would
be
interested
in
having
a
standardized
protocol
for
doing
that.
I,
don't
know.
If
that's
true
one
might
imagine
this
true
I'm,
be
honest,
I'm,
not
sure,
we'd
be
ready
for
that.
I.
D
Don't
know
the
chrome
guys
but,
as
I
say,
I
think
that
the
vast
majority
of
that
work,
if
we
were
to
take
on
that
work,
would
not
entail.
This
cryptographic
issue
would
entail
actually
like
harmonizing
the
data
structures
and
handling
some
of
the
things
someone
allude
to
earlier,
which
is
conflicts
simply
and
and
multiple
undo
updates
from
different
points.
That's
like
all
the
complexity
like
like,
like
probably
like
85%
the
complexity
in
Firefox
things
there.
D
It's
not
in
on
the
crypto,
although
crypto
is
I'm
a
complicated,
so
I
guess
so
to
go
back
to
the
the
the
the
basic
point.
Let's
find
a
customer
for
this
that
excited
about
it
and
then
charter
of
the
work
on
that,
but
for
to
solve
the
problem
of
that
customer.
H
Michael
Richards
tonight,
I
echo
ecords
thoughts
and
some
of
the
complexity.
I
think
that
you
were
referring
to
may
actually
live
in
that
contact
box
rather
than
in
the
password
box,
and
so
that
may
be
just
something
to
think
about
one
of
the
other
things
that
that
browsers
have
a
bunch
of,
and
that
locks
me
to
the
specific
browser,
and
sometimes
the
specific
browser
in
the
specific
machine
when
I
would
like
to
do
have
it.
Nw
get,
is
a
whole
bunch
of
ooofff
tokens
and
other
things
like
this
that
are
supposed
to
be
replacing
passwords.
H
So
I
don't
have
a
good
container
to
put
them
in
that.
Isn't
a
browser
I
have
a
mail
system
that
now
has
a
mechanism.
It's
very
cool
and
I
know.
Thunderbird
does
the
same
thing
where
you
wind
up
with
an
OAuth
token,
and
you
somehow
store
it
somewhere
and
I'm,
not
actually
sure
it
gets
encrypted
intelligently
and
I
certainly
have
no
idea
how
to
move
it
from
one
place
to
another.
H
Okay,
so
those
are
not
passwords
exactly,
but
they
are
often
bearer
tokens
and
I
probably
need
to
keep
them
secret,
but
I
don't
always
know
when
I
need
to
keep
them
secret,
because
some
of
them
are
not
there
kokin.
Sometimes
there
are
other
things
attached
other
things,
so
that
may
represent
some
box.
That
is
is
outside
of
this
and
as
we
move
to
a
an
API
you
know
based
web
with
back
ends.
There
may
be
a
space
of
non
user
facing
things
that
would
like
a
way
to
do
that
kind
of
stuff.
H
A
Yeah
I
think
add
another
point.
Michael.
The
the
discussion
so
far
has
focused
I
think
way
too
much
on
web
browsers
and
I.
Think
it's
been
made
clear
that
web
browsers
aren't
interested
in
an
interoperable
protocol
today
to
do
synchronization
of
their
particular
pieces,
but
that
doesn't
invalidate
it
sounds
like
there's
other
people
that
are
interested
in.
Is
there
a
better
problem
space
to
do
synchronization
of
cryptographic,
material
of
some
kind
somebody
mentioned
PGP
I
would
love
to
hear
other
ideas
of.
L
Chris
would
Apple
speaking
as
an
operating
system.
We
would
not
be
interested
in
interrupt.
Imitations
of
this
sort
of
thing
would
not
would
not,
of
which
sort
of
thing
of
passwords
you
mean
of
anything.
We
have
iCloud
keychain,
which
does
this
sort
of
stuff
like
hacker
was
referring
to
earlier.
So.
A
And
a
Roman,
so
I
guess
the
the
next
steps
would
be.
