►
From YouTube: IETF108-NETCONF-20200728-1100
Description
NETCONF meeting session at IETF108
2020/07/28 1100
https://datatracker.ietf.org/meeting/108/proceedings/
B
All
right,
it
is
time,
let's
get
started,
so
this
is
the
netconf
108
virtual
meeting.
We
will
be,
of
course,
conducting
this
meeting
entirely,
virtually
so
good
morning,
good
afternoon,
good
evening,
wherever
you
are.
B
B
A
quick
tutorial
on
medeco,
if
you
have
not
used
it
before,
watch
the
chat
window
for
comments
on
the
left
side.
It
is
next
to
the
participant
list
where
you
might
see
your
name
next
to
the
chat
list
is
the
hum
tool
that
we
will
use
for
conducting
our
homes
today,
the
virtual
blue
sheet
will
be
done
by
meet.
Echo
itself
will
record
your
presence,
so
you
don't
need
to
sign
up
anywhere.
B
B
Instead
of
etherpad,
we
are
using
kodi
md.
I
would
suggest
that
we
actually
that,
on
your
browser,
you
open
a
separate
tab.
You
can
do
it
on
the
meet
echo
window
also,
but
then
you
won't
be
able
to
see
the
meeting
participation
would
suggest
that
kent,
if
you
want
to
go
ahead
and
maybe
cut
and
paste
that
into
the
chat,
then
look
what
everyone
thinks.
B
So
the
workgroup
items
and
their
status
young
push
notification
capabilities
is
past.
The
second
working
group
last
call
at
this
point.
I
believe
it's
pending
an
author
update
the
crypto
types,
trust
anchor
and
key
store
drafts
are
already
in
working
group.
B
For
the
non-chartered
items
we
have
pierre
and
thomas
presenting
a
sweet
untie
on
unite
sorry
sort
of
drafts,
and
then
we
have
chin
woo
and
lui
peng
a
set
of
drafts
on
data
node
capability
and
data
export
capability,
followed
by
adapter
subscription
and
bulk
subscription,
and
we
will
conclude
with
kent,
presenting
a
new
drought
all
right.
Any
questions.
A
Mahesh,
I
don't
have
a
question,
but
I'm
wondering
if
we
should
try
the
hum
just
to
get
a
baseline
of
it.
B
Sure,
I
think
that's
a
good
idea
all
right
so
since
the
virtual
hum
is
a
new
tool,
let's
go
ahead
and
do
a
test,
so
let
everyone
know
how
to
use
the
tool.
So
this
is
only
a
test.
Watch
for
the
bar
graph
icon
on
the
left
will
turn
red
if
a
hum
is
initiated.
B
B
B
B
A
So
the
reason
why
maybe
it's
forte
and
not
the
loudest
is
because
there
are
some
there's
40
participants,
but
some
of
those
participants
are
meet
echo
or
jabber
users
and
the
chairs
themselves
on.
None
of
those
participants
are
able
to
hum,
and
yet
the
tally
takes
into
account.
Their
presence,
so
forte
may
have
actually
been
everyone
humming
the
loudest,
except
for
those
that
couldn't.
A
All
right,
so
I
guess
we'll
just
get
started
with
this.
Here's
oh
good
morning,
good
evening,
good
afternoon,
everyone
here's
the
status
and
issues
for
the
current
update
for
the
client
server
suited
wefts
next
slide.
Please.
A
There's
been
a
number
of
updates
since
last
meeting,
but
most
notably
crypto
types,
trust,
anchors
and
keystore
have
all
gone
into
working
group
last
call,
and
I
think
everyone
knows
the
status
of
the
moment
next
slide.
Please
and
the
remaining
set
of
drafts
have
had
some
significant
updates
made
to
them
and
and
there's
still
a
few
items
that
we'll
be
discussing
in
this
presentation
to
get
them
finished
off
next
slide.
Please.
B
A
Okay,
great,
so
I
just
really
have
three
items
I
want
to
discuss
in
during
this
recent
during
this
presentation.
The
first
is
what
to
do
about
cleartext
password
fields.
A
So
a
raw
password
is
required
to
be
configured
whenever
the
model
configures
a
client
that
itself
needs
to
authenticate
to
a
remote
system.
So,
for
instance,
if
you're
configuring,
an
http
client
that
needs
to
connect
to
a
remote
system,
the
server
which
is
the
hp
plan
would
have
to
have
the
raw
password
value.
It
can't
have
a
crypt
hash,
for
instance,.
A
A
In
all
these
models,
currently
those
nodes
are
tagged
with
the
nacm
default,
deny
all
extension
and
the
question
is
can
or
should
we
do
better
than
that,
so
some
thoughts
are
first,
we
could
modify
the
name
of
those
values
so,
instead
of
just
password,
it
could
be
clear
text
dash
password,
just
prefix
it
with
the
word
clear
text,
so
it
sort
of
provides
a
positive
statement
to
the
to
the
administrator
that
this
value
is
clear
text.
A
Another
idea
would
be
to
introduce
the
ability
to
encrypt
the
passwords,
so
this
is
sort
of
in
line
with
how
in
crypto
types
and
keystore
we're
able
to
encrypt
either
symmetric,
keys
or
or
private
keys.
In
a
way
you
can
think
of
a
password
as
like
a
symmetric
key.
So
but
it's
different,
you
wouldn't
necessarily
encrypt
it
exactly
like
a
symmetric
key,
but
the
idea
is
there
that
we
could,
for
instance,
encrypt
those
passwords
with
a
key.
A
That's
been
configured
in
the
key
store,
in
which
case
we
would
introduce
a
grouping.
Well,
okay,
number:
three:
there
is
that
maybe
we
could
use
the
exact
the
symmetric
key
grouping,
but
it
like,
I
was
just
saying:
it's
not
perfect.
It
comes
with,
for
instance,
that
key
format
field
and
also
the
the
content
value
would
have
to
be
binary,
in
which
case
it'd
be
base64
encoded,
which
may
be
not
desirable
for
a
configuration
model,
so
another
so
for
option.
A
Four
here
is
to
define
a
new
grouping
encrypted
types
draft
called
password
grouping,
maybe
in
and
you
can
kind
of
see
an
example
of
what
that
might
look
like
on
the
right
hand
side.
So
it's
a
choice
of
clear
text
password
and
encrypted
password
where
encrypted
password
would
be
a
container
containing
the
encrypted
key
value.
Grouping
we'd
have
to
work
out
the
details
in
green
on
the
lower
left
side
to
see
you
know
what
would
the
format
of
this
be?
A
I
mean
sure
we
have
the
key
if
it's
an
rsa
key
and
you're
encrypting
with
it
or
or
an
elliptical
key
and
you're
encrypting.
What
is
the
encrypted
value
format?
If
you
know
we
don't
have?
If
we,
if
we
don't
use
the
key
format
field,
then
what
would
the
key?
What
would
that
format
be
so
I'll
pause
there
for
a
second?
Are
there
any
comments
again?
This
is
a
discussion,
so
any
thoughts
here,
please
raise
your
hand,
so
the
chair
can
choose
you
for
the
audio.
A
D
All
right,
so
this
is
as
an
individual.
I
think
this
is
a
good
issue
to
raise.
I
I'm
not
sure
whether
the
password
cleartext
password
is
that
helpful.
