►
From YouTube: IETF109-DTN-20201120-0500
Description
DTN meeting session at IETF109
2020/11/20 0500
https://datatracker.ietf.org/meeting/109/proceedings/
A
A
Oh
good
now
I
can
hear
myself.
There
was
a
bit
of
a
bit
of
a
bit
of
lag
there.
Look
at
that
and
I
get
in
just
in
time
for
five
o'clock.
Sorry,
I
was
making
myself
my
two
cups
of
coffee
too,
to
survive
this.
A
So
let
me
just
find
some
slides.
A
A
Then
so
morning,
everyone,
I
think,
given
it's
five
o'clock
from
my
time
and
let's
say
12
o'clock,
bangkok
time
is
probably
easier
way.
To
put
it,
shall
we
make
a
start.
A
A
A
Excellent,
okay,
brilliant
so
may
as
well
make
a
start.
Hello.
Everyone,
rick
and
ed
here-
welcome
to
dtn
109.
A
So,
just
to
kick
off
this
session
is
being
recorded
because
we're
on
meat
echo,
so
it's
all
being
recorded
as
usual
I'll
get
to
the
agenda
on
the
next
slide
standard
things
there's
a
participation
guide
given
this
is
the
friday
of
this
ietf
and
I'm
assuming
most
of
you
have
attended
other
sessions
already.
You
should
be
fairly
familiar
with
how
meat
echo
works
given
you're
listening
to
me,
it
assumes
mute.
Echo
is
working,
but
the
links
for
how
to
report
technical
issues
etc
are
also
on
this
slide.
A
But
a
quick
search
on
the
internet,
using
your
favorite
search
provider,
will
also
find
the
usual
ietf
assistance
pages
in
case
of
a
catastrophic
technical
breakdown,
although
how
using
the
internet
to
solve
an
internet
problem
helps
I'm
not
quite
sure
anyway,
so
this
being
an
itf
session,
it
is
covered
under
the
note.
Well,
I
hope
you
are
familiar
with
this.
If
not,
I
suggest
you
read
it
carefully.
A
Please
take
time
to
read
this,
but
yeah
it's
an
effect,
so
the
agenda,
the
agenda-
has
gone
through
a
couple
of
updates
this
week,
including
some
very
last
minute
updates,
not
half
an
hour
ago
so
highlights
of
that
are
we
have
moved
the
so
okay,
we
are
covering
in
some
detail
the
changes
to
the
drafts
that
are
in
iesg
review
in
order
to
ensure
we
are
getting
these
issues
resolved.
A
This
is
dragged
on
for
a
long
time
and
we
really
do
have
to
get
these
things
finished.
There's
been
a
list
of
discusses.
I
know
the
authors
and
the
working
group
have
been
working
quite
hard
to
try
and
get
these
cleared
because
of
that
we
have
moved
the
tcpcl
updates
presentation
later
into
the
agenda.
This
is
to
give
benjamin
caduck
and
I'm
sorry
if
I
get
your
pronunciation
of
your
name
incorrect,
who
is
one
of
the
isg
reviewers.
A
It
gives
him
a
chance
to
attend,
and
actually
we
can
try
and
get
some
of
these
comments
addressed
at
the
mic,
because
doing
these
things
in
real
time
is
often
quicker
than
doing
them
over
email.
Obviously,
everything
will
always
be
confirmed
on
the
mailing
list,
because
that
is
a
record
of
decisions
made,
but
the
ability
to
have
conversations
at
the
mic
should
hopefully
help
us
clear
up
those
last
issues.
A
There
is
that
is
cancelled,
I'm
afraid,
because
there
is
an
ipr
issue
which
we
are
going
to
resolve,
and
hopefully
he
will
be
able
to
present
that
at
the
next
ietf
meeting.
So
apologies
to
anyone
who
came
specifically
to
hear
about
that,
it's
not
happening.
A
Everyone
involved
is
extremely
apologetic
because
we
wanted
to.
But
it's
it's
got
a
bit
complex.
That's
fine!
Okay,
a
little
bit
of
administrivia
meat
echo
can
struggle.
Apparently
there
was
a
denial
of
service
attack
on
it
yesterday
for
some
reason
on
the
jabber
part
of
it
all
video
conferencing
systems
have
their
problems.
A
A
There
are
a
number
of
just
reload
the
whole
site
buttons
at
the
bottom
right
hand
corner
of
your
screen,
and
that
really
helps
if
your
audio
breaks
up,
if
not
just
reload
your
whole
browser
page,
as
you
can
understand,
there's
a
lot
of
people
from
all
over
the
world
trying
to
use
this
system
it's
running
on
a
cloud
provider.
Occasionally
there
are
hiccups.
A
A
We
need
minutes
taken
the
interactive
sort
of
shared
the
equivalent
of
etherpad.
There's
a
system
called
kodi
md
that
is
built
into
meet
echo.
We
would
like
to
use
this
for
the
minutes.
Our
normal
excellent
minute
taker
ed
is
now,
of
course,
one
of
our
is
our
new
co-chair
with
me.
So
there
we
need
volunteers
to
work
on
keeping
the
minutes.
