►
From YouTube: IETF108 DTN 20200727 1100
Description
DTN session at IETF108
2020/07/27 1100
A
Unreadable
do
those
slides,
look?
Okay,
I'm
I'm
currently
sharing
just
page
one
of
the
the
slides
they.
A
A
D
Yeah,
I
should
be
able
to
say
something,
and
I'm
also
in
the
video
queue.
If
you
wanted
to
test
the
video.
A
A
A
Yeah,
in
which
case
I'm
going
to
kill
the
video,
because
nobody
needs
to
see
me
really,
but
I
am
here
so
shall
we
make
a
start
yeah?
Why
not?
Okay,
so
I've
got
to
work
out
how
to
do.
Hopefully,
I
can
move
these
slides.
A
Oh
no,
I'm
being
an
idiot,
I
need
to
actually
use
the
screen.
I'm
sharing.
Okay,
so
hello,
everybody
welcome
to
ietf
108
virtual
dtn
session,
so
I'll
just
kick
off
with
the
agenda.
This
is
just
some
links
to
what
we've
got
for
today's
meeting,
so
the
agenda
url
is
there
also
I've
included
the
participation
guide
for
those
who
are
struggling
with
meet
echo,
how
to
contribute,
etc,
etc.
A
There
is
a
reporting
issues
page,
and
hopefully
you
can
follow
that
link
and
someone
can
assist
you.
Meanwhile.
I
wish
this
would
actually
go
in
pages.
Here
is
the
note
well,
as
ever,
I'm
assuming
that
has
come
through
in
the
meat
echo?
Yes,
it
has
good
sorry
I'm
having
to
switch
between
tabs
as
I
work
out
what
I'm
doing.
A
This
has
not
changed
to
the
best
of
my
knowledge,
but
in
case
it
has,
I
do
suggest
you
read
it
it's
the
standard.
Itf
note
well,
the
short
executive
summary
is
this
is
a
public
meeting.
Anything
you
say
is
assumed
to
be
released
as
into
the
public,
so
be
very
careful.
If
you
are
discussing
ipr
that
you
wish
to
reserve,
I
don't
speak
because
you
are
disclosing
it.
A
I
am
not
a
lawyer.
I
thought
I
would
add
that
as
well
so
agenda.
The
agenda
doesn't
quite
add
up
to
our
full
time,
but
I've
split
it
into
three
sections
about
four
sections,
including
this
waffle
phase.
A
A
So
we
are
all
as
a
working
group
waiting
for
resolution
to
the
discuss
raised
by
a
couple
of
the
iasg
reviewers,
in
particular
benjamin
kaduk.
If
I've
pronounced
that
correctly-
and
I
know
the
authors
have
actually
worked
hard
to
try
and
address
a
lot
of
these
discusses,
there
have
been
up
reps
to
the
documents
and
one
thing
in
the
discussion
between
the
chairs
and
the
ad
was
given.
There
have
been
some
changes
that
may
or
may
not
be.
A
You
know
reasonably
impactful
to
the
document.
We
felt
it
was
relevant
to
gets
a
statement
from
each
of
the
primary
authors
of
each
of
these
documents.
Just
to
say
this
is
how
we've
addressed
the
discusses,
and
this
was
the
change
we
made
just
to
make
sure
that
we
have
working
group
consensus
on
the
changes.
A
A
But
really
this
is
a
case
for
the
working
group
just
to
check
that
they
are
happy
with
the
changes
that
the
authors
are
making
to
these
documents.
In
order
to
address
the
discusses
on
the
counter
side
of
that,
I
think
with
my
chair
hat
on,
I
need
to
poke
rad
magnus
and
say
I
know
you're
pursuing
the
iesg
reviewers
to
try
and
get
them
to
clear
their
discusses
or
do
another
pass.
Can
you
please
put
more
pressure
on
them?
We
need
to
get
some
of
these
addressed
they've
been
open
since
february.
A
B
Try
to
get
feedback
or
get
the
feedback
out
of
them.
I
mean,
I
think,
especially
it's
been
that's
been.
A
I
think
it
may
be
ben
as
well,
but
yeah,
it's
just
a
polite
request
and
we'll
pursue
this
after
itf-108
when
everyone,
hopefully
is
full
of
excitement
about
getting
all
the
ietf
stuff
they've
committed
to
doing
this
week
done
so
we
can
poke
benjamin
at
that
point
and
say
come
on
clear
it
address
it,
raise
some
more
comments
or
whatever
so
going
back
to
the
agenda.
Second
part
is
a
little
bit
of
new
business.
So
actually
do
I
haven't
just
written
these
slides.
A
A
A
A
Can
somebody
or
many
people,
and
why
is
it
saying,
offline
dtn?
Sorry,
I'm
staring
at
what
I'm
trying
to
do.
Can
somebody
please
have
a
go
at
trying
to
get
some
minutes
taken,
because
I
we
need
a
minute
taker,
so
volunteer,
please
or
just
open
the
kodi,
md
and
start
typing
and
final
point
is:
when
speaking,
can
you
please
remember
to
state
your
name
just
as
an
in-person
meeting,
because
there
is
an
audio
only
recording
being
made
of
this
and
not
everyone
is
familiar
with
everybody's
voice?
A
A
So,
as
I
said
before,
we're
the
original
three
documents
are
under
iesg
review,
we're
waiting
for
feedback
from
the
reviewers,
and
we
need
to
make
sure
there's
working
group
consensus
on
the
changes
and
the
following
point
from
that
is
the
bpsec
interrupt.
Interrupt
document
is
still
in
working
group.
Last
call
now
that's
partially
the
chair's
fault
for
not
either
resolving
the
working
group
last
call
consensus
or
not
clicking
the
button,
but
I
also
have
a
reservation
that
I
know
bp.
A
Sec
had
several
discusses
raised
against
it
about
interoperability,
and
I
just
want
to
make
sure
that
the
interoperability
document
hasn't
been
changed
or
doesn't
need
to
change
in
order
to
resolve
the
bp
sec.
Iesg
discusses,
I'm
sure
ed
bahrain
has
the
answer
to
that
and
if
the
answer,
depending
on
the
answer,
we'll
get
that
last
call
sorted
that
should
that
document
should
be
ready
as
far
as
I'm
aware-
and
it
may
simply
be
a
failing
of
the
chairs
to
have
pressed
the
correct
button.
A
C
Oh
okay,
so
ed
brain
apl.
I
have
a
slide
in
my
presentation
that
talks
about
the
interoperability
suites
and
we
did
do
an
update
to
it,
based
on
the
comments
coming
out
of
the
isg
review
and
we
think
that
it
matches
what
the
isg
review
was
asking
for.
But
we
would
like
the
working
group
to
take
a
look
at
it.
One
more
time.
A
Okay,
so
rick
again,
so
that
seems
to
align
with
my
statement
that
if
everyone's
happy
with
the
updates
that
ed
has
made,
we
should
probably
do
the
working
group
last
call
again
pretty
promptly
and
just
get
it
into
last
call
by
the
sound
of
it.
If
we
have
the
consensus,
do
you
agree.
A
Yet
I
think
so
I've
lost
it
again
doesn't
matter,
so
that
would
be
the
idea
we'll
keep
going.
Okay
next
slide,
I'm
talking
to
myself.
So
we've
also
got
some
new
documents
or
some
new
proposals
for
documents,
which
is
great.
A
A
This
is
designed
to
and
I'll
let
him
speak
in
more
depth,
but,
as
I
understand
it,
this
is
his
proposal
for
a
bit
of
boilerplate
to
ensure
that
further
security
context
documents
actually
do
capture
all
the
bits
and
pieces
that
bpsec
requires.
Following
on
from
that,
brian
sipos
has
got
a
cozy
security
context.
He
wishes
to
discuss,
which
sounds
great,
so
that
is
the
cozy
for
those
not
in
the
loop
is
the
seabor
security,
encapsulation
recommendations
and
I'm
sure
brian
will
get
into
more
detail
and
also
and
I'll.
A
Let
him
cover
what
the
the
I'm
not
100
sure
what
acme
stands
for,
but
again
brian
is
going
to
talk
about
node
id
validation
to
do
with.
I
think
it's
tns
and
x509,
but
I
wish
to
be
corrected
and
as
a
follow-on
piece
brian
also
has
some
has
a
proposal
to
do
with
dtn
neighbor
discovery,
so
that's
being
slotted
in
at
the
end
of
the
agenda
as
usual.