I've
got
no
objections
against
it.
I
think
the
option
to
know
so
the
option
three,
I'm
not
so
keen
on
where
you
end
up
with
the
key
value
being
binary.
I
think
that
would
be
harder
to
use.
I
think
I
quite
like
the
option
of
thought
you've
got
here
of
using
a
common
groupie.
D
It
seems
like
this
issue
may
turn
up
in
other
places
and
solving
it
once
generically.
It's
like
a
good
thing
to
try
and
do
so.
I'm
not,
I
think,
that's
quite
a
nice
thing
to
do.
D
The
only
question
I
have
with
that
is
whether
people
would
sometimes
always
want
the
encrypted
password
and
not
allow
the
clearcase
password
option
and
whether
you've,
if
by
having
a
grouping
that
makes
that
tricky.
So
that's
the
only
question
I'd
have
there.
So
that's
just
some
thoughts.
A
So,
just
responding
to
that
last
point
it
well.
The
model
itself
could
introduce
some
features
to
disable
the
clear
text
password
completely
if
on
a
global
level,
but
of
course
also
the
application
level
model
could
augment
in
or
refine
in
a
feature
statement
an
if
feature
statement
to
to
shut
it
off
as
well.
D
Yeah,
yes,
I've
noticed
that
in
another
draft
that
you've
I
was
reviewing
and
I'm
not
sure
that
that's
a
great
construct
constructs
do
the
sort
of
and
if
each
stem
is
always
false,
I'm
I'm
not
sure
I
like
that
that
much.
I
can't
say
why
you've
done
it,
but
it
feels
like
a
bit
of
a
hack.
A
Okay,
I
did
see
that
email
and
I
don't
have
a
slide
for
it-
to
discuss
it
but
you're,
referring
to
in
the
mahesh's
draft,
actually
hbs
notif
that
he'll
be
presenting
in
that
it's
https
notif
and
we
don't
intend
to
support
http
without
the
tls
transport
layer
and
yet
it's
using
the
http
stack
which
supports
both.
So
the
idea
is
to
just
permanently
disable
that
leaf
or
the
branch
that
can't
possibly
ever
exist.
A
It's
a
little
bit
different
than
this
case,
though,
here
I'm
saying
that
the
application
data
data
model
could
I
mean-
and
people
do
this
all
the
time,
even
today,
already
people
or
refining,
if
feature
statements
to
turn
off
parts
of
configuration
that
they
don't
want
to
be
presented.
A
A
Comments:
okay,
so
I'm
going
to
take
that
as
a
a
positive
that
will
try
to
define
a
password
grouping
that
would
go
in
the
crypto
types
draft
which,
as
my
hush
mentioned,
is
in
working
group
last
call,
but
so
just
keep
that
in
mind
next
slide.
Please.
A
Okay,
so
the
next,
how
to
specify
http,
client
paths?
Currently,
the
http
client
grouping
is
solely
focused
on
connectivity,
primarily
it's
defining
the
client
identity
values.
On
the
right-hand
side.
You
can
see
a
little
snippet
of
config
and
the
bottom
most
part
of
it.
You
see
client
identity,
basic
off
credentials,
so
that's
primarily,
you
know
you
kind
of
see
the
whole
stack,
though
the
tcp
parameters
are,
you
know
where
to
connect
to
and
the
tl's
parameters
or
what
credentials
to
use,
authenticate
and
etc.
A
But
what
url
path
is
intended
to
be
connected
to
is
the
question
and
on
the
on
the
left
hand,
side
there.
It
says
that
it's
assumed
that
the
client
knows
how
to
construct
the
url
path,
so,
for
instance,
with
netconf-
and
you
know,
yang,
driven
data
models,
it's
the
client
can
construct
the
paths
necessary.
It's
obvious
how
to
make
the
connection,
but,
for
instance,
in
the
https
notif
draft.
A
There's
not
really.
You
know
what
what
is
that
target
resource
that's
supposed
to
be
connected
to,
and
so
what
that
draft
has
done
is
augmented.
The
http
client
parameters
value,
or
I
say
I
should
say
a
container
with
a
leaf
called
path
that
allows
that
enables
the
configuration
of
the
path.
A
So
I
guess
the
question
is:
is
that
good
enough
I
mean
that
consuming
data
models
would
always
augment
in
a
path
leaf
if
needed,
or
should
we
do
something
better
here
in
the
hp
client
draft.
D
A
Okay,
then
it'll
stay
as
it
is,
then,
unless
someone
else,
if
there's
an
abduction,
it
can
always
be
raised
during
the
working
of
last
world,
but
right
now
proceed
as
that.
Next
slide,.
A
Please,
okay,
so
we
have
a
few
fixed
me's
it's.
This
is
in
the
tls
client
server
draft
and
specifically
with
the
supporting
of
pre-shared
keys
or
or
a
pair-wise
symmetra
keys,
a
different
way
of
parsing
that
acronym
and
if
you
might
recall,
hank
you
know
recommended
we
extend
this
tls
to
support.
A
So
we
added
that,
but
there's
kind
of
there's
there's
some
fixed
means
here,
which
is
what
is
the
type
you
know,
is
a
string
correct.
Should
it
always
be
mandatory
and
you
know
for
that
matter,
what
what
rfc
should
we
be
referring
to
for
where
these
things
are
defined?
A
So
this
more,
I
think
everyone
saw
it.
Hank
replied
to
the
mailing
list
and
he
did
actually
provide
a
an
rfc
where
this
is
defined.
A
Parsing
at
rfc
it
looks
like
it's
not
mandatory
and
also
it
looks
like
a
type
string
is
correct
because
well
sometimes
it
can
be
a
dotted
quad,
not
in
not
binary
network
by
order,
but
but
just
a
stringified
ip
address
or
domain
names.
So
it
looks
like
a
string,
actually,
maybe
oh,
it
can
also
be
a
a
dn,
a
distinguished
name
like
ldap
distinct,
distinguished
name,
so
it
can't
be
an
inet
host
value.
A
A
That's
next
slide,
please.
A
So
this
completes
the
discussion
items
I
wanted
to
bring
to
the
working
group
this
morning
or
for
me
it's
this
morning.
Does
anyone
else?
In
general
I
mean
all
these
drafts
are
primed
for
work.
Group
last
call:
are
there
any
other
comments,
something
I
didn't
touch
on?
Someone
would
like
to
raise
before
we
finish
this
discussion,
see
I
see
the
chat
windows.
A
All
right,
I
guess
that's
good
enough.
Thank
you
and
mahesh
are
gonna
switch
presenters
now.
So
just
give
me
a
second
to
bring
up
his
slides
I'll
start
presenting.
B
Okay,
yes
yeah,
there
seems
to
be
some
issue.
Can
you
make
sure
you
press
the
audio
sending
of
audio.
B
Button,
maybe
at
this
point
just
go
ahead
and
type
it
out.
Oh
he's
he
did
type
it
out.
Okay,
he
said
he
doesn't
really
have
a
question
okay,
so
the
next
presentation
is
going
to
be
on
https
based
notification.
B
Please
all
right,
so
the
update
since
zero
two,
we
actually
had
two
pre
updates:
zero,
three
and
zero.
Four.
We
introduced
a
new
model
called
its
subnative
receivers
list.