A
Please
don't
use
it
as
an
opportunity
to
stick
an
entire
essay
underlining
your
point
in
extreme
detail,
but
a
good
capture
of
of
what
is
happening
is,
of
course,
useful
and
the
mailing
lists
just
to
reiterate,
dtn
itf.org
and
also,
if
you
need
to
contact
the
chairs.
Unlike
my
previous
typo,
when
asking
for
agenda
items,
it
is
dtn
chairs
at
ietf.org,
not
itef.org,
although
if
anyone
wants
to
register
that
domain
and
forward
it
to
somewhere
useful,
I'm
sure
that
would
be
appreciated.
A
What
I
will
stick
in.
I
should
have
put
a
slide
in
for
this.
I
would
like
to
introduce
ed
brain.
A
lot
of
you
know.
Ed
he's
been
our
secretary
for
a
couple
of
years
now,
mark
blanchet
has
decided
to
step
down
as
a
dtn
chair
and
I'd
like
to
take
this
opportunity
to
thank
him
for
all
his
hard
work
over
from
the
inception
of
this
working
group.
All
the
way
through
to
this
current
session,
I
think
he's
done
the
working
group
proud
and
his
input
continues.
A
I
know
so
a
big
thank
you
to
mark
and
equally
I'd
like
to
welcome
ed
as
my
new
co-chair,
because
he
has
taken
mark's
slot.
Congratulations,
ed!
Welcome
to
the
mayhem.
C
Well,
no,
thank
you
very
much
and
I
I
just
wanted
to
echo.
You
know
the
the
conversations
that
I'd
had
with
mark
over
the
years
about
dtn
and
understanding
its
use
in
a
variety
of
different
use.
Cases,
terrestrial
and
and
in
space
have
been
have
been
extremely
helpful
and
his
dedication
to
making
sure
that
that
this
work
continues
and
continues
in
a
way
that
makes
it
correct
and
implementable
and
operational
is,
is,
and
continues
to
be,
appreciated.
C
What
I,
what
I'd
like
to
say
otherwise,
is
thank
you
for
the
opportunity
to
come
in
and
help
chair
the
working
group,
something
certainly
that
we
are
passionate
about
and,
speaking
about
being
passionate
about
some
of
this
work.
We
we
have
been
passionately
pursuing
bp,
biz,
bp,
sac
and
tcp
clv4
for
really
quite
some
time
and
as
we
have
gone
through
several
iterations,
and
this
most
recent
being
the
comments
from
the
iesg
review.
C
We
have
gotten
to
be
very,
very,
very
close
to
finishing
the
outstanding
discusses
and
comments
associated
with
these
documents.
The
expectation
is
through
the
presentations
today,
we'll
be
able
to
understand
if
there
are
any
remaining
questions.
Something
that
is
important
is
even
when
the
documents
come
out
of
the
working
group
last
call.
But
then
we
look
at
discusses
and
comments.
C
There
are
questions
that
come
back
to
the
working
group
and
questions
that
come
back
from
the
mailing
list,
and
we
really
need
to
make
sure
wherever
possible
that
we
are
engaging
in
those
discussions
to
make
sure
that
we
have
time
to
update
and
and
get
the
drafts
in
for
review
so
that
by
the
time
the
the
drafts
get
back
onto
the
isg
telechat,
the
next
one
being
the
3rd
of
december.
C
In
particular,
we've
been
tracing
bp,
biz,
bpseq
and
tcpclb4,
but
something
else
that
we're
going
to
hear
about
today
is
the
idea
that
the
default
security
contacts
for
bpsac
really
also
need
to
go
in
front
of
the
iesg
to
to
give
bp
sec
and
the
people
who
would
be
approving
bpsac
the
the
comfort
that
that
we
have
draft
security
context
that
can
be
operational
from
day
one.
C
And
so
please
pay
attention
to
these
four
documents
in
particular,
and
if
you
do
have
questions
come
to
the
mic
and
if
you
do
have
questions
participate
on
the
mailing
list
as
we
wrap
this
up,
so
that
we
can
do
this
and
then
get
on
to
our
other
items
that
we
would
like
to
get
to
in
a
recharter.
A
Here
so
yes,
this
slide
is
is
no
longer
relevant
because
we
we're
going
to
discuss
this,
but
unfortunately,
it's
cancelled.
So
this
is
the
agenda.
We
have
so
really
I'm
looking
at
the
clock.
We
should
probably
kick
off
with
the
agenda.
We
have
left
20
minutes
for
open
mic.
A
Any
other
business
at
the
end
of
the
session
that
may
well
be
eaten
up
by
overruns,
have
no
objection
to
overrunning,
particularly
on
the
key
documents,
as
ed
said,
that
are
under
iasg
review
at
the
moment,
as
they
are
really
blocking
further
work
in
the
working
group.
So
so
we
need
to
get
these
things
sorted,
so
we'll
be
fairly
lenient
with
time
for
the
early
things,
but
so
I
can
only
apologize
to
some
people
who
have
late
agenda
items
at
the
end
of
the
agenda.
A
C
E
A
Million
monkeys,
so
I
have
a
quick
apology
to
scott.