Where
do
we
want
to
go
from
here
and
what
would
the
conclusions
be?
I
think
a
safe
conclusion
is
there's
a
fair
amount
of
resistance
from
the
password
point
of
view.
I
did
hear
people's
interest
in
some
of
the
other
technologies,
especially
dare
as
well
as
some
issues
some
interest
at
synchronization.
Although
the
problem
space
isn't
well
explored
at
the
moment,.
Q
You
know
check
out
a
pile
on
that.
The
other
thing
I
heard
is
we
didn't
dive
into
very
specifically
any
of
the
blue
boxes
individually
as
well.
I
mean
we
started
very
much
kind
of
from
the
orange,
which
is
how
I
opened
the
conversation,
which
way
are
we
driving
it
top
up
or
top
down?
We
heard
feedback
on
one
of
the
orange
boxes.
H
Michael
riches
and
UDF
provided
a
way
to
pass
certificates
by
reference
rather
than
value
in
constrained
protocols.
That
was
a
requirement
that
I
had
it.
Doesn't
it
fits
upwards
into
the
IOT
box,
but
not
so
obviously,
and
I
want
to
reiterate
the
IOT
configuration,
backup
and
restore,
is
I.
Think
a
real
problem
out
there
and
I.
I
H
The
consortiums
that
I'm
familiar
with
all
have
members
from
companies
who
have
people
in
this
room,
but
those
people
are
not
the
same
people
always,
but
the
companies
are
common.
So
does
that
that
doesn't
really
answer
your
question
except
to
say
that
I
think
that,
with
a
little
bit
of
I'm,
gonna,
say
marketing
that
we
may
be
able
to
pull
those
people
into
the
right
place,
or
at
least
those
companies
into
the
right
places.
A
All
right,
so
it's
interesting
where
we're
like
right
at
the
floating
level
of
almost
finding.
You
know
a
tractable
problem
and
definitely
some
that
people
aren't
just
interested
in.
But
people
are
interested
in
some
of
the
blue
and
not
entirely
the
red,
and
so
it's
a
it's
challenging
and
as
I
guess
last
comment
and
then
Roman
a
few
company.
T
So
yeah
Jonathan
Hamel,
so
there's
been
discussion
about
the
blue
boxes
and
my
question
on
technology.
This
this
meta,
cryptography.
The
key
splitting
combination
to
me
I,
don't
see
an
upgrade
path
to
quantum
resistant
algorithms,
because
it's
all
based
on
diffie-hellman
properties,
which,
with
current
proposals
for
a
quantum
system,
crypto
that
the
air
is
going
to
explode
and
you
have
to
reframe,
tries
and
things
like
that.
So
my
main
concern
is
that
by
the
time
this
is
deployed,
it's
not
couldn't
be
secure,
interesting.
C
Think
that
he's
going
to
be
one
day,
somebody
will
get
the
50
qubit
machine
working
and
the
next
they'll
build
the
machine
with
a
million
and
so
we're
it
I
think,
there's
a
lot
of
thee.
So
what
I've
thought
about
about
how
to
control
that
is
if
I
have
connected
together
all
of
Alice's
machines,
while
we
still
have
public
key
cryptography
and
I
can
use
that
to
authenticate.
I
can
then
use
that
to
build
in
quantum
resistant
algorithms
based
on
Kerberos
and
based
on
Lamport
hash
signatures
and
right
now.
C
U
Richard
burns
Francisco,
so
there's
a
question
raised
about
IOT
vendors.
One
of
my
roles
at
Cisco
is
to
work
on
a
few
things
that
look
like
IOT
of
recognizing
there's
a
spectrum
of
things
in
classes
of
things,
but
the
things
might
the
problems.
My
things
have
don't
really
map
that.
Well,
so
it's
of
this
techno
she
sets
so
I.