B
Because
of
that
and
other
changes,
we
also
have
to
update
the
idf
https
node,
update
that
sorry
module
that
we'll
get
into
and
as
a
result
of
how
we
had
also
had
to
update
the
examples
and
then
finally,
there
was
a
question
on
the
encoding
of
notifications
in
https,
so
we'll
show
an
example
of
what
that
would
look
like
next
slide.
Please.
B
B
So
this
particular
module
introduces
that
so
it
adds
a
list
of
receiver
instances
and
with
an
empty
choice
for
the
transport
type
which
then,
as
you
will
see,
whether
it's
the
udp
draft
that
we'll
talk
about
later
and
the
https
native
draft.
That
can
then
augment-
and
I
support
a
particular
transport
type.
B
It
also
adds
a
leaf
ref
to
one
of
the
receiver
instances
within
the
module.
B
So
it's
by
within
the
subscribed
notifications
receivers
receiver
list
next
slide.
Please.
B
As
soon
as
the
https
module
is
concerned,
we
decided
to
go
ahead
and,
oh
first
of
all,
it
augments
a
case
statement
for
the
just
introduced
received
note
of
list
module
to
add
in
the
https
native
transport
type
and
then
the
second
big
change
is
the
fact
that,
as
kent
suggested,
he
introduced
https
stack
grouping
within
the
itf
https
client
module.
B
So
this
draft
makes
use
of
that
grouping
rather
than
having
to
define
its
own
stack
grouping
and,
as
he
already
also
discussed
in
his
deck,
we
augment
a
path
attribute
for
the
url
of
the
receiver's
resource
target,
because
there
isn't
one
defined,
and
I
think
robert
you
might
have
been
referring
to
this
particular
statement
here
on
trying
to
make
sure
the
tcp
support
that
we
don't
well.
We
since
we
don't
support
http.
B
Since
it's
supposed
to
work
with
and
without
or
at
least
there
is
a
ability
for
it
to
be
used
without
using
entirely
everything
under
subscribe
notifications.
B
I
think
the
main
thing
you'll
notice
is
that
between
the
two
one
difference
in
the
diagram
is
that
the
subscription
started
notification
is
not
used
without
when
we
are
using
the
module
without
subscribe
notifications.
E
Hi
this
is
rashad,
so
I'm
not
sure
understand
what
you
mean
by
without
subscribe
notifications,
because
you
augment
that
module.
B
Right
so
the
if
you
can
get
go
back
to
the
previous
slide.
B
So
this
example
module
which
is
in
the
appendix
uses,
the
grouping
from
within
https
native,
so
you'll
notice,
the
https
notif
has
a
grouping
for
the
model
which,
as
you
duly
noted,
gets
augmented
under
subscribe
notifications.
So
that's
the
in
the
main
body
of
the
track
in
the
appendix
we
give
an
example.
If
you
don't
want
to
use
subscribe
notifications
or
ever
the
the
whole
or
implement
and
subscribe
notifications,
how
you
could
do
it,
you
still
use
https
but
not
have
to
support
everything
under
subscribe.
Notifications.
B
A
F
Hi,
yes,
can
you
hear
me
yes
good?
So
so,
when
we,
when
we
talked
about
this
particular
draft,
I
thought
this
draft
was.
We
were
going
to
use,
be
able
to
use
it
in
the
context
of
the
existing
subscription
mechanisms
that
you're
talking
about
subscribe
notifications,
as
well
as
be
compliant
with
be
able
to
be
used
within
ietf
push
framework.
Did
I
get
that
incorrect.
B
F
F
A
Tim,
it's
not
actually
an
example
of
how
you
would
use
it
with
yang
push,
because
yang
push
built.
Some
topics
describe
notifications.
This
is
an
example
where
really
it's
a
it
it
it's
not
with
all
the
bells
and
whistles
of
subscribe
notifications,
so
you
don't
get
for
sure.
For
instance,
this
description
started
notification
that
mahesh
mentioned
you
also
don't
get
replay
and
some
of
the
other
things
this
description
subscription.
Sorry
subscribe.
A
Notifications
comes
with,
but
it's
a
very
simple
mechanism
that
if
you
just
want
to
configure
really
almost
hard
code,
it's
not
really
hardcoded
it's
configured,
but
but
it's
a
very
you're,
just
configuring
a
receiver
and
there's.
No,
then
the
protocol
is
just
a
you
know:
a
a
stream
of
just
a
forever
push,
much
like
sse,
currently
in
rescoff,
without
any
rate,
limiting
or
quality
of
service.
Does
that
make
yeah.
F
F
F
B
With
what
I
was
thinking
right,
so
there
is
an
instance
example
for
how
to
use
it
with
subscribe
notifications
and
then
in
the
appendix
we
have
an
example
of
without.
If
you
don't
have
subscribe,
notifications.
A
Right,
I'm
just
interjecting
as
a
participant.
Maybe
you
can
modify
our
example
so
that,
instead
of
it
being
a
simple
or
a
base
subscribe
notifications
example,
it
could
actually
be
a
a
push
example,
and
we
just
simply
say
in
text
that
pushes
a
a
form
of
subscribe
notifications
right.
B
F
F
B
Yeah
anyway,
we're
running
out
of
time,
so
maybe
can
eric.
If
you
can
go
ahead
and
post
your
question
in
the
chat
window
so
go
to
the
next
slide
yeah.
So
there
was
a
question
on
what
the
encoding
of
the
notification
itself
would
look
like.
So
here's
an
example
of
what
we
believe
it
would
look
like
it's
almost
identical
to
rescon.
B
B
I
think
there
should
be
one
final
slide
after
this
yeah,
so
barring
maybe
the
example
change
that
we
just
talked
about
the.
We
believe
that
the
document
is
ready
for
working
group
last
call,
and
ideally
we
would
have
we
as
since
kent
and
I
both
are
chairs.
We
would
have
liked
to
step
aside-
and
I
have
a
hum
be
done,
but
I
don't
think
so.
B
So
can
do
you
think
we
should
go
ahead
and
maybe
do
a
hum
to
test
harmony
or
anna
I'm
to
see
if
we
want
to
get
this
documented
into
law.
School.
D
B
Thanks
for
learning
that,
so
can
why
don't
you
go
ahead
and
to
run
the
hum
this
time?
I.
A
Do
positive
and
negative
and
I'll
press
the
the
hum
tool
button.
A
F
A
The
mic,
so
oh,
that
may
have
been
an
accident,
I'm
gonna,
cancel.
D
A
D
So
the
results
piano
which
it's
hard
to
interpret
what
that
actually
means
the
current
tool.
So
we
knew
that
the
full
room
is
forte.
I
think
piano
means
at
least
a
few
people
have
read
this
version
or
previous
version
of
this
document.
D
So
I
I
think
that
that,
in
my
opinion,
is
sufficient
to
to
suggest
this.
Should
progress
to
working
group
last
call.
So
I
think
the
next
question
I
would
like
to
ask
not
as
a
hum
but
does
as
a
question.
Does
anyone
object
us
to
us
taking
this
to
working
group
last
call
now
and
if
so,
could
they
go
to
the
mic
line
if
they've
got
any.
A
And
did
you
have
anything
any
final
closing
comments?
No!
Okay!
All
right!
Thank
you!
I'm
going
to
now
bring
up
the
next
presentation.