I
built
these
slides
for
him
based
on
an
email
conversation
because
of
time
constraints,
so
they
are
a
ugly
and
be
a
little
bit
of
a
stream
of
consciousness,
but
on
you
go
scott.
Just
just
ask
me
to
switch
slides
for
you.
F
Right
I'll
try
to
go
quickly
through
this
next
slide.
F
The
status
of
the
vpv7
vps
bundle
protocol
specification
is
this
is
actually
slightly
out
of
date
because
version
29
of
the
draft
was
posted
two
days
ago
and
it
addressed
a
couple
of
additional
points
brought
up
by
magnus
in
in
retiring
one
of
the
discusses.
F
So
with
that
in
mind,
I
will
try
to
mention
the
further
updates
beyond.
What's
on
these
slides
as
we
go
through
them,
when
I
was
putting
this
together,
I
looked
back
through
the
last
four
or
five
months
of
emails
and
tried
to
compile
the
status
of
what
I
understand
to
be
the
remaining
open
questions
on
the
draft.
So
next
slide.
F
This
is
the
big
one,
because
it's
it's
pretty
much
unreadable
for
anybody,
but
me
the
the
big
question
has
been
there's
the
one
that
has
gotten
the
most
attention
has
been
whether
or
not,
and
if
so,
how
the
dp
security
extensions
would
be
mandated
within
the
bp
bis,
the
core
bundle
protocol
specification.
F
The
and
I
won't
go
through
this
extensive
email
trail
at
the
end
of
it.
We
I
believe,
settled
on
some
language
that
is,
in
the
first
two
paragraphs
of
section,
nine
of
the
specification
that
I
believe
addresses
everybody's
concerns
and
reflects
the
the
consensus
of
people
who
are
on
the
mailing
list.
Aside
from
mark
who
disagreed
with
this,
the
concept
entirely.
F
Everybody
else
is
okay,
with
there
being
some
element
of
mandate,
and
the
text
of
that
mandate
is
written
in
those
first
two
paragraphs
of
section
nine.
We
can
go
through
those
now,
but
I
would
propose
that
we
instead
press
through
the
rest
of
this
list
and
then
come
back
to
specific
questions
at
the
end.
If,
if
there
are
some.
F
A
Interrupting
here
sorry,
I
think
it
is
worth
at
the
end
of
this
just
reiterating
the
statement.
That's
in
the
current
the
latest
draft,
just
to
make
sure
that
everyone
has
that
understanding
of
mandatory
to
and
I'm
sorry
it's
early
for
me
mandatory
to
implement
sorry
mandatory
to
implement
optional
to
use
is
the
executive
summary.
F
F
Do
it
right
now,
okay,
so
the
first
two
paragraphs
of
section,
nine
bundle,
protocol
security
architecture
and
the
available
security
services
are
specified
in
an
accompanying
document.
The
bundle
security
protocol
specification
bpsec
whenever
bundled
protocol
security
services,
as
opposed
to
the
security
services
provided
by
overlying
application
protocols
or
underlying
convergence
layer
protocols
are
required.
Those
services
shall
be
provided
by
bpsec
rather
than
by
some
other
mechanism,
with
the
same
or
similar
scope.
That
is
when
security
is
is
required.
Bpsec
is
the
way
you
do
it.
F
A
second
paragraph,
a
bundle
protocol
agent,
which
sources
cryptographically,
verifies
and
or
accepts
a
bundle,
must
implement
support
for
bpsec
use
of
bpsec
for
a
particular
bundled
protocol
session
is
optional.
I
think
that
is
the
language
that
then
ran
atkinson
proposed,
and
I
that
everybody
agreed
to,
and
I'm
certainly
fine
with
it.
If
there
are
objections
to
it,
it
would
be
good
to
bring
those
out
on
the
mailing
list.
F
So,
let's
move
to
the
next
slide,
then
some
of
these
will
go
very
quickly
because
there
have
been
no
comments,
but
this
is
one
of
the
open
questions
that
that
we
do
need
to
resolve.
There
was
a
discuss
on
this
and
I
believe
from
the
last
email
exchange
with
magnus.
I
believe
we've
satisfactorily
resolved
this
question.
There
were
a
couple
of
sections
in
paragraphs
in
sections,
10.3
and
10.4
that
were
simply
removed
in
version
29
of
the
specification.
F
So
magnus
do
you
have
a
comment
at
this
point.
G
I
G
F
Excellent
all
right.
That
said,
let's
move
to
the
next
slide.
There
was
a
question
of
similarly
a
question
of
mandating
implementation
of
the
tcp
convergence
layer,
tcpcl
v4
in
the
bp
specif
vp
bis
specification.
F
There
is
a
text
on
that
which,
which
I
can
find
if
we
need
to,
but
the
the
the
I
think,
the
gist
of
it
is
that
we
are
agreed
that
implementation
of
tcp
cl
is
mandatory
as
a
minimum
connectivity
option
for
bundle
protocol
nodes.
F
A
F
A
On
the
mailing
list,
silence
is
is
viewed
as
ascent
with
with
these
things,
okay,.
F
So
I'm
gonna
assume
that
that
language
is
okay
and
on
the
next
slide.