U
Don't
think
this
is
the
the
the
problems
were
solving
here
and
then
technology
suite
we're
talking
about
in
this
meeting
is
something
that
would
really
be
useful
to
the
stuff,
at
least
in
in
the
space
of
IOT
stuff
I've
been
working
on
I
also
like
to
second
the
concerns
about
post
quantum,
cryptography
I
think
we
have
I
think
my
concern
is
I'm,
not
quite
as
blase
as
fell
seems
to
me
about
the
possibilities
for
upon
computation,
I.
Think
it's
it's
worthwhile.
The
effort
the
industry
is
investing
in
and
being
prepared
for
that
technology.
A
V
D
I
mean
we
really
didn't,
have
much
discussion
unless
I
missed
it
of
the
merits
of
these
pieces
of
work
right
right,
so
I
think
I'm
I'm,
like
kind
of
like
sad
about
having
hums,
and
we
haven't
really
a
discussion
about
like
the
narrative,
the
pieces
of
work
as
standalone
work
items
I.
I
Mean
if,
if
the
answer
to
the
hum
is
people
don't
think
they
understand
what
it's
supposed
to
do
then,
like
your
shirt,
sales,
yeah,
okay,
actually
before
I,
do
any
hems
I
asked
her
show
hands?
Has
anybody
who's
read
the
UDF
document,
the
separate
draft,
it's
like
10,
ish
15,
maybe,
and
so
for
the
the
Dare
document,
who
is
read
the
Dare
document
similar
slightly
smaller
set
of
hands?
Maybe
five
to
ten
same
question
for
the
the
key
splitting
combination,
stuff
who's
read
the
document
for
that
about
the
same
five
to
ten.
S
Ben
may
I
ask
a
process
question
before
we.
Yes,
so
and
please
correct
me:
david's
canaussie,
google
chrome,
please
correct
me
if
I'm
wrong,
but
in
general
the
both
questions
come
like
for
a
problem
statement
as
a
whole
and
I
I'm
very
confused
by
the
idea
of
splitting
the
blue
boxes
out
into
individual
components,
because
I've
heard
a
problem
statement
for
the
entire
proposal
of
the
mathematical
mesh.
I
H
H
Or
maybe
what
you
should
ask
is:
do
you
think
we're
done
with
this
now
and
if
the
answer
is
not
you
ubiquitous
yes,
then
we
should
continue
if,
if,
if
the
group
is
hostile
and
opposed
to
all
of
this
at
this
point,
then
that's
enough
information
to
stop
at
this
point.
So.
A
So
so
let
me
rephrase
it
that
that
Phil
presented
a
number
of
technologies
that
might
be
useful
in
different
areas.
To
me,
what
I
would
like
to
know
is:
do
people
believe
that
there
are
problem
spaces
that
these
technologies
might
be
of
interest
to,
and
then
so
you
can
say
no
to
that,
and
so
on
that
becoming
negative
right.
A
But
but
the
initial
question
is:
is
there
did
people
can't
see
something
in
these
presentations
that
made
me
want
to
work
on
it
further
explore
it
further,
even
if
we
don't
have
all
the
information
you
know
to
date,
because
there's
a
lot
of
Technology
in
that
and
it's
hard
to
do
in
a
two-hour
buff.
So.
J
So
so
where's
Martin
Thompson
here
one
of
the
things
that
we
do
these
boss
for
is
to
work
out
whether
there's
a
constituency
of
people
that
are
interested
in
working
in
the
ITF
on
something
concrete
they're
going
to
build
something
that
depends
on
having
interoperability,
and
so
that
sounds
very
nice
and
I'm
sure
that
Phil
would
like
to
hear
that.
But
I
don't
think
that
that
has
any
bearing
on
a
decision
process
for
whether
we
have
above
again
or
whether
we
drop
this
or
anything
like
that.
I
think.
J
The
questions
that
we
need
to
be
looking
at
here
is:
is
there
something
that
we
can
do
concretely
in
the
ITF?