Just
give
me
a
second
to
switch.
B
So
while
kent
is
bringing
it
up
so
we're
running
a
little
behind
schedule,
so
let's
hope
the
rest
of
the
some
of
the
presenters
can
help
us
speed.
This
up.
A
C
Can
you
hear
me
and
see
you
go
ahead
perfect.
Thank
you
very
much.
I'm
presenting
here
for
united
udp
based
transport
for
configured
subscription
draft
next
slide.
Please.
C
This
draft
has
been
presented
to
you
in
a
in
previous
itf
107
on
the
on
the
different
name.
We
have
been
reworking
the
draft
to
further
simplify
and
also
improve
the
wording
and
also
renamed
the
graph
to
be
more
aligned
with
the
midconf
working
group
and
next
slide.
C
The
main
objective
is
still:
we
want
to
enable
that
massive
amounts.
High
volume
metrics
can
be
delivered
from
routers,
with
the
distributed
architectures
directly
being
able
to
push
from
line
cards,
it's
applicable
within
controlled
environments,
where
a
reason
amount
of
of
loss
is
acceptable,
main
focus
on
accounting.
C
Previously,
the
draft
was
focusing
on
configured
and
dynamic
subscription
in
order
to
simplify.
We
are
focusing
now
solely
on
configured
subscription.
C
It
can
be
used
in
conjunction
with
the
distributed
notification
draft,
which
I
show
next,
the
in
the
udp
transport.
The
header
supports
options.
C
C
We
have
in
the
header
so-called
message
id
which
allows
on
the
data
collection
site
on
the
receiver
and
to
see
if
there
were
a
lot.
If
there
was
there
was
loss
similar
like
it's
implemented
in
ipfix
out
of
out
of
scope
of
this
draft
is
the
replay
of
the
matrix.
C
We've
taken
inputs
from
the
previous
itf
sessions
from
103
to
105
to
to
to
to
simplifies
and
the
drafts
and
also
do
did
some
improvements
in
in
the
working.
So
I
hope
hope
now
that
it
treats
much
more
easily
and
clarifies
a
lot
of
the
questions
it
raised
previously
and
we
would
like
to
call
for
adoption
internet
conf
any
questions
yeah.
We
have.
F
C
Do
you
no
it's.
It's
not
open
source.
We
are
currently
working
on
an
open
source
implementation.
It
will
be
soon
available
closed
source.
It's
already.
F
F
A
Let
me
chat,
I
know
there
may
be
an
issue
with
the
slides
slide.
Five
is
still
showing,
though,
on
my
screen,
it
looks
like
slide.
Six
is
showing.
What
hash
are
you?
What
slide
number
are
you
seeing.
D
Okay,
good,
we
have
robert
on
the
queue.
I
also
see
six,
so
just
a
quick
clarifying
question
here
so
by
udp.
I
presume
this
is
effectively
a
lossy
transport
or
best
effort.
Is
that
a
way
to
describe
this
you
that
the
devices
are
streaming
the
data
out
and
if
somebody
gets
dropped
due
to
congestion?
That's
just
bad
luck
and
the
clients
have
to.
C
G
Okay,
can
you
hear
me
now,
yes,
yeah,
okay,
very
good,
so
thomas.
Do
I
get
this
right
that,
basically,
this
drive
is
about
udp
export
lp
fix
ipfix
like
or
netflow,
like
of
young
objects,.
A
To
conduct
a
quick
hum
so
much
like
rob's
questions.
First,
how
many
people
have
read
this
version
of
the
draft
or
even
the
previous
versions
of
the
draft?
Because
it's
the
same
work?
Please
hum
now.
A
Okay,
so
a
piano
which
was
the
same
response
that
rob
noticed
on
a
previous
one,
and
I
do
okay
for
a
second,
I
thought,
ben
while
I
was
in
the
queue.
Oh,
he
is
in
the
cube.
G
So
I
still
think
this
is
an
interesting
idea
exactly
like
it
was
an
interesting
idea
to
have
ipfix
based
on
udp,
which
is
in
the
end
what
has
been
implemented
in
news
industry.
However,
at
the
time
we
we
were
forced
by
the
iesg
to
have
a
congestion
aware
protocol.
Hence
the
most
ctp.
D
F
So
so,
but
I
think
maybe
it's
a
question
that
I
had
right
because
there's
different
protocols
that
you
had
in
ipv6
and
and
certainly
you
know,
I
think
we
probably
need
a
more
efficient
yang
variant
or
for
ip
fix
right.
So
I
I
agree
with
this
work
in
that.
In
that
sense
it,
but
is
the
work
done
the
draft
that
you
have
this
one
and
the
one
that
comes
after
it
is,
and
I
think
it
is.
F
Is
it
sectioned
enough
that
it
allows
you
to
do
multiple
transport
protocols
that
you
can
add
on
to
the
the
subscribe
notifications?
F
The
you
know
you
have
subscriptions
and
then
you
have
udp
based
tcp
based
whatever
you
know,
it's
kind
of
like
what
we
did
with
the
client
server
stuff
is
the
modules
is
the
model
designed
such
that
you
can
add
a
new
transport
and
encodings
as
as
as
an
addendum
to
to
the
the
initial
draft
that
maybe
should
get
a
that
can
get
around
any
any
concerns.
Could
you
just
say
well
we'll
bring
those
in
later.
C
Well,
I
think
that's
that's
temptation
in
intention
that
that,
at
the
end
you
you
can
actually
select
select
a
transport
you
want
for
a
certain
subscription,
absolutely
right.
Okay,
thanks.
A
And
just
to
add
to
that
tim,
this
is
you
we
might
call
this
the
udp
native
transport.
Much
like
my
hash's
draft
is
the
https
note
of
draft,
and
so
all
these
note
of
transports
are
meant
to
be
compatible
with
subscribe.
Notifications.
F
Yes,
but
it
works
on
the
subscription
to
distributed
notifications.
It's
it's
got
its
own
little
caveat
right
that
that
it's
adding
in
as
well
right
and
and
that's
what
I
was
worried
about
making
sure
is
that
that
subscriptions,
whether
it's
udp
based
or
tcp
based
you
know
you
just
added
new
bindings.
C
Right,
it's
basically
in
order
to
allow
the
distribution
onto
the
the
line
cards
and
being
able
to
detect
the
loss
of
metrics
on
on
a
process
I
mean,
because
you
have
multiple
process
now
this
exporting
the
metrics.
C
You
need
an
identifier
to
understand
from
which
process
this
these
metrics,
where
we're
coming
from
and
for
that
purpose,
and
I
will
explain
that
in
the
next
slide
deck
the
generator
id
was
introduced,
but
it's
optional.
So
it's
not
something
it's
required
and
so
dpp
notif
makes
use.
A
Okay
regarding
the
adoption
poll,
though,
what
do
you
want
to
do
maybe
run
that
home
with
the
jvi.
B
C
Next
slide
same
as
to
the
udp
notif,
we
have
been
taking
feedback
from
the
last
itf
107
and
did
also
a
rewrite
and
an
alignment
to
the
the
netcom
working
group
in
this
loft.
We
want
to
make
it
more
simpler,
more
clear
to
understand.
C
Next,
the
objective
is
the
same.