A
A
The
new
stuff
is
useful
and
I've
sort
of
prioritized
them
if
we
run
out
of
time
to
the
neighbor
discovery
proposal,
I'm
very
sorry,
brian
we'll
have
to
move
it
forwards,
but
I
think
we
have
time
for
it
and
we're
going
to
try
and
leave
some
time
at
the
end
for
an
open
mic.
If
anyone
else
wants
to
raise
anything
else,
so
I
realize
I've
been
waffling
for
a
bit.
Does
anyone
wish
to
bash
that
agenda?
A
Well,
I
have
a
comment
in
the
chat:
no
that
wasn't
agreed
from
it.
No
I'm
taking
that
as
a
no
to
the
agenda
bash,
so
I
will
now
so
scott.
You
have
two
options.
You
can
either
share
your
screen
or
I
can
show
your
slides
and
try
and
do
the
next.
I
would
prefer
you
to
share.
A
D
Okay,
I
I
have
my
I've
not
practiced
doing
that.
D
E
D
D
D
D
Weirdly
when,
when
I
look
at
it
in
the
little
monitor
of
I
saw
it
just
a
moment
ago,
it
flashed
away
okay,
let
me
try
share
your
skin.
Try
application
window.
A
B
D
Okay,
it
takes
several
mystical
incantations,
but
it
can
be
done
all
right
now.
If
I
do
this,
is
that
better
or
worse.
D
I've
got,
I
think,
11
slides
here.
The
summary
is
this:
that
the
bps
specification
has
been
reviews
reviewed,
there's
been
a
lot
of
email
exchange
with
the
area
directors
on
discusses
and
comments.
There's
a
draft
that
was
posted
a
few
months
ago
draft
run
five
that
I
think,
reflects
the
points
of
agreement.
D
There
are
a
couple
of
small
additional
revisions
that
ayan
has
asked
for,
and
one
revision
proposed
by
magnus
that
I
was
not
able
to
post
in
in
bpb
abyss
26,
because
the
blackout
period
had
started.
That
draft
is
ready
to
go.
I
can
post
it
as
soon
as
the
blackout
period
ends.
D
There
are
several
slides
several
issues
remaining
that
I
think
require
consensus
decision
by
the
d10
working
group.
I
think
all
of
the
other
issues
have
been
discussed
on
the
mailing
list
and
I
don't
propose
to
review
all
of
them
because
they,
they
all
seemed
to
me
to
be
things
that
were
that
did
not
require
working
group
revision.
They
were
editorial
in
nature.
The
ones
that
I
think
are
technical
in
nature
are
these,
and
so
we
can
review
them
and
if
we
can
reach
consensus
in
real
time,
that's
great.
D
The
first
one
is
the
one
that
magnus
commented
on
kind
of
extensively
in
one
of
the
recent
emails,
which
is
about
the
registration
policy
for
the
bundle
and
block
processing
control
flags,
whether
that
the
registration
policy
should
be
standards,
action
or
or
was
it,
be
changed
back
to
being
standards,
action
or
not?
The
blue
text
here
this
is
the
convention.
I'm
following
in
these
slides.
D
The
blue
text
is
the
the
area
director's
words,
and
the
response
here
is:
this
is
taken
from
magnus's
email
and
I
am
you
know,
content
either
way.
We
can
talk
about
this
now
or
revisit
it
on
email
rick,
which
would
you
like
to
do.
I've
got
like
eight
of
these.
A
So
my
thought
is
that
I'd
like
a
very
if
somebody
wants
to
get
to
the
mic
line
now
and
make
a
comment,
I
would
be
very
happy
to
hear
it.
I
have
a
mild
concern
that
the
working
group
list
is
quiet
and
that
the
clock
is
ticking
and
we're
taking
a
lot
of
time
to
reach
some
consensus.
So
I'm
much,
I
think
we
have
the
active
participants
here
now.
Well
done
everyone
who's
in
horrible
time
zones
for
this
meeting,
and
I'm
I'm
really
interested
if
anyone
has
a
strong
opinion.
A
D
That
that
sounds
great
to
me
on
on
most
of
these,
I
personally
have
no
opinion
one
way
or
the
other.
I
I
think
on
this
one.
You
know
either
either
of
the
options
looks
fine
to
me
either
go
ahead
and
tighten
as
was
proposed
in
the
in
the
discuss
or
or.
A
So,
in
which
case
I'm
going
to
jump
in
and
say
magnus,
this
was
your
comment:
what
are
you
trying
to?
Can
you
very
briefly
summarize
what
you're
making
the
comments
you're
making
here.
A
But
yeah
okay,
so
my
understanding
of
I
think
it
was
ietf
106
where
we
went
over
this
is
the
consensus
in
the
room
was
number
two,
so
we
go
to
specification
required.
A
We
had
a
long
email
conversation
on
the
mailing
list
where
the
irtf,
I
can't
remember
his
exact
position,
but
then
he
was
the
irtf
ad
equivalent
was
quite
happy
to
yield
control
of
the
iona
registration
for
specification
required.
So
I
I
don't
think
this
is
a
an
issue
and
I
I
think
we
should
take
this
one
to
the
list
just
and
say
I'll,
make
a
note
to
ask
on
the
list
that
I
point
to,
I
think,
is
where
we
were
with
consensus.
Does
anyone
have
any
objection
on
this?
A
I'm
just
watching
this
list,
yeah!
No,
no
side
chat
going
on
go
on
to
the
next
slide.
D
Okay,
it's
good
yeah.
This
is
a
discuss
from
alex's
review
and
this
is,
I
don't
have
any
response
here.
This
is
just
a
is
the
tcp
convergence
layer
protocol,
tcpcl
version
4
mandatory
to
implement
for
vbp
node
and,
of
course
we
can
say
it's
mandatory
to
implement
in
the
specification
that
in
itself
doesn't
cause
anything
to
happen,
but
we
can
say
that
it's
that
it's
required
and
make
sure
that
people
know
about
it.
A
Okay,
so
me
with
my
chair
hat
on,
I
thought
the
point
was
the
point
of
having
a
layered
model
where
a
convergence
layer
was
part
of
a
lower
layer
protocol
was
that
tcpcl
was
a
canonical
example
and
a
preferred
interoperability,
testing
convergence
layer,
but
wasn't
mandatory
to
implement
for
every
bp
node.
D
I
I
think
there
there
was
an
argument
that
it
needed
to
be
mandatory
to
implement
because
bpa
itself
has
no
congestion
control
and
this
would
provide
congestion
control.
D
I
I
think,
that's
a
valid
argument,
particularly
if
you're
running
bp
over
the
internet,
if
you're
not
running
vp
over
the
internet
and
in
fact
you
will
not
be
running
over
the
internet
much
of
the
time,
because
it's
running
on
space
protocols,
then
then
it
seems
a
little
draconian
to
require
the
tcp
convergence
layer
protocol
be
a
part
of
the
implementation
of
a
bp
node.
That
is
that,
is,
you
know,
running
on
a
spacecraft
on
its
way
to
jupiter.
D
B
Yeah,
yes,
I
think
it's,
you
can
definitely
preface
it
with
saying
it's
must
if
it's
on
a
internet
protocol
or
something
like
that,
that's
either
of
the
versions
and
and
make
that
thing
that
at
least
have
a
starting
point
for
controlled
convergence
layer.
But
that's,
I
think,
that's
nothing
stronger
than
that
then,
and
I
mean
alex
this-
is
that's
just
not
binding.
I
think
he
was.
B
D
A
A
A
Sorry
go
ahead.
Scott
will
well.
G
Okay,
so
I
have
had
to
run
over
one-way
links,
and
that
did
not
permit
me
to
use
tcp.
What
about
folks
who
have
that
situation.
D
I,
I
think,
that's
an
excellent
point.
I
think
here
the
the
I
think
the
the
objection
that
would
be
raised
would
be
okay
in
that
case,
what
do
you
do
to
to
initiate
retransmission
of
lost
data,
and
I
I
think
the
answer
is
that
we
do
that
with
various
convergence
layer
mechanisms
and-
and
one
of
those
that
that
has
that
will
be
standardized
is
tcp
but
others
are
possible,
and
I
think
that
would
be
a
good
resolution
to
this,
but
I
leave
it
to
the
working
group.
A
Okay,
brian
go
ahead.
D
Okay,
shall
we
move
on.