Similarly,
there
is
this
question
of
authorizing
protocol
agents
to
override
the
bundle
lifetimes
that
are
asserted
by
bp
applications,
and
the
idea
here
is
to
enable
a
mechanism
for
congestion
mitigation,
which
was
one
of
the
early
discuss
items
that
that
merger
brought
up
to
enable
congestion
mitigation
by
authorizing
bundle,
protocol
agents
to
essentially
delete
bundles
by
changing
the
bundle
lifetime
locally
and
and
by
using
a
an
overriding
bundle
lifetime.
F
For
this
purpose,
we
provide
a
a
little
bit
of
adjustability
to
it.
You
could
set
it
up
so
that
it
if
you're,
if
you're
running
short
on
space,
maybe
you
set
the
the
bundle
lifetime
for
the
purpose
of
your
own.
As
a
as
your
own
bundle
note,
is
your
own
possession
of
the
bundle
you
set
it
to
half
an
hour.
F
If
the
bundle
has
not
been
forwarded
in
half
an
hour,
then
you
authorize
it
to
to
be
deleted
as
a
as
a
way
of
controlling
congestion
in
the
network.
G
A
F
A
It's
it's
a
local
drop
decision,
rather
than
an
alteration
of
the
bundles
primary
block
or
or.
F
That's
right
and-
and
I
believe
that's
that's
very
clear
in
the
specification
that
we're
not
talking
about
altering
the
lifetime
of
the
bundle
which
you
can't
do
anyway,
because
it's
in
the
exactly.
F
And
that
would
violate
immutability,
so
it
is
strictly
a
local
processing
decision.
C
Scott,
this
is
ed.
I
had
a
question
about
that
when,
when
we,
when
we
use
this,
if
we
were
to
delete
a
bundle
by
advancing
or
or
changing
or
overriding
its
bundle
lifetime
and
a
reason
code
would
be
generated
as
an
administrative
record,
showing
that
the
bundle
had
been
deleted
for
this
purpose.
Would
the
reason
code
be
that
the
lifetime
was
expired
or
would
it
be
something
else.
F
I
we've
sort
of
gone
back
and
forth
on
that.
I
believe
what
the
specification
says
now
is
that
the
reason
code
would
be.
I
forgot
exactly
what
the
word
is,
but
it's
a
traffic.
I
F
Okay,
then,
let's
go
on
to
the
next
slide.
This
is
whether
or
not
the
language
in
41511
is
a
satisfactory
specification
of
the
dtn
scheme.
Endpoint
id
syntax.
That
enables
enables
a
bundle
protocol
agent
to
differentiate
between
a
dtm
scheme,
endpoint
that
is
singleton
and
one
that
is
that
has
multiple
or
potentially
has
multiple
members
in
the
endpoint
and
the
mechanism
proposed
to
that
is
for
the.
E
F
F
This
is
another
one
where
there
was
some
discussion
on
the
mailing
list
and
the
the
core
question
here
is-
and
this
has
come
up
in
a
number
of
of
contexts,
bona
protocol
time
values
such
as
creation,
time
lifetime
bundle.
Age
has
been
denominated
in
seconds,
and
there
is
has
there's
been
this-
this
objection
that,
oh,
no,
it
needs
to
be
in
milliseconds,
because
for
some
purposes
we
need
finer
grained
decision
making
on
on
the
basis
of
time.
F
F
And
how
do
we
guarantee
that
it
really
is
immutable
when
there
is
it,
when
it's
at
least
in
theory
possible
to
change
from
one
valid
civil
representation
of
time
to
another
civil
war
representation
of
time?
That
is
equally
valid,
but
has
a
different
number
of
bytes.
A
So
rick
here
again,
what
was
the
decision
milli
seconds
or.
A
F
Okay
and
it's
it's
a,
I
believe,
a
a
small
increase
in
transmission
overhead,
so
I
think
it's,
I
think
the
value
outweighs
the
cost.
A
If
I
remember
correctly
from
the
discussion,
the
reason
people
were
keen
on
milliseconds
was
not
so
much
for
the
delay,
tolerant
aspect
but
for
disruption,
tolerant
aspects,
so
you
might
have
very
fast
networks
which
are
constantly
disrupted.
A
So
in
those
fast
transmission
networks,
milliseconds
make
a
lot
of
sense
as
compared
to
you
know
the
space
use
case
where
seconds
is
fine.
I
think
that
was
the
argument.
F
That's
that's
right.
It's
it's
particularly
useful
for
low-earth
orbiting
satellite
operations,
for
example,
yeah.
A
Just
as
a
side
note
me,
techo
has
a
queue
if
you,
if
anyone
has
any
comment,
please
jump
to
the
queue
now,
rather
than
waiting
right
until
the
end
of
the
presentation.
I
think
it's
worth
because
some
of
these
questions
are
complex
and
there's
a
few
outstanding
questions.
So,
if
you're
hanging
back
to
ask
all
your
questions
in
a
big
rush,
I
have
no
objection
to
stepping
to
the
stepping
on
the
queue
now.