As
for
the
udp
notif
draft,
we
want
to
support
massive
amounts
of
networking
device
data
in
high
volume,
and
here
the
main
focus
is
that
it
can
be
distributed
among
line
cards,
so
it's
supports
distributed
forwarding
systems
next
slide.
C
C
It
shares
the
same
ipv4
ipv6
source
address
so
regardless
if
it's
pushed
from
the
round
processor
or
the
line
cards
that
simplifies
the
the
subscription,
although
it
shares
the
same
source
ip
address,
each
each
process
has
a
dedicated
layer,
4
port,
so
and
it
basically
follows
the
same
principle
as
most
ipfix
implementation
in
between
ipfix
implementation.
C
Regarding
congestion
controllers
previously
mentioned
in
the
udp
node
gift
draft,
you
have
that
a
message
id
which
is
identifying
or
generating
basic,
like
the
sequence
numbers,
so
you
can
detect
on
the
data
collection
side
receiving
and
if
they
were
messages
lost
and
since
now
in
the
distributed
notif,
there
are
multiple
publishers
in
order
to
identify
the
publisher.
C
The
generator
id
has
been
introduced
same
as
for
the
udp
notif.
Retransmission
is
out
of
scope
in
this
draft
next
slide,
please,
and
also
same
as
for
the
udp
notif
draft,
we've
been
taking
the
feedback
from
itf
103
to
105,
and
also
from
the
chairs
to
simplify
the
writing
and
align
towards
the
netconf
working
group,
and
also
you
would
like
to
call
for
adoption.
B
A
Okay,
so
are
there
any
objections
to
adopting
this
work,
both
this
priest,
this
draft,
as
well
as
the
previous
draft?
I
I
noted
that
benoit
mentioned
the
comment
to
rob
which,
but
that
aside
anything
else.
A
A
B
Right,
why
don't
we
just
do
a
quick
hum
and.
A
Okay,
so
all
in
favor,
since
there's
no
objections,
but
all
in
favor,
let's
see
how
much
in
favor
you
are
please
hum
now
for
both
drafts,
the
previous
and
this
one.
A
A
It's
piano
and
as
a
chair
I'm
not
able
to
hum,
but
I
would
have
I
do
support
this
work
as
a
participant.
I
just
say
sorry.
A
Okay,
so
I
think
that's
successful
then,
and
we
will
adopt
this
actually
we'll
take
it
to
the
list
and
just
make
sure
there's
no
objections
there
and
then
adopted.
Okay,
thank
you,
thomas,
and
we
need
to
switch.
B
H
F
H
F
H
Capability
allows
the
client
to
subscribe
data,
download,
update
with
specific
transport
protocol
coding
format,
encryption
compression
mode
and
the
data
self
explanation
text
capability
can
realize
that
provide
telemetric
data
classification
and
sort
out.
The
characteristic
data
allows
clients
to
automatically
select
the
target
data
objects
that
are
of
interest
to
the
client
application
and,
finally,
it
can
provide
multi,
multi-dimensional
network
visibility
and
analysis.
H
Okay,
here
are
the
document
status
both
were
first
present
in
the
last
meeting
and
it
was
just
to
set
up
design
team
to
pro
grass
work.
So
the
last
update
of
data
export
capabilities
is
that
and
first
we
add
usage
example
of
telemetry
that
data
export,
which
will
be
introduced
later
and
second,
we
add
the
timer
event,
support
and
counter
threshold
support
under
per
node
capabilities.
H
And
third,
we
add
the
redundant
sub
subproportion
support
under
per
node
capabilities
and
the
the
last
update
of
notification
node
tag
capabilities
in
version
two
is
that
first
we
add
usage
example
of
telemetry
data
tagging
and
second,
we
change
group
id
into
self
tag
id
which
is
self
describing
attributes
for
each
data
node
and
third,
we
change
parent
group
into
multi-source
tag
which
can
be
used
to
aggregate
performance
metric
from
different
cells
and
last
we
add
clear
definition
for
operation
type
attribute.
H
First,
to
statistic:
operation
target
data
object;
okay,
next
slides,
please.
A
H
Okay,
so
you
change
the
size
right,
but
here
is
it
showing.
A
Four
now,
but
I'll
just
quickly
say
yesterday
mahesh
and
I
were
testing
and
he
had
to
actually
exit
meet
echo
and
come
back
and
then
his
ability
to
see
the
slides
returned.
So
that
might
be
going
on
with
you
right
now.
Okay,
so
we
are
on.
B
H
Wrong
size,
but
I
will
go
to
introduce
on
the
slides
for
yeah
and
here
gives
the
relationship
of
the
the
self
explanation
come
capabilities
model
arguments,
the
idf
system,
probabilities,
move
and
data,
export
capabilities
for
the
argument,
both
itf
system
capabilities
module
and
the
notification
graphic
release,
capabilities
audio.
H
So
in
the
self
explanation,
capabilities
module,
key
capability
attributes
to
be
advertised
include
the
opm
tag,
its
telemetry
tag
for
performance
metric
data
object
includes
object,
property,
and
this
is
a
metric
tag
and
the
operation
type
is
a
third
distinct
operation
on
target
data.
Object,
for
example,
the
mean
max
sum
on
average
and.
H
For
this,
if
the
operation
type
is
threshold
type,
the
corresponding
data
object,
support
threshold
handling
and,
for
example,
it
can
scan
or
interface
for
a
certain
type,
every
five
seconds
or
others,
and
check
the
counters
or
status
to
cross
threshold
and
return.
An
area
of
interface
undertales
that
match
the
search
and
if
the
operation
type
is
average
mean
max
some.
It
indicates
that
the
data
object
supports
the
statics
operation
and
then
we
add
the
multi-source
tag
indicates
performance.
H
So
in
the
data,
export
capabilities,
k,
capability,
attributes
to
be
advertised
include
timer
event
support.
It
means
the
timer
based
trigger
on
target
data.
Object
is
support
in
the
server
and
the
counter
threshold
support.
H
Okay,
so
this
slide
gives
a
usage
example
of
the
telemetry
data
tagging,
like
this
figure,
for
example.
If
we
want
to
subscribe
the
data
of
interface,
audio
and
in
errors,
data
which
might
represent
the
number
of
error
packet
is
seen
as
a
kpi
metric
belong
to
the
statistic
class.
H
H
Place
sorry
do
change
the
slice
because
I
can't
see
go
ahead,
okay,
so
this
line
is
a
usage
example
of
telemetry
data
export
which
can
support
the
adaptive
subscription
here
are
the
process.
H
One
four
is
bigger
than
four
trigger
yam
notification
for
a
set
of
specific
data
store
node
and
for
some
data
object
it
may
support
more
than
one
interval,
and
it
also
should
be
note
that
the
policy
can
also
be
defined
in
advance
and
next
the
manager
has
adapt
adaptive
subscription
with
event
based
telemetry
policy
role
and
then
finally,
the
notification
for
this
download
update
with
specific
threshold
and
which
can
be
found
in
the
right
example.
There
are
more
than
one
period
set
to
the
materializer
adaptive
subscription.
H
Yeah,
so
I
is
the
content
of
those
two
drafts
and
the
key
values
of
telemetry
data.
Tagging
capability
includes
identify
performance
measurement,
related
data
for
service
assurance
application
and
provide
network
visibility
to
network
load
traffic
flow
capacity
and
queues
data
category
in
a
millisecond
or
second,
which
is
meaningful.