A
B
Well,
I
was
just
we're
gonna
say
that
I
mean,
I
think,
reasonable
text
for
scoping
the
interoperability
requirement,
and
I
think
that's
I
mean
we
know
that
tsb,
conversely,
is
both
the
blueprint
and,
in
certain
cases
it's
a
very
good
fallback
basics
for
as
long
as
you
can
fulfill
it,
and
that
sounds
like
what
you're
going
here
with.
So
I'm
happy.
D
I
I
will,
I
will
craft
some
text,
I'll
put
it
in
the
next
draft
next
edition
of
the
internet
draft
and
and
we
can
iterate
on
it.
I
I
I
think
I
get
the
sense
of
what
we've
been
saying
and
if,
if
that's
captured
in
the
notes,
then
I'll
just
work
in
the
notes.
A
Brilliant.
Thank
you
if
anyone
feels
strongly
about
it
strongly
worded.
Email
to
the
mailing
list
is
the
next
step,
for
this
point,
carry
on
scarf.
D
Okay,
this
is
a
a
general
question.
What
do
we
do
about
storms
of
status
reports,
which
is
a
thing
people
have
been
concerned
about
for
a
long
time
and
in
particular?
What
is
proposed
here
is
that
we
implement
a
mechanism
that
that
smoothly
enables
a
node
to
discard
a
bundle.
D
That
seems
to
be
a
possibly
damaging
bundle
and
do
it
in
a
way
that
is
conforming
to
the
rest
of
the
specification
and
what
that
would
be
is
overriding
the
bundle
lifetime
so
that
the
bundle
simply
expires
and
goes
away
in
the
in
the
normal
and
well-documented
fashion.
That
seems
to
me
to
be
a
a
relatively
unobtrusive
and
straightforward
way
to
deal
with
bundles
that
that
need
to
be
removed
from
the
system.
D
For
a
number
of
reasons,
one
would
be
it's
that
there's
a
storm
of
status
reports.
Another
would
be
that
the
node
that
has
the
bundle
simply
is
running
out
of
buffer
space
and
needs
to
do
some
triage
to
get
rid
of
bundles
that
already
exist
and
can't
do
it,
because
the
bundle
lifetimes
are
too
long.
I
I
I
think
it's
of
course,
like
anything
else,
it's
it's!
D
It's
power
that
would
need
to
be
used
judiciously,
but
I
I
think,
providing
that
the
authorization
to
to
wield
that
sort
of
power
in
a
node
doing
so
formally
is
is
better
than
letting
people
make
that
sort
of
thing
up
on
their
own
surreptitiously.
So
I'm
I
I
like
this
way
of
going
forward.
I
think
we
it's
it's
it's
a
significant
technical
thing
that
requires
the
agreement
of
the
working
group.
I
think.
D
I
I
would
say
very
slightly
differently,
rather
than
I
would
say,
rather
than
ignore
the
requested
on
the
lifetime
revise
the
requested
bundle
lifetime
to
a
different
number
so
that
the
normal
lifetime,
expiration
and
and
and
processing
there
upon
is
what
happens
so
that
we
don't
things,
don't
disappear
without
any
traceability
at
all.
D
And
that's
that's
why
I
say
in
the
text
here
I
say
override
and
it's
better
a
better
way
of
saying
it
than
revised.
I
definitely
would
not
propose
to
change
the
lifetime
in
the
bundle
in
the
primary
block.
I
would
okay,
I
would
propose
only
to
say
that.
Oh
I
I
know
that
the
request
about
the
lifetime
is
so-and-so,
but,
as
I
process
it
here
on
my
node,
that
lifetime
is
going
to
be
this
okay,
yeah.
A
C
Ahead
so
edvarine
apl.
The
the
question
I
have
is,
if
you
remove
the
bundle
for
this
reason
internal
to
the
bpa,
is
there
a
new
reason
code
that
you
would
want
to
define
to
capture
that
condition.
D
There
actually
is
a
new
recent
code
documented
in
the
list
of
I
forget
status,
report,
reason
codes
or
something
called.
I
think
it's.
D
Bundle
of
I
don't
know
excise
or
something
it's
bundle
surplus.
Something
like
that.
I
can't
remember
what
the
text
is:
okay,
but
actually,
but
let
me
restate,
though,
if
we
did
it
this
way,
the
reason
for
deletion
of
the
bundle
would
be
lifetime
expired,
which
is
already
documented,
and
that
in
fact
might
make
that
that
additional
contraindication
reason
code
unnecessary.
D
Okay,
so
we
can
set
the
text
up
such
that,
if
the
if
the
lifetime
expiration
is
due
to
expiration
of
a
an
overriding
lifetime,
then
the
reason
code
will
be
that
other
recent
code,
rather
than
lifetime
expired
happy.
A
D
One,
the
bpsec
extensions
we
we,
this
is
benjamin's,
discuss,
we've
been
over
a
couple
of
times.
Under
what
circumstances
is
bp
sec,
mandatory,
implement
and
magnus
had
an
assessment
for
this
one
saying
that
the
perfect
protective
profile
protection
profile
needs
to
be
normative
reference,
and
we
also
don't
have
automatic
key
exchange.
A
F
A
A
I
believe,
as
on
the
second
point,
from
magnus's
assessment
again
with
my
chair
hat
on,
I
don't
believe
automatic
end-to-end
key
exchange
fits
with
the
model
of
dtn.
I
think
we're
happy
to
put
it
on
the
working
group's
to-do
list.
It
might
require
recharging
and
that's
a
discussion
between
the
chairs
and
the
ad
etc,
longer
term
so
and
given
we
did
the
early
sec
ad,
the
early
sec
review
and
they
were
happy
with
it
at
the
time.
I
don't
think
we
should
open
the
can
of
worms
about
automatic
key
exchange.
D
I
think
that's
fine.
We,
we
have
talked
about
key
exchange
protocols
in
a
couple
of
earlier
meetings,
yeah.
I
think
one
of
the
things
that
were
proposed
for
the
charter
changes.
A
B
Yes,
no,
but
it's
I
I
mean
my
assessment
here
is
only
saying
that
this
is.
There
is
an
rfc
in
igf
that
says
that
for
modern
new
security
solutions,
etc,
automatic
heat
change
is
required,
and
I'm
just
saying
that
to
my
understanding,
the
securities
is
not
going
to
be
stick
on
that
requirement
towards
you
at
this
point
in
time
and
and
that
with
expectation
that
the
working
group
will
eventually
get
around
to
providing
a
solution
for
this
in
the
future.
A
Absolutely
and
yeah,
I
I
take
your
point
and
I
would
I
would
like
to
suggest
back
to
you
and
also
to
the
sec
guys
that
this
is
a
tough
problem
in
dtn
and
we
can't
just
say
I'll.
Just
do
a
key
exchange
it'll
be
fine,
because
we
don't
actually
know
how
to
move
the
keys.
We
have
some
interesting
work,
but
we'd
like
to
do
it
properly.
That's
anyway.
Let's
move
on.
D
Okay,
next,
this
is
a
discuss
two
from
benjamin.
How
do
we
tell
whether
an
endpoint
is
singleton
or
not?
In
the
ipm
scheme,
we've
revised
the
definition
of
the
ipn
scheme
to
say
that
all
the
ipn
scheme
endpoints
are
singleton.
We
have
don't
say
that
about
the
d10
scheme.
Endpoints,
do
we
need
some
definition
of
the
syntax
and
semantics
of
the
dtn
scheme?
That
indicates
whether
or
not
the
an
endpoint
is
a
singleton.
A
D
I
I
I
can
propose
a
mechanism
for
this
and
and
and
put
it
in
the
next
draft
and
have
that
be
part
of
the
discussion.
A
Yes,
I'm
happy
for
you
to
do
that.
Can
you
raise
it
as
a
when
you
have
put
some
proposed
text
together?
Can
I
ask
you
raise
that
as
a
as
a
question
on
the
list
to
say
this
bit
of
text
specifically,
I
have
put
in
because
I
think
it
addresses
this
just
to
kick
off
that
discussion.
To
give
us
a
focused
thread
for
that
discussion
is
that
okay,
scott
yep.
D
Okay,
number:
six:
this
should
be
easy.
Can
we
right
now
the
the
spec
says
there
are
up
to
256
scheme
types
that
are
for
which
we
have
codes
for
for
bp?