F
D
Went
into
the
queue
because
I
saw
that
there
was
some
discussion
in
the
the
chat
from
I'm.
D
D
From
stu
on
the
dropping
thing
a
little
while
ago
that
I
added
to
the
to
the
cody
but
will
asked
a
question
right
before
you
said
something
about
the
queue
and
I
waited
for
him
to
hopefully
get
in
the
queue
he
didn't.
So
I
stepped
in
the
queue.
So
will,
if
you
don't
mind
I'll,
just
vocalize
your
question:
was
there
a
discussion
of
a
variable
denomination.
D
F
F
Primary
block,
immutability,
and
so
it
was-
was
not
gonna,
be
okay,
that
is
changing
from
seconds
to
milliseconds
on
route
from
the
source
to
destination.
That's
not
going
to
be
an
okay
option.
I
I
would
go
a
little
further
and
for
for
purposes
of
of
simplicity,
I
I
I
would
endorse
the
idea
that,
all
times
throughout.
F
A
Just
a
quick
comment
will,
on
the
chat
said:
I'm
sorry,
I'm
wasting
everyone's
time.
You're
not
well.
That's
the
point
of
these
things
that
there's
no
such
thing
as
a
stupid.
D
I'm
just
stepping
in
again
I
know
because
I
know
stu
can
actually
talk.
He's
I
talked
to
him
earlier.
Does
he
want
to
step
up
and
go
to
the
mic
to
ask
his
questions
on
the
drops
of
the
bundles
because
he
did
ask
a
question
there?
I
don't
know
if
we
want
to
just
backtrack
back
to
that
real
fast
or,
if
sure,
that's
fine
stu.
Do
you
want
to
step
up
and
ask
that
question.
J
I
think
ed
answered
it
adequately
in
the
chat
window.
Thank
you.
A
Okay,
so
I'll
flip
back
to
the
I've
changed
slides
there
we
go.
A
F
Extension
blocks
where
they're
needed
and
omit
them
where
they're
not
needed,
so
I
I
I'm
personally
opposed
to
make
that
are
defined
in
the
bps.
This
specification,
mandatory
in
all
bundles
they're.
A
F
Well,
though,
I
think
this
is
from
a
from
a
comment.
I
think
it
may
have
been
one
of
benjamin's
comments
that
some
of
these
extension
blocks
seem
important
enough,
that
they
ought
to
be
mandatory
in
all
bundles,
and
I
I
would
interpret
that
as
meaning
that
they
would
be
mandatory
to
use.
K
B
Yes,
I
do
believe
this
was
a
question
that
was
great
for
one
of
my
comments
and
the
intent
I
had
in
my
comment
was
more
along
the
lines
of.
Can
we
ensure
that,
if
that,
if
I
put
this
extension
in,
I
can
be
confident
that
the
other
end
will
understand
it,
so
that
would
be
the
sort
of
mandatory
to
implement,
but
not
mandatory,
to
include
in
every
bundle.
I
I
F
A
Rick
here
what
I
I
get,
I
get
confused
by
the
word
extension
because,
for
some
protocols,
extension
is
is
used
to
describe
a
mechanism
that
additional
functionality,
possibly
not
described
in
the
original
specification,
can
use
so
extending
a
protocol
to
add
features
that
you
might
require
for
your
enterprise
or
your
deployment
as
compared
to
where
I
think
we
use
the
word
extension
in
bpbs
to
mean
flexible
extra
blocks
that
are
optional
to
have
within
a
bundle.
And
I
wonder
whether.
F
A
That
terminology
confuses
people,
so
traditionally
an
extension
would
be
optional
to
implement.
I
you
you
implement
it.
If
you
support
the
extension
and
the
extension
would
be
specified
in
some
way,
whereas
a
bit
like
ip
header
fields,
they
are
mandatory
to
understand
and
for
and
defined
but
optional
to
use.
F
I'm
glancing
back
at
section
4.3
in
the
spec.
The
the
language
here
is
really
silent
on
whether
the
weather
implementation
of
support
for
these
extension
blocks
is
is
mandatory.
It
is
clear
that.
F
That
the
the
presence
or
absence
of
the
blocks
is
optional,
subject
to
some
constraints,
so
I
I
I'm
at
the
moment.
I
think
the
the
language
is
correct
about
the
presence
or
absence
of
the
blocks
if
we
want
to
add
some
language
that
says
that
these
extension
blocks
must
be
implemented,
that
that
is
the
ability
to
handle
these
particular
extension
blocks
is
mandatory.
I
think
that's
a
perfectly
reasonable
thing
to
add
to
the
to
the
start
of
4.3.
A
Yeah
on
the
on
the
chat
mark
blanche
correctly
points
out
that,
given
this
is
a
very
disconnected
network
protocol,
we
can't
have
a
negotiation
protocol
between
the
two
endpoints
to
negotiate
extensions
and
capabilities.
Therefore,
we
need
to
make
extensions
mandatory
to
implement,
but
that
could
create
an
issue
in
the
future,
as
new
extensions
could
then
require
implementations
to
become
non-conformant
in
some
way.
So
I
I
agree
with
him
on
this:
there's
there's
a
difference
between
future
extension
of
bp
bis.