B
Do
we
do
the
same
with
this?
Maybe
combined.
B
No,
oh
actually,
this
was
right.
Yes,.
C
A
So
I
think
maybe
we
should
just
start
with
the
the
same
sequence
of
questions.
We'll
do
a
quick
hum
how
many
people
have
read
this
version
of
the
draft.
Please
come
now
and
actually
there's
two
drafts.
So
let
your
home
reflect.
A
A
A
F
I
I
don't
necessarily
have
an
objection,
I
I
will
say
the
export
capabilities
from
the
last
ietf
meeting.
There
were
some
concerns
that
were
listed
about
needing
to
look
at
the
larger
capabilities
for
reporting
and
that
we're
going
to
look
at
maybe
a
design
team
for
capabilities.
I
don't
know
if
we
progress
that
or
what's
going
on,
I
there
was
notes
that
I
took
from
last
week.
I
Yo,
can
you
answer
that
actually
yeah?
It
was
suggested
by
chair
to
set
up
a
design
team.
Actually,
we
worked
together
with
china,
mobile
and
other
partners.
Actually,
we
actually
kept
on
policies,
policies,
worker,
and
we
also
welcome,
as
a
you
know,
contributor
to
john
this
worker.
A
Okay,
I
think
that
addressed
the
comment,
so
in
that
case
one
more
hum
all
so
I
didn't
hear
an
objection
there.
So
all
in
favor
of
adopting
the
strap
please
hum
now
or
two.
A
A
Okay,
so
piano-
and
I
think,
based
on
our
previous
comments,
that
was
sufficient
to
take
it
to
the
list
to
get
a
a
final
adoption
poll
confirmation
there
on
the
list,
and
I
think
with
that
we'll
move
on
to
the
next
presentation.
I
don't
see
any
other
comments
currently
so
mahesh.
If
you
open
up
the
next
presentation
and
ping,
if
you
could
we're
running
a
little
bit
behind
so
try
to
do
what
you
can
to
make
up
so
for
some
time.
I
I
I
Okay,
thank
you.
This
is
I'm
here
to
present
to
young
puji
subscription
related
chapter.
One
is
about
adaptive
subscription.
The
second
is
bank
subscription.
I
Next,
next,
next
page
actually
for
adapt
subscription,
it
actually
allows
a
client
to
configure
the
server
to
support
a
different
update
interval.
It
also
allows
the
the
server
to
switch
data
connection
rate
based
on
the
results
they
use
usage
so
for
bunker
subsequent
it.
I
Actually,
it
allows
the
client
to
instruct
the
server
to
to
see
which
subscription
can
be
bound
together,
which
cannot
so
for
adaptive,
substitution
and
bank
subscription
both
actually
was
presented
in
last
idea
meeting,
and
it
was
also
suggested
to
set
up
the
design
team
to
progress
this
work
and
we
for
adaptive
subscription
and
from
the
offline
discussion
it
would
suggest,
to
align
with
esa
model.
I
That
is
the
one
progress
in
the
nether
modern
working
group,
and
also
it
was
suggested
to
provision
a
ratio
of
the
new
mainland
interval
such
as
weakened
provision
5.
That
means
you
can
provision
5
times
faster
than
the
original
period,
and
it
also
suggests
to
characterize
the
adaptive
subscription
whether
it
belong
to
the
unchanged
substitution,
whether
it
belongs
to
the
period
subscription
and
for
bunk
subscription
and
actually
from
the
the
discussion.
I
It
was
suggested
to
add
a
default
value
for
maximized
boundary
latency
for
the
publisher,
and
we
also
will
also
discuss
how
to
classify
the
subscription
work
criteria.
We
should
follow
to
classify
this
substitution,
whether
it's
based
on
the
transport
or
encoding,
and
whether
we
can
based
on
the
maximize
the
bundle,
latency
and
other
parameters
and
compared
with
the
previous
version
for
adaptive
subscription.
We
add
a
usage
example,
and
this
is
the
main
change
for
the
adaptive
subscription.
I
We
also
align
with
the
easy
model
and
we
added
like
a
data
path
or
data
to
identify
the
target
data
object.
We
also
add
a
condition
expression
to
represent
the
stress
code
of
watermark
to
to
be
to
to
be
satisfied
and
also.
In
addition,
we
actually
highlighted
the
motivation
why
we
introduced
this
adaptive
subscription
for
bunker
subscription.
The
main
changes
is
we
try
to
highlight
the
motivation
in
the
introduction
section
and
we
will
also
add
a
new
parameter.
I
We
call
the
bundle
size
in
the
model
structure
and
we
also
fix
some
of
the
type
in
the
secure
section
next
page
so
for
adaptive
subscription.
Actually,
the
main
goal
of
the
adapt
subscription
is
define
a
young
model
and
associate
a
maxim
to
allow
the
client
to
configure
the
server
with
the
multiple
updated
interval.
I
It
also
allow
the
server
to
switch
the
data
connection
rate
based
on
that
resource
usage
change,
and
so
the
motivation
to
to
to
to
do
this
is
actually
because,
in
some
cases
when
you
set
the
data
connection
rate
is
very
high
and
it
may
actually
overload
the
nano
device
consume
too
much
network
resource.
But
when
you
set
the
data
connection
rate
too
low,
actually
the
telemetry
data
you
connected
may
be
another
sufficient
to
identify
the
nano
failure
and
also
verify
the
correct
network
behavior.
I
So
our
idea
actually
is.
We
can
configure
both
connector
and
the
temperature
with
multiple
periodic
interval
and
another
associated
parameter
like
a
counter
threshold.
So
we
can
allow
the
server
to
switch
the
period
interval
according
to
the
resource
usage.
So
typical
case
actually
is
you
can
monitor
the
wireless
signal
strength?
These
signal
strengths
may
change
over
the
time,
so
so
we
can
actually
to
switch
data
connection
based
on
this
wireless
signal.
Strength.
I
I
So
this
is
what
a
solution
looks
like
actually,
the
before
to
design
the
adaptive
subscription
policy
or
send
a
adapter
subscription
to
the
server.
You
need
to
make
the
client
to
understand
what
the
server
capability
they
can
provide
for,
for
example,
for
some
targeted
object,
whether
it
is
supported
threshold
handling
or
for
some
of
a
set
of
data
options,
whether
it
can
support
multiple,
updated
intervals
so,
based
on
this
server
capability
extension.
Actually,
we
can
design
appropriate
adaptive
subscription
policy
and
we
can
get
this
policy
set
up
on
the
server.
I
So
the
server
can
switch
the
data
connection
rate
based
on
the
results,
usage
change.
So
when
a
data
connection
rate
gets
changed,
it
can
immediately
inform
the
client
about
the
this
change
and
also
can
inform
a
corresponding
data
connection
rate,
so
the
model
design
we
actually,
we
augment
from
the
subscription
notification
model
and
with
a
bunch
of
adaptive,
subscription
parameters
to
to
to
actually
define
the
threshold.
I
We
call
the
motor
water
marker
that
can
be
crossed
and
we
also
actually
define
appropriate,
updated
interval
corresponding
to
different
watermarks,
and
we
also
actually
augment
the
establishing
notification
establish
subscription
rpc.
With
the
seminar
adaptive
subscription
parameters
for
a
server.