Is
there
a
problem
statement
we
can
work
on
that
requires
interoperability
between
people
who
intend
even
who
need
that
interoperability
and
I'm
phrasing.
The
question
that
way-
maybe
information
for
for
folks
who
would
be
interesting
in
pursuing
this
but
I,
don't
think
it
has
any
direct
bearing
on
the
outcome
of
a
session
like
this.
Q
Right
and
so
the
line
of
questioning
that
the
been
is
kind
of
started,
is
we
heard
in
terms
of
how
things
were
framed
in
orange?
We
didn't
find
we
didn't
find
a
hit.
What
we're
trying
to
ask
now,
if
that's
the
top
of
the
diagram,
we're
now
trying
to
fit
asking
kind
of
bottom-up.
So,
given
what
you've
heard
about
the
blue
again,
how
much
do
you
feel
like
you
understanding?
Should
we
talk
more
about
blue
because
we
still
haven't
hit
the
right
thing
with
the
orange?
Is
the
correct
use
kiss
that's
what
we
were
certain.
B
B
Well,
maybe
Apple
OS,
but
it
doesn't
get
into
conflict
with
the
chrome
and
the
Firefox
password
management
systems,
but
certainly
IOT
is
coming
and
being
able
to
manage
passwords
in
the
home,
and
maybe
it
ends
up
being
something
you
get
in
your
ISP
router
who
knows,
but
that
is
something
that
I
would
like
to
see.
Move
forward.
I
Q
H
F
You
know,
ten
people
have
read
it
I,
you
know,
I
I
can
see
the
value,
perhaps
in
another
bob,
depending
on
what
happens
between
now
and
March,
but
it
does
concern
me
that
you
know
we're
talking
about
progressing
stuff
with
people
and
interested
enough
to
read
the
documents
or
or
don't
have
the
time
to.
You
know
what
I
mean
there
doesn't
seem
to
be
have
been
so
far,
much
commitment
from
the
folks
in
the
room
and
that's
a
concern.
F
S
Yeah
yeah,
so
I
I
think.
Basically,
you
were
you're
trying
to
ask
these
questions
too
early
to
a
little
small
number
of
people
read
documents,
and
we
understand
too
little
of
this
and
then
it's
too
broad
area
for
us
to
like
fully
grasp
exactly
what
what
things
are
interesting
and
what
I,
what
are
not
I
think
this
overall
space
is,
or
continues
to
be,
very
interesting.
S
Obviously,
there's
gonna
be
specific
areas
where
there's
existing
solutions,
for
instance,
or
different
trade-offs,
and
those
guys
are
not
gonna,
be
interested
in
applying
anything
new,
but
there's
also
many
new
things.
Iot
was
mentioned
here
and
other
other
things
coming
up
in
the
future.
That
might
actually
benefit
from
something
like
this
and
I.
Think.
S
The
next
step
is
not
for
us
to
ask
too
many
questions,
but
for
Phil
and
others
to
work
on
more
specific
applications
of
this,
and
you
know
figure
out
if
there's
interest
in
you
know
in
the
IOT
community,
for
instance,
or
some
of
the
other
other
items
here
and
so
that's
you
know,
I
think
it's
more
of
a
you
know,
offline
work
than
an
ITF
meeting
thing,
and
then
you
know
maybe
they'll
find
something
and
come
back
next
time
and
propose
something
more
specific.
I
think
that
would
be
the
way
you
had.
Okay,.
Q
Make
it
brief
so
actually
I'm
sorry,
Gregor
I
mean
we
have
got
a
two
minutes,
so
we
want
to
pose
a
new
question
that
was
kind
of
suggested,
which
is
given
the
small
number
of
folks
that
have
read
the
document.
Let's
deal
based
on
what
you
have
heard,
would
you
be
interested
in
finding
out
more
and
reading
the
documents
do?
Okay,
could
we
get
a
hum
one?
Do
folks
understand
that
question?