A
To
add
capabilities
that
may
not
exist
in
existing
implementations,
which
is
different
from
here,
are
some
extra
blocks
that
may
appear
in
your
bundle,
but
you
must
be
able
to
handle
them
if
you
see
them-
and
I
I
think,
okay
action
for
the
working
group
on
this,
please
can
people
double
check
this
section
and
ensure
that
it
meets
your
understanding
of
what's
needed
here.
I'll
make
a
note
of
that
and
I'll
I'll
get
that
on
the
mailing
list.
D
I
think
I
don't
like
to
make
terminology
when
we
don't
need
to,
but
you
pointed
out
a
good
thing
rick,
where
the
word
extension
means
something
extending
the
protocol
and
it's
being
used
here
as
oh
yeah,
it's
kind
of
a
flexible
thing
that
may
or
may
not
appear
in
the
in
the
bundle.
D
D
F
I
I
think,
if,
if
we
wanted
to
do
that,
I
think
we
would
add
a
term
rather
than
replacing
the
term,
because
there
are,
it
sounds
like
there
are
what
we
are
currently
calling
extension
blocks
that
are
mandatory
and
mandatory
to
implement,
and
then
there
are
additional
extension
blocks
that
cannot
be
made
mandatory
to
implement
in
this
specification
because
nobody's
defined
them.
Yet.
F
So
well
I
I
I
would.
I
would
propose
that
we
don't
necessarily
have
to
do
that
if
we
don't
want
to
introduce
additional
terminology-
and
I
I
actually-
I
agree
with
adam-
that
introducing
additional
terminology
you
know
willy-nilly
is
is
often
a
bad
idea.
What
we
say
currently
is
extension
blocks
are
all
blocks
other
than
the
primary
payload
blocks,
which
is
very
clear.
F
Implementation
of
support
for
those
extension
blocks
is
mandatory
and
and
just
leave
it
at
that.
G
A
Okay,
so
I'm
watching
the
clock
here,
ronald
in
the
chat,
makes
a
very
valid
point,
which
is
extension
block
is
a
well-known
term
in
this
dtn
in
the
dtn
itf
work.
So
those
were
inside
dtn
do
understand
what
an
extension
block
is,
but
I
think
for
fresh
readers
to
bp
bis.
We
need
to
make
sure
that
that
terminology
is
correctly
defined
and
the
rules
for
implementers
is
is
there
but
we'll
move
on?
F
A
H
A
So
you've.
A
No
okay,
so
I
think
we
have
to
take
this
to
the
list,
because
we've
got
a
full
agenda
and
I
was
happy
to
let
that
overrun.
But
I'm
looking
at
the
clock.
Okay,
so.
F
At
this
point,
we
have
one
remaining
residual
question,
which
is
this
one
and
the
the
proposed
cure
for
it
being,
I
think,
adding
some
text
in
a
sentence
in
4.3
and
I
would
propose
to
leave
it
at
that.
A
A
Yeah,
if,
if
you
want
to
propose
that
on
the
list,
scott
and
and
just
make
sure
we've
got
agreement
from
the
working
group
on
that.
That
would
be
great.
A
Thank
you
very
much
so
next
we
have
I'm
juggling
through.
D
A
D
During
that
little
conversation
we
just
had
there
because
I
got
involved
speaking.
I
did
miss
a
couple
bits
of
it.
If
you
can
cat,
if
people
can
capture
that
into
the
kodi,
that
would
be
wonderful,
because
I
did
miss
bits
and
pieces
of
that
because
I
was
speaking
and
it
was
hard
to
switch
back
and
forth
just
so.
Everyone
is
aware.
A
A
A
What
I
oh,
this
is
the.
I
H
H
All
right:
well,
let's
go
ahead
and
jump
into
it
here,
so
really
just
a
quick
overview
of
where
we're
at
with
bp
sec.
H
We
have
one
outstanding
discuss
item
that
is
teed
up
primarily
for
discussion
here
today
and
that's
regarding
mandatory
security
contexts,
and
at
this
point
we
believe
that
to
be
addressed
with
the
current
version
of
bp
sec,
which
is
version
24..
So
if
you
flip
over
to
the
next
slide,
is
that
yeah?
It
is
doing
it
yeah
perfect.
So
this
is
a
an
update
from
what
ed
presented
at
the
last
meeting
at
108.
H
I
captured
all
of
the
questions
that
questions
that
he
spoke
to
just
highlighting
some
of
the
updates
made
and
identifying
whether
or
not
there's
some
functional
changes
between
those
between
22
and
24,
so
the
bolded
items
there
are
the
ones
that
I'm
going
to
be
discussing
in
the
rest
of
the
slide
deck
the
items
that
are
not
bolded.
There
are
obviously
no
changes
at
all
no
changes
made
at
all,
so
we
left
those
alone
and
those
won't
be
discussed
here.
H
So
with
that
we'll
jump
into
the
the
first
topic
there,
which
is
mandatory
to
implement
security
contexts,
so
the
next
slide
there.
H
G
H
Perfect,
so
should
there
be
one
security
context
that's
considered
mandatory
to
implement
in
for
all
bpsec
implementations.