Is
there
any
reason
to
limit
that,
and
I
think
the
answer
is
no
real
good
reason
to
limit
it,
and-
and
we
can
just
say
that
everything
above
255
is-
is
open
for
private
usage
as
magnus.
A
Proposes
rick
again
I
put
a
proposal
back
on
the
list
about
this,
but
I'll
raise
it
in
person.
I
would
go
for
a
number
higher
than
255,
my
concern
being
that
with
sibor.
You
have
an
infinite
number
space
effectively.
A
A
Uri
uri
scheme
codes
that
proliferate
and
become
de
facto
standards,
just
because
a
major
manufacturer
has
started
shipping,
their
own
special
scheme
and
it
never
gets
standardized
within
the
itf.
So
my
argument
would
be
is
if
you
could
force
the
numbers
to
start
at
three
biting
coding
in
cbor,
so
there
is
actually
a
penalty
for
using
the
private
experimental
space
and
that
we
sort
of
nudge
people
towards
saying
hey,
bring
it
to
the
ietf.
Get
it
standardized,
get
it
peer
reviewed
would
be
better.
That
would
be
my
suggestion.
D
Oh
okay,
so
up
until
say
I
don't
know
64
000
or
something
those
will
be
not
available
for
private
use,
but
above
that
they
are.
A
D
So
we
just
keep
that
in
the
note
and
I'll
I'll
mark
that
into
the
spec
and
see
if
there's
any
objection.
That
sounds
great.
Let's
go
forward,
okay,
we're
close
to
the
end.
The
last
two
are
just
comments
that
we're
not
discussing.
One
of
benjamin's
comments
was:
what's
the
the
the?
Why
is
bundle
age
in
microseconds
when,
when
bundled
lifetime
is
in
seconds,
they
should
be
in
the
same
denomination?
D
I
think
that's
right
and
in
fact
I've
had
people
in
nasa
say:
oh,
you
know
for
some
tracing
we're
like
we're
doing.
We
would
like
the
the
time
tags
for
status
reports
to
be
in
milliseconds,
so
I
I
my
preference,
I
guess
would
be
that
all
of
these
time,
magnitudes
be
expressed
in
the
same
units
seconds
milliseconds,
microseconds
nanoseconds,
my
preference
is
for
seconds
actually,
but
I
think
milliseconds
is
is
not
too
bad.
D
I'd
like
to
have
it
not
be
any
more
precise
than
that,
because
the
a
lot
of
the
clocks,
we're
looking
at
the
milliseconds,
are
nonsense
anyway,
and-
and
it
takes
up
a
lot
of
space
to
you
know.
Why
transmit
all
that?
However,
what's
the
working.
H
H
A
G
E
A
Thanks
brian
I'm
rick
speaking
personally,
I'm
for
seconds
as
well.
If
you
want
to
do
timing
of
the
processing
of
the
pipeline
within
your
bundle
processing
agent
itself,
that's
fine
go!
Do
nanosecond
timing,
that's
fine!
But
yeah!
I'm
I'm
in
a
rough
agreement
with
everyone
else.
It's
seconds
we're
delay,
tolerant
if
you're
in
milliseconds
micros,
if
you're
in
microseconds,
you
may
as
well
push
ip
packets.
D
Okay,
so
are
we
sort
of
generally
agreed
that
we'll
stick
with
seconds
in
all
cases,
bundle
age,
lifetime
status
report
times
all
the
times
denominated
in
seconds?
I'm
I'm
content
with
that.
I
just
want
to
you.
A
So
ronald,
are
you
suggesting
that
in
a
disrupted
network,
when
you
have
connectivity,
it
can
be
very
fast
and
therefore
a
higher
resolution
timer
is
useful
or
that
that's
correct.
That
makes
sense.
So
you
is
this
a
counter
proposal,
or
should
we,
if
ronald,
doesn't
jump
to
the
mic
there
we
go
go
ahead,
run.
F
A
D
Okay,
what
what
I,
what
I
will
do
is
in
the
next
edition.
I
will
make
all
of
the
denominations
the
same.
I
will
I
will
guess
tentatively
that
we're
going
to
end
up
with
everything
being
in
milliseconds,
because
I
think
that
there
is
some
some
value
in
being
able
to
attract
that
level
of
of
precision,
and
we
can
go
back
to
seconds
if,
if
there's
consensus,
to
do
that.
A
D
Okay,
sure
thanks
absolutely
last
one
are:
are
the
previous
node
bundle
age
and
hop
count
extensions
mandatory
to
implement
at
the
moment
I
think
they're?
We
don't
say
that
that
support
these
is
mandatory
in
any
protocol
agent,
but
but
benjamin's
perception
is
that
they
feel
like
key
components
of
the
protocol.
A
Okay,
rick
speaking
personally
again,
this
is
where
I
ask
questions
about
the
meaning
of
an
extension.
A
So
if
it's
an
extension
to
me
as
a
native
english
speaker,
that
implies
it's
optional,
because
if
it
wasn't
an
extension,
it
would
just
be
in
the
mandatory
primary
block.
D
There's
a
there's
a
description
here
in
that
the
the
primary
block
is
immutable.
These
other
things
are
are
mutable
over
time
and
they
they
might
be
mandatory
and
yet
mutable
right.
These
are
different
dimensions.
B
D
And
I
would
say
that
the
protocol
definitely
can
work
without
these
extensions
is
that
true,
previous
node,
I'm
not,
you
might
not
actually
be
able
to
make
the
protocol
work
without
previous
node.
You
can
make
the
previo
the
protocol
work
without
bumblation
outcome.
B
A
F
A
Your
point
magnus
this
is
this
is
a
now
I
understand
what
we're
talking
about.
This
is
a
this
needs
to
be
discussed.
D
B
A
Okay
noted
I
I
think
that
might
be
an
action
for
the
chairs
as
well
to
I'll
put
something
in
my
calendar
so
once
a
week
I'll,
send
him
an
email
to
say
how
are
you
doing
anyway?
Jumping
back
to
me,
I
will
grab
the
screen.
I
want
to
share
my
screen
back
to
the
agenda.
So
next
up.
Can
you
see
that
I
know
because
I'm
not
sharing
it,
how
do
I
sh
share?
A
Yes,
I
wish
to
share
my
screen.
I
seem
to
be
unable
to
share
my
screen
anyway,
doesn't
matter.
Thank
you
very
much,
scott.
I'm
going
to
bin
you
out
from
the
presentation
at
the
moment.
Next
we
have
ed
on
your
bp
sec
updates.
So
ed,
would
you
attempt
to
you
should
be
able
to
take
control?
Does
that
seem
to
be
working
for
you,
ed.
C
Okay,
so
I
will
at
bahrain
apl.
I
wanted
to
give
a
brief
update
on
the
the
current
status
of
bp
sec.
The
summary
link
points
to
where
we
are
in
terms
of
iesg
reviews.
Generally
speaking,
we
had
one.
Yes,
several,
no
objections
and
we
did
have
a
few
discusses.
I
I'm
not
going
to
go
through
each
discuss
and
each
comment
because
I
think,
at
the
end
of
the
day
there
were
something
like
10
or
11,
discusses
and
maybe
80
comments.
C
Many
of
the
comments
were
associated
with
the
security
area
director
and
all
of
them,
I
believe,
were
addressed
in
in
versions
of
the
document,
so
we
went
from
bpsac
version
18
to
bpsec
version
22..
C
So
what
I
wanted
to
walk
through
was
a
series
of
questions
that
came
out
of
that,
and
I
believe
these
are
the
ones
that
are
open,
and
many
of
these
are
are
right,
I
believe,
relatively
straightforward.
C
So
the
the
first
question-
and-
and
this
is
a
little
bit
overlapping
with
some
of
the
things
scott
had
mentioned-
is
should
much
like
there's
a
question,
though,
should
bp
sec
be
mandatory
to
implement
for
bp?
C
Another
question
along
that
line
is:
should
there
be
one
security
context
that
is
mandatory
to
implement
for
all
bpsac
implementations,
we
defined
a
interoperability
security
context
and
we
put
text
in
the
document
in
section
9.1,
which
talked
about
the
idea
that
networks
should
themselves
mandate,
which
security
context
are
needed
for
that
network
and
that
if
there
wasn't
one,
a
default
could
be
the
interoperability
context,
but
otherwise
it
allows
different
nodes
and
deployments
to
pick
different
security
contexts
given
their
context.