Then
we,
when
they
change,
switch
to
the
data
connection
rate.
Actually
they
need
to
send
the
notification,
so
we
also
define
a
state
change
notification.
We
call
the
adaptive
period
update
notification,
so
this
notification
can
tell
the
client
about
the
the
data
connection
rate
changes.
I
D
I
For
for
this,
what
is
the
performance
monitoring?
We
actually
define?
Example:
wi-fi
mac
model.
Actually,
we
can
monitor
the
wireless
signal
strength,
so
the
key
map
parameter
we
want
to
keep
track
of.
Is
the
signal
strength
that
we
call
the
issi
value.
So
when
this
is
value
is
a
greater
than,
for
example,
minus
65
db?
Actually,
we
can
switch
to
to
to
actually
a
high
data
connection
rate
and
freedom.
I
We
can
scan
all
the
client
every
five
seconds
for
specific
wi-fi
interface
and
when
the
iss
value
is
less
than
minus
65
db.
Actually
we
can
switch
to
the
higher
data
connection
rate.
We
can
switch
scan.
You
know
the
decline
every
you
know,
60
60
seconds
up
to
360
seconds
so
upon.
We
will
get
these
policy
set
up
on
the
server,
so
the
server
may
switch
to
the
data
connection
reader.
It
can
send
the
notification
to
the
client.
So
here
we
give
you
example.
I
So
for
bank
subscription,
actually,
the
the
goal
to
define
the
bank
subscription
actually
is
allow
the
client
to
to
instruct
the
server
about
what
kind
of
subscription
can
be
bound
together.
What
kind
of
substring
cannot
be
bundled
together,
so
it
can
work
together
with
a
message:
bundle
that
has
already
been
progressed
in
the
nether
working
group
and
so
can
actually
form
the
completed
solution
or
close
loop
resolution.
I
So
we
actually
also
you
know,
introduce
the
criteria
to
classify
the
subscription.
So
we
not
only
we
can
based
on
like
a
encoding
or
transport
to
bundle
subscription
on
the
same
transport,
but
also
we
can,
you
know,
bundle
the
subscription
based
on
some
other
parameters.
We,
we
call
the
boundary
latency
or
bond
size
or
compression
algorithm
to
to
to
classify
this
subscription.
I
Next,
so
here
is
the
solution
overview.
Actually,
we
before
to
you
know,
send
a
bunk
subscription
to
the
server.
Actually
we
can
let
the
client
to
understand
whether
the
support,
whether
the
server
support
the
message,
bundle
capability.
We
can
rely
on
the
server
capability
extension
and
so
the
model
design.
I
Actually
we
actually,
we
argument
from
a
subsequent
model,
substitute
notification
model
with
a
a
set
of
new
parameters,
for
example,
maximize
the
bundle,
latency
and
maximize
bundle,
size
and
compression
algorithm,
and
so
we
so
for
max
bundle
latency.
Actually
it's
it.
Actually,
it
is
maximize
latency
before
the
notification
can
be
generated
and
and
egress
from
the
publisher,
and
we
also
support
the
compression
algorithm
parameter.
These
can
be
used
to
compress
subscribe
the
data
to
indicate
what
kind
of
compression
algorithm
we
are
using
next.
I
So
this
shaft,
actually
has
already
has
been
around
for
a
while.
Actually,
the
key
value
for
the
adaptive
subscription
is
addresses
the
performance
issue
on
the
device,
especially
when
devices
get
overload
when
you're
facing
the
muscle
data
connection
and
processing,
and
it
also
can
reduce
the
amount
of
data
to
be
exported
for
bank
subscription.
Actually,
it
can
improve
the
data,
connection,
efficiency
and
performance,
and
also
it
can
work
together
with
the
message,
bundle
and
form
the
completed
solution.
A
Hi,
this
is
kent
as
a
participant,
a
couple
comments.
First,
does
this
work
over
any
notif
based
transport,
both
dynamics,
descriptions
and
and
configure
descriptions.
I
Yes,
you
are
right
for
for
adaptive
substitution,
we
can
support
not
only
config
exception,
but
also
dynamic
subscription
for
for
bank
bank
subscription,
actually
currently,
actually,
we
many
cases
which
we
can
support
the
configure
subscription
for
dynamic
subscription.
Actually,
we
introduce
a
new
ipc
actually
to
indica
to
to
to
this
this
new
ipc
convoluted
scale
with
the
dynamic
subscription.
I
So
I
I
I
think
yeah.
The
answer
is
yes,.
A
Okay
and
then
the
second
comment,
which
is
a
question
to
what
extent
has
this
been
implemented.
I
Actually
for
adaptive
subscription,
actually,
we
already
implement
implement
most
of
this
parameter
and
for
bank
separation.
Actually,
it
actually
is
a
plan.
It
is
in
planning
yeah.
A
Okay,
great
so
now,
let's
do
same
kind
of
hums
that
we
did
before
so
first
for
those
that
have
read
this
version
of
the
draft
two
drafts,
please
hum.
A
A
By
the
way,
the
results
showing
up
as
piano
isn't
that
bad.
If
you
remember
the
baseline
test
that
we
did
at
the
beginning
showed
it
was
a
fortissimo,
and
that
was
when
we
asked
everyone
to
come
loudly
okay,
so
this
is
showing
up
as
a
piano
so
again
the
same
questions
before.
Is
there
any
objections
to
adopting
these
two
drafts?
D
Please
go
ahead,
so
not
not
an
objection
on
this
particular
draft.
But
again
is
it's
the
same
observation
that
all
hand
results
are
coming
back
as
piano.
I'm
not
sure
we
know
quite
what
that
means.
So
I
think
we
should
be
careful
in
terms
of
knowing
how
much
support
there
are
for
for
all
these
documents.
We're
asking
for
adoption
for-
and
it
may
well
be
that
that's
confirmed
the
list
anyway,
but
just
a
word
of
caution.
A
Right
and
we
are
asking
for
objections,
we're
not
hearing
any,
and
I
think
the
assumption
is
that
there's
support
whether
it's
strong
or
weak
is
unclear,
but
we
will
take
it
to
the
list
to
get
confirmation.
I
think
the
assumption
is
that's
adopted
unless
someone
says
they
object
on
the
list.
Does
that
sound,
appropriate
and
proper
to
you.
D
A
Okay,
well
then,
but
let's
try
to
continue
the
third
question
like
before.
If
you
support
adopting
this
draft,
please
hum
now.
A
A
Piano
again,
okay,
thank
you,
chen
for
the
presentation,
we'll
have
to
confirm
on
the
list
and
match.
I
think
we're
on
the
last
presentation
now,
which
is
mine.
A
Great,
thank
you,
okay,
so,
as
everyone
may
recall,
we
we
worked
on
secure,
zero
touch,
provisioning
a
while
back
rfc
8572,
and
this
presentation
wishes
to
make
a
minor
extension
to
it.
A
I
have
two
co-authors
russ
housley,
who
was
previously
security
area
area
director
and
also
previously
ietf
chair
and
sean
turner,
who
was
previously
security
area
area
director,
so
they're,
both
well
known
in
the
security
area.
Next
slide,
please.
A
The
motivation
for
this
work
is
the
rfc
8572
is
being
adopted
by
vendors
and
telecoms.