Previously
there
was
not.
There
was
no
mandated
security
context.
H
That
implementations
must
support
security
contexts
within
the
networks
that
they're
operating,
so
that's
above
and
beyond
minimum
should
they
exist
to
make
sure
that
all
nodes
and
all
all
nodes
in
the
network
are
able
to
understand
and
comprehend
and
operate
with
those
security
contexts.
C
I
would
just
put
in
the
comment
that
I
think
this
this
text
here
was
drafted
by
ran
atkinson
on
the
mailing
list
and
brought
in
based
on
what
he
felt
was
a
parallel
construction
from
some
of
his
other
security
work.
A
H
All
right,
thank
you.
So
one
of
the
remaining
or
one
of
the
open
questions
that
was
previously
discussed
was
whether
or
not
we
would
be
allowing
nested
signatures
and
having
having
multiple
signatures
nested
within
within
a
security
operation.
So
there
were
some.
H
There
were
no
functional
changes
that
were
that
we
made
since
22.
bpsec
24
adds
a
rec
adds
that
this
capability
should
be
implemented
through
a
custom,
security
context
and
or
custom
security
blocks.
H
C
I
can
I
can
speak
to
that
also
for
a
moment
that
we,
we
were
getting
questions
related
to
the
idea
that
if
a
bundle
was
going
through
a
network
and
every
node
in
the
network
wanted
to
provide
its
own
signature
over
a
particular
security
target.
What
do
you
do
in
that
case?
If
you
have
many
many
dibs
all
pointing
to
the
same
security
target?
C
That's
not
allowed
in
dp
sac
and
the
reason
it's
not
allowed
in
vpsa
is
because
it
becomes
a
nightmare
for
verification
afterwards
and
and
should
not
be
allowed,
and
so
we
made
it
clear
here
that
if
there
is
some
I'll
use
the
term
madness
that
needs
to
be
done,
then
the
behavior
of
it
really
should
just
be
encapsulated
inside
of
a
single
security
context
where
they
allow
multiple
security
results
to
be
added
if
they
needed
to
to
that
single
bid.
That
would
exist
to
capture
those
results,
but
but
otherwise
one.
A
Ed,
adding
adding
a
following
comment
so
in
in
the
multi-signature
scenario
or
the
multiple
verification
scenario.
The
assumption
is
that,
in
the
definition
of
the
security
context,
that
does
this
operation,
the
the
verification
methods
and
all
the
problems
associated
with
it
will
of
course
be
solved
in
that
specification.
C
Yes,
and-
and
I
think
what
what
kem
will
show
in
the
next
slide
in
the
next
presentation-
is
that
security
context
can
have
processing
behavior
as
part
of
the
definition
of
the
context.
H
All
right,
so,
if
there's
nothing
further,
let's
go
to
the
next
slide.
Please
thank
you.
So
the
the
topic
here
for
discussion
was
somewhat.
Similarly
considering
whether
or
not
we
should
be
considering
signature
encryption
over
multiple
blocks
again
taking
the
same
path
here
and
making
no
functional
change
from
22
into
24,
and
instead
adding
language
to
recommend
implementation
through
a
custom
security
context.
H
You
know
staying
with
the
the
design
paradigm
that
we
want.
You
know
we
want
that
madness,
as
ed
ed
says,
to
be
kind
of
outside
of
the
mainline
implementation
and
again
I've
got
the
the
text
from
the
from
24
there
for
specifically
referring
to
the
bib
pieces,
but
it's
it's
similar
for
both.
A
I
think
actually,
one
of
one
of
the
legitimate
criticisms
of
some
of
the
early
bp
sec
drafts
was.
It
was
so
flexible
that
it
was
entirely
conceivable
to
tie
yourself
in
knots
and
from
an
implementer
perspective.
It
looks
like
a
such
a
tough
target
to
to
try
and
get
your
implementation
correct
because
of
such
options.
I'm
a
huge
fan
of
security
context.
I
think
they
solve
a
lot
of
this
problem.
H
Okay,
if
there's
nothing,
nothing
further,
next
next
slide
there,
okay!
So
this
this
topic
here
was
asking
you
know
proposing
that
we
add
bundle
protocol,
reason
codes
again,
because
there's
there's
new
reasons
that
a
bundle
might
or
a
a
node
might
discard
a
bundle.
So
within
bpsec24
there
are
five
new
reason,
codes
that
are
added
and
and
recommends
that
those
are
allo.
Those
reason
codes
be
allocated
within
the
existing
bundle
status
report
reason,
codes
registry.
H
So,
if
there's
nothing
further,
we'll
go
on
to
what
I
believe
is
the
last
slide
here
and
in
a
similar
vein,
there
should
be
set.
Should
bp
sec
be
reserving
some
security
context
per
parameter
and
result
ids
to
pro
promote
con
commonality
they're,
the
change
in
mvp
24
is
to
set
negative
values
as
reserved
for
local
and
on-site
specific
use
within
the
security
context,
identifier
registry,
so
again
this
the
only
change
here
is,
is
adding
those
negative
values
as
being
reserved.
C
So
I
had
a
two
two
quick
comments
on
that
number.