C
C
And-
and
my
recommendation
is
at
the
bottom-
which
is
I
I
don't-
I
don't
recommend
that,
but
it's
up
to
the
working
group.
A
Okay,
sorry
about
that,
I
was
reloading
because
I
lost
all
video
rick
here
ed
unconscious
of
time.
Can
you
raise
that
question
as
a
single
topic
on
the
mailing
list,
including
your
recommendation,
because
I
think
this
needs
to
be
discussed
much
like
the
other
one.
C
Question
number
two,
which
also,
I
think
scott
had
mentioned
related
to
key
exchange.
Can
we
standardize
bp
sec
absent
a
key
exchange
protocol
in
in
the
document?
In
section
six,
we
talk
about
the
fact
that
there
are
lots
of
ways
of
doing
key
management
and
key
establishment.
C
Many
of
them
are
based
on
the
capabilities
and
the
operating
conditions
of
the
underlying
network.
I
I
don't
think
that
bp
sec
as
a
specification,
should
be
specifying
or
mandating
a
specific
key
management.
Protocol.
Bpsec
is
a
container
for
carrying
cryptographic
material
and
that's
it.
So
I
don't
think
that
there
should
be
any
change
here,
but
I
wanted
to
bring
that
to
the
working
group.
C
C
I
believe
we
address
that
in
the
comments
which
is
that
it
you
can
run
into
difficulties
associated
with
now
I
have
multiple
signatures
on
a
target
which
one
do
I
believe,
and
that
certainly
pushes
a
complexity
into
individual
nodes
to
say,
if
I
have
many
signatures,
and
is
it
one
that
needs
to
pass,
is
it
three
or
four
it
is?
It
is
complicated
and-
and
we
think
that
the
existing
bibs
and
bcbs
and
bpsec
don't
need
to
be
updated.
For
this
case.
A
Okay,
so
rick
again
personal
question:
can
you
see
it
being
feasible
that
in
the
future,
someone
could
produce
an
extension
that
does
manage
this
within
the
framework
of
bpsec.
C
I
I
I
do,
and
I
do
in
in
in
two
ways.
Certainly
one
is
to
define
a
security
context
which
allows
multiple
results
that
even
could
be
added
along
the
way
if
that
was
a
desired
behavior,
but
the
other
is
and
there's
another
slide
on
this.
Coming
up
that
you,
you
can
define
additional
security
blocks.
Bpsec
provides
the
the
conditions
under
which
that
is
possible.
The
bib
and
the
bcb
are
really
meant
to
be
a
a
one-to-one
mapping
for
these
individual
cases.
C
If
somebody
wanted
to
do
something
additional
where
there
is
a
many-to-many
mapping,
I
I
think
that
someone
should
define
that
as
a
separate
block
with
separate
processing
rules,
instead
of
trying
to
capture
two
very
different
behaviors
in
a
single
security
block.
A
Okay,
understood
so
yeah
that
answers
my
question
it's
possible,
but
it
needs
to
exist
externally.
From
I
mean
it
can
it
can
inherit
some
of
the
behaviors
and
commonality
with
with
bpsec
as
it
stands,
and
it's
not
excluded,
but
it
can
be
done
separately.
Okay,
I
I'm
happy
with
that
question
to
the
floor.
A
C
Okay,
the
the
next
question
that
came
up.
This
was
a
comment
as
well
from
the
security
area
director,
which
was:
do
you
consider
a
security
encryption
over
multiple
blocks?
So
would
you
define
an
integrity
block
that
has
a
signal,
a
single
signature
that
is
calculated
over
two
three
or
four
extension
blocks
or
over
the
entire
bundle
itself?
A
Okay,
so
this
is
this
is
in
some
ways
similar,
sorry
rick
again,
some
way
similar
to
the
previous
answer,
which
is,
we
are
bpsec
talks
about
one-to-one
integrity
and
signature
one-to-one
blocks.
It
occurs
to
me
that
the
bundle
and
bundle
encapsulation
is
again
another
way
of
adding
integrity
across
an
entire
payload.
C
I
agreed
and
stuart
just
put
together
or
added
a
a
comment
which
said:
please
make
sure
that
we
do
not
preclude
multiple
signatures
and
just
to
speak
to
that
for
a
moment
on
question
number
three,
the
the
issue
is
right.
Now
the
bp
sec
says
that
the
same
security
operation
cannot
be
done
more
than
once
in
a
bundle.
I
think
that's.
C
The
sticking
point
is
to
not
have
two
three
or
four
bibs
that
are
independent
added
by
different
nodes,
that
target
the
same
security
target,
and-
and
so
you
know
that
right
now
is
not
allowed
in
bpsac,
and
the
question
is:
is
that
something
that
we
do
want
to
allow
in
bpsac?
But
I
can
add
that
when
I
post
the
question
to
the
mailing
list,
I.
A
Suggest
you
take
that
to
the
mailing
list
and
we
can
have
a
deep
discussion
over
impact
on
complexity
of
implementation
as
part
of
there's
always
a
balancing
act
between,
particularly
when
it
comes
to
security
technology,
which
is
hard
to
get
right.
The
balancing
act
between
complexity
of
implementation
and
whether
people
actually
bother
to
do
it
so
features
versus
complexity.
C
I'll
completely
agree,
the
the
fifth
question
is:
where
should
we
put
bundle
protocol
reason
codes?
One
thing
that
came
out
of
our
analysis
was:
if
you
choose
to
remove
a
bundle
from
the
network
based
on
a
security
related
reason,
then
you
may
want
to
add
security
related
reason,
codes
and
a
question
that
came
up
is:
where
is
the
right
place
to
represent
those
security
related
reason
codes?
C
C
It
had
more
security
than
was
expected
or
it
had
a
security
service
that
failed,
such
as
failed
integrity
or
it
had
conflicting
services
where
the
security
blocks
in
a
bundle
violated
bpsac
rules.
Alternatively,
it
could
go
into
a
security
context,
template
that
defines
the
reasons
that
should
be
adopted
by
all
security
contacts.
D
I
just
wanted
to
strongly
advocate
that
that
these
new
reason
codes
wherever
they
do
end
up,
not
be
things
you
would
put
into
the
bp
bis
the
the
the
main
funnel
protocol
specification,
where
there's
no
way
we're
going
to
be
able
to
anticipate
all
of
these,
my
preference
would
be
to
add
them
in
the
documents
for
the
security
contexts
that
that
caused
those
reason
codes
to
be
raised,
but
I'm
I'm
I'm.
I
don't
feel
strongly
about
that.
A
Good
point
so,
rick
speaking
personally,
I
agree
with
scott
that
the
if
there
are
a
bunch
of
a
set
of
generic
security
related
reason
codes
that
apply
no
matter
what
the
security
context,
then
I
think
they
should
be
defined
in
bp
sec,
so
that
might
be
generic
security
failures
such
as
you
have
here,
a
missing
security
service.
One
is
required,
but
is
not
there,
etc,
etc.
A
I
think
specific
security
context
related
reason.
Codes
should
probably
go
in
the
security
context,
defining
document,
and
I
think
this
actually
comes
all
the
way
back
to
the
iana
reason
code
registry
discussion.
That
applies
to
bpbis.
So
once
we
get
that
squared
away
properly
so
expert
review,
then
these
can
all
just
start
allocating
off
each
other
and
iona
should
be
able
to
pick
this
up
during
or
48
or
at
whatever
point
in
this.
They
actually
put
these
things
together.
A
Okay,
okay,
scott
sorry
did
scott.
Did
you
have
a
comment?
No
I've,
just
not
muted!
You,
okay,
go
on
it.
C
And
then
we're
almost
to
the
end
question
number
six
there
there
was
a
question
as
to
whether
security
context
parameters
should
be
encoded
as
a
seabor
map.
Instead
of
an
array.
The
the
the
discussion
is
here
on
the
on
the
slide.
My
recommendation
is
even
if
there
isn't
an
efficiency
there
and
I'm
not
convinced
that
there
is
it's
not
a
very
large
efficiency,
and
I
think
we
should
keep
it
as
is,
but
wanted
to
check
with
the
working
group.
A
Okay,
so
rick
speaking
personally,
one
compelling
reason
I
can
see
to
using
a
map
is
that
it
matches
the
the
logical
structure.
So
you
have
you
have
a
dictionary
of
parameters
and
values.
So,
logically,
it
is
a
a
map,
a
dictionary.