Some
established
infrastructure
providers
and
startups
and
one
feature,
that's
missing-
is
the
ability
for
the
bootstrapping
device,
which
herein
is
known
as
the
sctp
client
to
be
issued
an
ldf
id
certificate
from
the
bootstrap
server.
A
The
ability
to
issue
an
lwd
during
the
bootstrapping
is
critical
when
the
lid
ldap
id
is
needed
in
order
to
establish
post
bootstrap
network
connectivity,
so,
for
instance,
if
you're
trying
to
create
dynamically
provisioned
network
slices
through
which
the
bootstrapped
device
is
intended
to
communicate.
So
you
you
actually
have
to
configure
that
lwd
certificate
at
the
bootstrap
phase
in
order
for
that
to
be
possible.
A
So
this
id
updates,
rfc
8572,
to
fill
in
that
missing
piece
next
slide,
please
so
on
screen
is
effectively
what
rfc
does
a
device
powers
on
it
sends
an
https
post.
A
It
can
include
any
number
of
input
parameters
and,
and
then,
ultimately,
it
gets
back
in
a
200
which
includes
well,
it's
the
conveyed
information,
the
the
response,
that
is,
the
bootstrapping
data
that
it's
looking
for
next
slide,
please
so
the
update,
so
the
top
line
and
the
bottom
line
on
this
are
the
same.
But
the
top
line
is
just
a
little
bit
different.
We
wish
to
introduce
a
new
input
parameter,
which
is
known
as
the
s
csr
support
parameter.
A
We
wish
to
enable
the
sctp
server
to
return
back
a
http,
400
bad
request
and
for
that
error,
payload
to
include
a
request
info
structure
and
then
for
the
client
to
again
send
the
same,
get
bootstrapping
data
request
to
the
server,
but
this
time,
including
a
new
another
new
parameter,
called
the
csr
parameter
and
then
finally,
the
same.
The
bottom
line
is
the
same
as
before:
it's
getting
back
to
conveyed
information,
but
this
time
the
content
that
it
could
also
include
a
signed
ldvide
certificate.
Next
slide.
A
Please
we're
just
going
to
go
into
a
little
bit
those
new
structures
that
we're
just
talking
about
so
first
there's
the
csr
support,
structure
and
effectively
it's
a
there's,
two
parts,
there's
a
one.
It
enables
the
sap
client
to
indicate
if
it
supports
generating
a
new
key
and,
if
so,
which
algorithms
it
supports.
So,
if
you
know
a
client
already
has
a
private
key,
the
question
is,
and
and
many
times
in
security
circles,
it's
it's
advantageous
for
the
client
to
generate
a
new
private
key
dedicated
to
that
lwd
certificate.
A
A
As
said
the
there's,
a
desire
to
return
back,
an
error
response
and
in
the
errors
info
field,
we'd
like
we
want
to
return
a
structure,
so
this
is
actually
an
sx
structure,
request
info,
and
so
this
response
provides
three
bits
of
information.
First,
it
enables
the
sctp
server
to
indicate
if
it
wants
the
spd
client
to
generate
a
new
key
and,
if
so,
which
algorithms
to
use.
A
So,
of
course,
this
depends
on
the
client
saying
that
it's
able
to
generate
a
new
key
but
okay.
Secondly,
it
enables
the
sap
server
to
select
which
csr
format
the
sap
client
is
to
generate
so
of
those
you
know
p10
cmc
cms,
which
one
should
it
send
and
by
the
way
this
is
kind
of
important,
because
the
sdp
server,
the
back
end
of
the
stp
server
needs
to
communicate
with
the
certificate
authority
and,
depending
on
the
certificate
authority,
implementations.
A
Various
request
formats
are
preferred
so,
for
instance,
we're
working
with.
Oh,
I
should
say
I'm
aware
of
folks
working
with
different
certificate
authorities,
as
one
in
particular
comes
to
mind.
Is
the
microsoft
certificate
authority
which
in
particular
prefers
cmc
as
the
format
that
it
wishes
to
use,
and
then
thirdly,
it
enables
sbb
server
to
provide
a
fully
populated,
but
not
yet
signed
csr
structure.
So
that's
that
cert
wreck
info
structure
there
at
the
bottom.
A
So
essentially
just
it's
fully
populated
it
has
all
the
v3
extension
fields
the
way
it
would
it
wants
them
the
format.
Sorry,
the
algorithm
identifiers
filled
in
all
the
client
needs
to
do-
is
to
sign
it
with
its
private
key
and
then
return
it
in
the
next
request.
A
Next
slide,
please
so
again,
the
client
would
then
send
another
get
bootstrapping
request
and
this
time,
including
the
csr
input
parameter
and
this
input
parameter-
enables
sp
client
to
communicate
the
requested
csr
format
in
the
correct
in
the
in
the
requested
format
to
the
sap
server.
So
it's
just
a
choice
amongst
the
various
formats
that
are
supported
next
slide,
please.
A
So
this
is
a
recap.
It's
the
same
slide
as
I've
shown
before,
but
again
the
request
with
a
new
input,
node
a
response
which
is
an
error
providing
some
selections
back
to
the
client.
Another
request
containing
the
the
results
of
this
you
know
of
the
final
certificate
request
and
then
finally,
the
conveyed
information
that
contains
a
signed,
lwd
certificate
next
slide.
Please.
A
It
came
to
me
well
by
way
of
my
co-authors,
as
I
mentioned
before,
they
actually
brought
it
to
me
as
the
primary
author
of
the
rfc
and
requested
the
update
to
be
made
again,
it's
blocking
adoption
and
some
deployments.
A
A
Although
there's
a
little
bit
of
a
discussion
with
the
microsoft
certificate
authority,
folks
as
to
whether
or
not
we
also
need
to
support
another
request,
format
known
as
crmf,
but
it
won't
fundamentally
change
the
the
focus
you
know
the
focus
or
or
the
solution,
it's
just
a
matter
of
documenting
yet
another
format.
A
So
with
that
in
mind,
if
the
group
working
group
were
to
adopt,
it
would
complete
quickly.
B
All
right,
so
let
me
do
a
quick
poll
hum
to
see
how
many
people
have
read
any
version
of
this
trap,
starting.
B
A
Well,
meet
echo
rather
abruptly
cancels
the
meeting
about
three
minutes
after
the
close,
so
we're
at
the
close
time.
Right
now,
it's
presumably
in
three
minutes
we're
going
to
get
off.
B
Okay,
all
right
so
one
other
quick
hum
to
see
how
many
people
feel
that
this
document
should
be
adopted.
As
a
work
group
item.
B
Okay
piano
again,
so
finally,
any
objections
to
adopting
this
document-
and
this
is
not
a
hum
again,
if
you
have
any
objections,
raise
your
hand.
D
A
I
just
quickly
because
I'm
a
chair
I'm
unable
to
hum,
but
I
of
course
strongly
support.
Also.
I
know
that
my
co-chair
sorry,
my
co-authors,
were
unable
to
join
because
they're
doing
other
working
groups
right
now,
but
they
would
also
have
supported.
A
But
yeah,
so
that
was
it
as
a
participant.
As
a
chair,
I
think
we've
completed
everything
on
time.
Barely
we're
gonna
get
abruptly
cut
off
in
about
a
minute.
Thank
you.
Everyone
for
joining
any
other
comment,
smash.