You
know,
an
indexed
data
structure.
A
Yes,
an
array
may
be
a
very
efficient
way
to
record
it,
but
that
may
not
be
a
strong
enough
reason
to
start
changing
a
protocol
at
this
point.
Go
ahead.
Scott.
D
Ready
an
array-
and
so
I
I
think,
changing
it
to
a
map-
I
I
would
speaking
as
as
a
an
implementor.
I
would
advocate
that
we
stick
with
the
smallest
number
of
of
the
more
structures
we
can
get
away
with.
A
Yeah
understood
that
that
efficiency
is
important
in
these
places.
I'm
I
it's
someone
with
a
lot
of
seabor
experience.
I
I
know
brian's
been
looking
at
this
quite
heavily
recently.
I
would
be
surprised
if
a
an
integer
indexed
map
of
values
is
any
more
or
less
efficient
than
an
array
of
index,
comma
value,
tuples
and
brian
as
if
by
magic,
wishes
to
speak.
E
A
C
I
have
my
own
question
as
to
with
the
map
and
canonicalization
as
well,
particularly
if
we
have
security
contacts
that
calculate
a
signature
over
the
parameters
themselves.
A
Okay,
okay,
I
was
playing
devil's
advocate,
so
I
I
suggest
you
propose
what
you're
doing,
which
is
no
change
and
answer
benjamin
and
we'll
prod
him
to
see
if
he
can
lift
his
discuss
on
this
one
again.
If
anyone
has
any
serious
thoughts
about
this,
please
jump
on
the
mailing
list
and
send
a
strongly
worded
email
saying
that
we've
got
this
wrong.
Okay,
so
I'm
looking
at
the
time
ed
do
you
have
much
else?
Yes,.
C
Two
more,
the
the
other
is,
should
should
bpsec
force
integrity
of
non-block
type
specific
data.
This
is,
is
it
required
that
a
bib
or
a
bcb
sign
their
security,
id
security
parameters,
and
so
on?
The
recommendation
is
this
is
a
really
good
idea
and
it
should
be
done,
but
bp
sec
itself
should
not
mandate
it.
Although
we
can
add
non-marketed
text
to
explain
why
it
is
a
good
idea.
A
C
I
agree
yeah
and
then
the
last
is:
should
bp
sec
reserve
some
common
security
context
parameter
and
result
ids
in
in
bp
sec.
Currently
it
says
that
the
definition
of
that
mapping,
key
value
of
security
results
and
key
value
mapping
of
parameter
ids
is
solely
in
the
auspices
of
the
security
context
itself.
C
So
security
context,
one
parameter
one
could
be
different
than
security
context,
two
parameter
one
and
the
question
was:
is
there
value
in
reserving
a
couple
of
ids
at
the
front
that
would
be
common
for
all
security
contexts
or
not
such
that?
You
could
say.
For
example,
id
0
to
15
must
be
interpreted
the
same
for
all
security
contexts
in
vp
sec,
but
once
you
get
to
16
and
greater,
it
would
be
based
on
whatever
the
specific
context
is.
C
So
the
ones
that
have
come
up
in
the
past
are
things
like
init,
initialization,
vectors
or
values,
or
things
like
that,
and
I
could
probably
come
up
with
exactly
three
and
whether
it
is
a
great
efficiency
to
prevent
that
from
being
stated
over
and
over
again
in
individual
security
context.
I
don't
feel
strongly
about
this.
A
C
That
is,
that
is
all
of
my
all
of
my
questions.
A
Thank
you
very
much
ed,
so
I'm
going
to
move
very
quickly
on
to
brian
if
you
can
try
and
work
out
how
to
magic.
Oh
sorry,
someone
brian's
in
the
queue
I'm
just
checking.
Somebody
raised
a
question
yeah,
so
magnus
raised
the
point
that
the
last
couple
of
comments
were
actually
comments,
not
discusses.
A
So
it's
it's
really
up
to
us
to
as
the
working
group
and
the
authors
to
guide
us
on
this
to
just
decide
what
we
want
and
then
tell
ben
what
we've
decided
really,
okay,
so
brian
I'm
allowing
you
to
share
your
screen.
Thank
you
very
much.
Ed
go
ahead,
brian.
I
hope
this
works
for
you.
A
E
So
my
first
two
slides
are
just
background:
boilerplate
about
tcp
cl
motivations
nothing's
changed
in
these
slides
since
the
original
presentations,
so
I'm
going
to
skip
over
them
for
the
sake
of
terseness,
but
the
goal
is
to
keep
things
as
similar
as
possible
to
a
lot
of
migration
from
v3.
E
The
last
draft
changes
were
based
on
iesg
and
80
feedback.
Section
3
text
was
added
to
give
some
backgrounds
and
explanations
of
of
pki
environments
and
ca
policy
and
session
keeping
policy.
These
are
really
just
rationales
for
why
the
actual
requirements
are
the
way
they
are,
and
they
don't
have
any
changes
to
the
actual
protocol
itself.
E
I
added
a
completely
separate
draft
for
that.
That'll
be
discussed
a
bit
later
about
how
does
the
ca
actually
validate
that
I
own
a
node
id
that
I
claim
to
own
for
the
sake
of
pki,
and
there
have
been
no
further
comments
after
this,
as
was
mentioned
earlier,
I
think
prodding
the
sec
ad
or
the
isg
security
area.
Folks
is
the
last
thing
that
needs
to
happen.
E
E
E
C
Hey
this
is
ed
bahrain,
yeah.
I
don't
hear
rick
either.
I
I
guess
I
had
to
just
a
quick
question
so
coming
out
of
this.
Oh.
A
A
So
I
had
to
reload
the
screen
because
I
lose
the
I
lose
the
graphics
executive
summary
of
what
I've
been
talking
to
myself
about
tcpcl,
I
think,
is
in
a
really
good
state.
Can
we
take
this
final
page
discussion
to
the
list
because
I
think
this
will
take
longer
than
we've
got
and
it's
going
to
eat
into
the
next
discussion
time.
Wise.
A
Can
people
please
re-read
the
latest
version,
because,
although
nothing
normative
has
changed,
some
text
has
changed
and
just
to
make
sure
that
we're
all
happy
with
it,
although
I
think
we
trust
brian
and
he's
done
a
really
nice
job.
Thank
you.
That's
all.
I
was
going
to
say
all
right,
thanks
brian
I'm
pushing
forwards
with
the
time
on
this
one.
Sorry,
yes,
absolutely
and
you
get
another
chance
in
a
minute
anyway.
So
ed
do
you
want
to
jump
in
with
yours?
Please.
C
And
this
is
the
interoperability
security
context,
so
the
essentially
there
there
have
been
no
changes
to
the
version,
one
which
is
has
been
up
and
we
updated
it.
I
think
in
in
february
or
march-
and
this
was
in
response
to
requests
out
of
the
iesg
review,
that
we
put
together
an
interoperability
security
context,
the
the
bib,
the
we've
named
it
bib.
I
off.
C
I
wanted
to
put
iop
in
there
to
say
that
this
is
for
interoperability
only,
although
I
don't
feel
strongly
about
that,
the
the
the
security
results
for
for
this.
It's
a
hmac
256
shot
256
and
it
has
a
single
result,
which
is
the
expected
hmac
and
then
for
a
confidentiality.
C
It's
aes
kaloy's
counter
mode
256
and
it
carries
an
iv
and
authentication
tag.
I
guess
my
if
there
are
any
questions
to
the
working
group
on
this,
it
would
be.
Are
there
other?
C
Do
we
think
that
these
are
the
correct,
cipher,
suites,
well
cipher,
suite
for
asgcm
and
just
integrity
mechanism
for
hmac
sha
that
we
should
be
using
for
interoperability,
testing
of
bp
sec.
A
A
I
wonder
whether
it's
surplus,
I
know
these
are
meant
to
be
the
interop
security
contexts,
but
is
there
a
would
there
be
another
hmac
256
sha256
security
context?
That
was
not
the
iop
one?
It
just
seems
a
bit
surplus.
I
wonder
whether
you
can
just
specify
this.
This
is
the
interoperability
context
and
use
these
two,
so
people
could
say
well,
I'm
actually
just
going
to
use
that
anyway.
It
works
perfectly
well
for
me
in
my
security
domain,.
C
So
I
don't
feel
strongly
about
it.
The
only
thing
I
would
say
is
that
if
we,
if
we
were
to
remove
the
iop
and
and
have
it
just
be
those
that
could
also
be
used
for
deployment,
we
we
might
want
to
go
and
update
it
to
our
other
security
recommendations,
such
as
talking
about
you
know,
securing
other
information
in
the
bib
in
the
bcb.
C
E
So
my
feelings
on
these
contacts
are
that
they're,
fine
from
the
perspective
of
proof
of
testing
like
ed
said,
but
I
agree
that
they
should
be
marked
in
some
way
that
that
these
contacts
have
no
parameters
and
no
really
necessarily
wider
use
outside
of
a
very
closed
population.
A
A
I
I
agree
with
you
here,
brian
rick,
again
speaking
personally,
I
think
we
may
have
misunderstood
the
point
of
an
interoperability
security
context
and
I
think
the
steer
from
the
security
directorate
was
to
def
fully
define
a
security
context
that
would
be
expected
to
be
implemented
by
most
things
so
that
it
could
be
used
fairly
interoperably
a
I'll
give
this
a
try,
because
it
probably
will
be
implemented
rather
than
a
for
testing.
B
So,
jumping
in
here
I
I
I
share-
I
mean
my
understanding
of
the
goal
of
an
intro
ability
is
to
have
one.
I
think.
Oh,
this
is
expected
to
work,
that
you
have
the
keys
to
say
and
and
can
parameterize
the
context,
but
that's
and
for
exactly
most
of
the
parameters
should
be
even
etcetera
and
it
should
be
possible.
So,
basically,
you
have
to
be
keys
to
match
to
the
claim
source
identity
so
that
you
could
decrypt
it.
A
Yeah,
I
I'm
in
agreement
with
magnus
on
this,
I'm
watching
the
clock.
Sorry,
where
the
sessions
are
too
short,
can
we
take
this
one
to
the
list?
In
fact,
I
will
make
a
note
myself
to
take
this
to
the
list.
C
So
totally
fine,
and
if
we
want
to
write
this
and
just
call
it
a
default
security
context
and
put
in
additional
items
to
make
it
operationally
relevant,
we
can
certainly
do
that
in
very
short
time.
A
A
Excellent,
in
which
case
the
agenda
says
you
had
something
about
security
templates.
Do
you
want
to
cover
that
very
quickly
now.
C
So
so
the
the
real
question
that
I
have
on
this
while
I
I
update
the
share
screen
again,
is:
is
there
a
so?
The
question
to
the
working
group
is:
is
there
value
in
having
a
security
context
template
at
all
and
what
we?
C
What
we
presented
here
in
just
one
or
two
slides
is
this
might
be
a
place
for
more
specific
guidelines
for
writing
security
context,
specific
policy,
canonicalization
considerations,
usage
and
error
handling,
perhaps
even
a
common
template
for
a
table
of
contents
and
things
that
must
be
addressed
and
then,
whether
or
not
you
have
common
parameters,
result
types
or
reason,
codes
and
and
as
an
example
of
the
kind
of
normative
or
at
least
good
good
practice.
Information
that
could
be
in
there
is.
If
we
were
to
look
through.
C
You
know
the
life
cycle
of
a
security
operation,
regardless
of
what
security
context
you're
using
your
security
blocks
in
a
bundle
will
go
through
this
life
cycle.
You
know
and
make
sure
that
that
is
defined
someplace,
that
you
can
say
your
security
context
must
consider
each
of
these
possibilities
and
and
whether
or
not
there's
value
in
putting
together
things
like
security
reason,
codes
generic
if
they're,
not
in
vpsac,
and
then
notable
events
coming
out
of
such
a
security
operations,
life
cycle.
A
I
will
reiterate
that
please
look
at
this.
This
is
an
interesting
concept.
It
affects
the
workload
of
the
working
group.
I
mean
it
involves
creating
an
informational
document
which
we
haven't
done
for
a
while,
but
it
may
have
some
benefits
again
for
expediency.
Let's
make
this
a
list
discussion.
If
people
don't
mind
ed,
can
I
ask
you
to
kick
that
off
with
a
a
little
summary
of.
I
think
this
is
a
good
idea,
because
dot
dot.
A
E
I
think
so.
The
motivation
for
this
context
was
really
just
putting
my
money
where
my
mouth
was
in
terms
of
what
I
had
just
said
about
the
intro
ability
context
that
had
been
proposed,
that
it's
not
bad,
but
it
is
lightweight,
and
the
point
of
proposing
a
cosy
context
is
that
kosi
is
a
a
quite
broad
definition
of
how
to
do
a
lot
of
different
types
of
security
in
a
standard
way
and
also
in
a
way
that
is
made
by
definition,
to
be
done
in
a
constrained
environment.
E
And
the
point
here
is,
at
the
end
not
to
reinvent
the
wheel
that
cosi
does
a
lot
of
things
and
does
a
lot
of
things
in
maybe
not
the
best
way
or
the
most
efficient
way,
but
it's
a
standard
way.
E
So
the
point
here
is
that
this
is
all
being
done
in
the
existing
vp
sect
structure.
It
does.
This
is
a
bp
sec
context,
it's
doing
everything
in
the
way
that
bpsec
says
it
ought
to
be
done,
but
it's
doing
the
parameter
encoding
in
a
way
that
is
extensible.
E
And
the
point
here
is
this
last
item
to
inherit
the
future
gains
that
come
from
future
cosy
work.
E
Now
this
is
not
supposed
to
be
something
that
is
going
to
be
across
the
board
general
use.
I
I
don't
know
that
this
necessarily
represents
a
kind
of
a
minimum
to
implement,
but
the
intent
here
is
that
it
is
sort
of
internet
applicable
security
that
already
exists.
There
are
libraries
there
are
troubleshooting
tools
to
deal
with
with
cosy
messages
and
the
the
security
contexts
that
are
defined
here
are
done
in
a
way
again
to
fit
into
the
bpsec
model.
E
We
are
reusing,
cosy,
message,
tags
as
result
type
codes,
so
that
we're
not
inventing
new
new
code
points
here
and,
although
cosy,
is
extremely
broad
in
its
scope.
E
So
it
doesn't
represent
a
change
in
minimum
scope
effectively
from
that
interoperability
spec,
and
it
has
several
recommended
algorithms
for
pki
environments,
which
really
aren't
addressed
by
the
interoperability
draft
currently
and
key
wrap,
which
is
another
important
thing
in
a
in
a
long-term
internet
facing
key
use
situation
where
you
don't
want
to
have
to
share
content
keys.
E
E
Consequences
from
the
current
behavior,
that's
minimum
specified
by
bpsec
about
being
able
to
replay
blocks,
because
right
now,
bpsec
doesn't
mandate
that
that
signing
or
encrypted
authenticated
data
covers
the
block
metadata
or
the
primary
block.
E
I
feel
that
this
is
a
pretty
a
pretty
important
thing,
but
in
certain
environments
it
might
not
be
an
important
thing,
but
again
this
this
whole
cosi
spec
is
geared
towards
public
network
facing
requirements
where
you
can't
trust
that
everybody
is
going
to
be
necessarily
a
good
player,
and
you
can't
assume
that
you're
going
to
be
able
to
have
pre
distribution
of
a
lot
of
these
parameters.
E
And
so
that
that's
one
I
don't
know.
C
Ahead
there
we
go
so
so
two
things
ed
bahrain,
apl,
the
the
first
is
I
I
was
able
to
read
this
very
very
briefly.
Yesterday,
I
think
it's,
I
think
it's
a
great
idea
and-
and
my
first
question
is
well
if,
if
this
has
more
information
in
it
and
koci,
is
you
know
a
standard
in
this
way?
Is
this
a
a
better
default
use
on
the
internet
security
context
as
opposed
to
building
one
separately?
C
That's
just
hmac
shaw
and
aes
gcm.
C
If
we
want
a
default
security
context
for
use
on
the
internet,
which
I
believe
is
what
the
ads
were
asking
for,
should
we
say
we'll
adopt,
cosy
and
wrap
it
as
a
security
context,
and
that
should
be
the
internet
default.
Or
would
you
with
the
working
group
still
like
me
to
put
a
different
one
together
for
that.
A
Okay,
so
for
expediency
as
part
of
my
email
to
the
to
the
mailing
list
that
I
am
going
to
send
after
this
session,
I
will
include
that
in
the
interops
interop
spec
or
cozy
or
or
test
spec,
that
I'll
include
it
on
that
mail
and
we'll
take
that
to
the
list.
If
that's
okay.
E
Yeah
that
sounds
great
and-
and
the
point
here
also
is
that
if,
if
there's
a
network
or
an
operator
that
does
care
about
these
things,
then
absolutely
they
should
define
their
security
context
as
they
need
to,
and
this
is
made
more
for
an
operator
that
doesn't
necessarily
care.
They
just
want
to
use
what's
available.
A
Which
is
a
very
important
use
case
should
be
remembered.
It's
it's
very
easy
for
those
of
us
in
the
aeronautical
industry,
or
you
know
very
dedicated
industries
like
that
to
say
that's
fine,
we
we
have
customers
who
define
us,
but
their
security
specifications,
but
dtn
as
we
keep
telling
ourselves
and
others
has
applicability
beyond
big
industry
and
has
applicability
in
the
internet
as
a
whole,
particularly
with
iot
devices
and
hence
building
on
cozy.
I
can
see
personally
as
an
important
thing
to
be
able
to
do
and
just
say,
use
this.
A
A
Let
you
choose
one
and
give
you
five
minutes,
but
I'm
gonna
ask
one
last
question:
when
booking
dtn
meetings
the
chairs
have
to
select
how
long
they
want
and
how
many
sessions
they
want
and
for
the
last
couple
of
years
we
have
said
one
two
hour
session
is
enough:
question
to
the
list
would
a
longer
session
help
in
future.
Do
people
have
things
they'd
like
to
say,
but
feel
that
there's
not
time.
I'm
really
pleased
that
this
is
a
big
session
and
there's
lots
of
people
and
scott
is
keep
it
quick
scott.
D
More
time
would
be
good.
We
have
there's
a
lot
of
things
that
we're
contemplating
in
the
in
charter.
I
think
we've
got
a
lot
of
things
to
talk
about,
so
I
think
either
multiple
sessions
or
a
longer
session
would
be
a
good
thing.
A
Okay
noted
so
I
I
believe
ietf109
is
probably
going
to
be
virtual
as
well,
but
don't
quote
me
on
that.
If
it
is,
I
will
definitely
ask
for
a
longer
slot,
be
very
quick
brian.
That's
all
I
can
say.
E
I
will
try
all
right,
so
I'm
I'm
focusing
here
on
the
neighbor
discovery
only
because
this
is
a
dtn
topic,
not
a
acne
topic,
but
the
there
were
some
results
that
came
out
of
the
104
hackathon
that
had
recommended
that
there
was
an
implementation
of
discovery
and
they
said
this
really
is
an
ip
mechanism,
but
it
really
applies
to
dtn
in
general
and
it
happens
to
be
over
ip
in
this
case,
and
there
were
also
a
couple
of
drafts
earlier
on
in
the
dtnrg
about
dealing
with
embedding
discovery
mechanisms
inside
of
a
bundle
itself,
and
there
are
also
some
work
in
the
mana
area
about
neighbor
discovery
and
algorithms
to
do
this
kind
of
stuff.
E
So
my
questions
to
the
working
group
are
really
a
matter
of.
I
know
this
is
a
charter
item,
but
is
it
worth
at
this
point
dealing
with
this
kind
of
thing
at
a
bundle
level
and
doing
all
the
things
that
have
to
happen
in
a
draft
to
be
able
to
solidify
some
of
these
concepts
to
be
able
to
have
a
general
purpose?
Dtn
neighbor
discovery
protocol
and
one
way
of
transporting
a
dtn
neighbor
discovery
is
over
something
like
a
udp
broadcaster
multicast.
E
A
Down,
okay,
so
rick,
jumping
in
with
my
chair
hat
on
to
start
with.
Yes,
I
believe
this
and
somebody's
raised
a
comment.
I
bet
just
check
right.
Okay,
so
ronald
hasn't
raised
a
very
good
point.
Ronald
do
you
want
to
jump
to
the
microphone
line
in
a
second,
so
neighbor
discovery
and
neighborhood
discovery
are
both
items
that
should
be
on
the
charter.
I
need
to
quickly
check
the
charter
myself.
If
they're
not,
they
should
be.
I've
lost
the
charter,
I'm
useless
at
times.
A
I
think
this
is
good
work.
I
think
it's
something
we
should
be
looking
at.
I
think
it's
definitely
something
that
should
be
discussed
on
the
list
and
I
can
only
apologize
for
not
organizing
time
better
to
get
this
in
place.
A
My
personal
feeling
is
there
is
things
that
there
are
aspects
which
should
be
happening
at
the
bundle
level
in
terms
of
discovering
neighbors
and
building
routing,
topologies,
etc.
With
some
background
in
many
nh,
dp
is
actually
a
fairly
good
protocol
with
a
very
weird
encoding.
A
Manet
has
spent
a
lot
of
time
looking
at
ad
hoc
neighborhood
discoveries,
two
hob
neighbors,
that
sort
of
stuff
and
there's
a
lot
to
be
said
for
not
reinventing
wheels.
So,
yes,
I
am
in
general
in
favor
I'll.
Let
ronald's
jump
in
now.
E
Okay,
I
I
was
just
gonna
reiterate
what
was
just
said
about
as
much
as
possible.
You
know
these
these
recent
mene
rfcs
have
have
been.
I
believe,
after
some
of
these
other
drafts
have
occurred.
So
synthesizing
algorithms
that
are
well
defined
out
of
the
manet
with
encodings
of
bp
bis
could
go
a
long
way
to
not
not
reinventing
things.
A
So
that
reminds
me
of
one
last
thing
with
my
chair
hat
on
and
knowing
that
ronald
is
the
chair
of
manet
manny.
At
the
moment.
Correct
me,
if
I'm
wrong
ronald
is
looking
for,
has
a
load
of
work
that
has
been
done
historically
and
is
looking
for
more
participation
and
given
that
both
given
that
ronald
is
active
in
dtm
as
well
as
in
manet
and
I'm
active
in
mana
as
well
as
dtn.
A
We
see
that
there's
quite
a
lot
of
crossover.
One
of
the
discussions
to
be
had
is
about
the
management,
so
I
have
had
discussions
with
ed
and
I've
had
discussions
with
ronald
about
whether
the
ama
amp
work
might
whether
the
man,
a
working
group,
actually
has
enough
cycles
at
the
moment
to
pick
up
some
of
that
and
that's
a
question
for
the
working
group
about
whether
they
want
to
cling
on
to
ama
or
whether
they
want
to
help
sorry,
not
not
the
architecture.
A
But
the
protocol
work
whether
they're
happy
to
help
get
that
work
done
in
many.
Whether
they'd
like
to
continue
to
see
that
work
done
in
dtn
and
equally
neighbor
discovery
is
something
where
we
can
go
to
manet
and
say:
please
help
us
and
and
hopefully
we
can
help
them
in
return.
That's
just
my
passing
comment.
A
So
I'm
also
conscious
that
it's
13
39
in
the
uk,
12
39
utc,
and
we
finish
at
12
40.,
so
I'm
going
to
open
the
mic
for
one
minute.
If
anyone
has
anything
they
want
to
add
otherwise,
I
do
apologize
for
the
poor
timing
of
this.
I
will
book
some
a
book
along
a
session
for
the
next
one
and
thank
you
very
much
for
all
the
participants.
A
B
A
Even
though
I
muted
myself
for
five
minutes
otherwise,
thank
you
very
much
everyone
I
think
go
ahead,
brian,
oh
no!
I
just
haven't
muted
you.
Thank
you
very
much
everyone.
I
think.
That's
the
end
of
the
session.
I
will
close
it
down
in
some
way.
Thank
you
very
much
for
your
attendance
and
yeah
ietf109,
probably
virtual.
If
it's
not
I'll,
see
you
in
bangkok
and
hopefully
this
time
next
year
we
can
actually
meet
in
person,
but
mailing
list.
A
Please
use
the
mailing
list
because
it's
not
only
a
good
way
to
have
a
conversation,
because
you
can
think
about
what
you're
saying
it's
also
a
record
of
that
conversation
for
when
someone
comes
back
in
ten
years
and
says
why
did
they
do
it
that
way?
So
please
use
the
mailing
list.
Okay,
thank
you
very
much
guys
I'm
going
to
shut
this
down
and
I
will
see
you
next
as
everyone's
off
to
barbell.
Apparently.