One
there's
actually
a
typo
in
bp
stack
where
this
registry
is
defined
as
an
unsigned
integer,
meaning
and
zero
are
right
back
to
madness,
but
the
so.
C
Presumably
we
would
change
that
to
a
signed
value
and
then
this
this
particular
suggestion
came
from
benjamin
and
kaduk,
and
so
if,
if
there
were
any
other
discussions
or
or
areas
where
that
had
been
useful
or
not,
it
certainly
seems
reasonable
to
me
and
would
be
happy
to
include
it.
A
A
I
do
understand
that
this
is
that
the
local
site,
specific
use
cases,
are
not
so
much
experiments
which
is
commonly
where
private
use
reserved
flags
are
used
it
they
they
could
be
production
grade
used
in
anger,
hence
keeping
the
bit
count
low
has
some
advantage.
C
So
I
I
know
that
that
I
I
have
no
strong
opinion
on
it.
Is
there
instead
a
value
saying
something
to
say
you
know
the
first
10
values
or
the
first
20
values
instead
are
reserved
for
for
local
use.
I
I
see
brian
up
in
the
queue
now.
M
A
A
A
H
Yes,
but
yep
you've
got
it
here
so
again,
we'll
go
ahead
and
jump
into
this
one.
So
here
we're
talking
about
the
updates,
the
default
security
context,
the
as
the
companion
document
to
bp
sec.
So
if
you
jump
into
the
the
summary
slide
next,
please.
H
So
the
you
know
the
the
takeaway
and
kind
of
what
to
be
looking
for
in
this
presentation
is
in
the
update
that
ed
made
from
the
dash
01
to
dash
02
there's
a
lot
of
additions
to
provide
better,
more
flexibility
and
and
more
specificity
in
the
security
context
and
leaves
it
leaves
a
little
bit
less
up
to
the
imagination
for
the
implementer.
H
So
you
know
it
adds
detail
to
the
security
context
that
already
exists.
So
that's
the
the
hmac
and
sha-2
bib,
as
well
as
the
aes
gcm,
bcb
security
context
and
as
a
a
reminder,
the
for
the
the
aes
gcm
bcb
that
provides
a
integrity
mechanism
as
well
as
a
encryption
and
decryption
mechanism,
and
so
in
in
each
of
the
security
contexts.
H
So
with
that
we'll
step
through
each
of
those
things
in
the
the
following
few
slides,
some
of
the
one
of
the
big
changes
in
the
security
default
security
contacts
document
was
the
addition
of
the
ability
to
specify
multiple
key
links
for
the
within
these
security
contexts.
H
H
So
you
can
select
256
bit
key
or
all
the
way
up
to
512
for
the
for
the
bib
security
context
and
then
for
bcb.
Likewise,
anything
ranging
from
128
bit
all
the
way
up
to
256
bit
and
those
follow
directly
from
definitions
in
rfc
8152.
H
All
right,
if
there's
nothing,
nothing
further,
let's
go
ahead
to
the
next
slide,
please
so.
Another
addition
here
was
more
definition
for
this:
the
scope
of
each
of
the
security
contexts.
H
So
here
the
scope
refers
to
the
set
of
information
used
as
input
for
each
of
those
each
of
the
security
operations-
and
you
know
those
are
spelled
out
here-
I'm
not
going
to
go
into
the
the
detail
of
those,
but
for
each
of
the
operation
or
each
of
the
security
contacts
defined
in
the
default
security,
doc
context
document
the
primary
block
security
target,
other
fields,
including
some
of
the
you
know,
the
content
list
and
the
text
there,
as
well
as
other
fields
that
are
spelled
out
there.
H
These
are
all
selectable
targets
that
can
be
used
specified
in
the
scope
as
the
scope
for
the
inputs
and
again
that
allows
more
flexibility
when
it
comes
to
the
implementation-
and
you
know
the
actual
employment
of
these
security
contexts
and
without
requiring
new
security
context
for
every
single
possible
configuration
that
someone
would
want
to.
C
I
use
just
had
a
point
of
clarification
to
this
that
there
were.
This
was
based
on
on
the
mailing
list,
an
observation
that
brian
seapost
had
made
about.
For
example,
how
would
you
cryptographically
bind
a
block
to
the
bundle
in
which
it
should
exist?
C
Certainly,
one
thing
that
you
could
do
would
be
include
the
individual
signature
of
the
primary
block
as
a
secondary
result
with
the
bib,
but
then
you're
carrying
two
signatures
around,
and
that
seems
to
be
extra
work
and
extra
bytes
and
by
by
including
the
primary
block
in
the
set
of
information
provided
and
calculating
a
signal,
a
single
signature
over
the
normal
target,
and
perhaps
these
other
optional
targets
that
will
have
the
same
function
of
binding
it
all
together
and
then
you're
only
carrying
one.
H
Signature:
okay,
if
there's
nothing
further,
let's
go
on
to
the
next
slide
here.
H
Thank
you.
So
here
this
is,
you
know
mostly
included
for
included
for
completeness.
This
is
obviously
a
copy
and
paste
from
the
document
itself
again
kind
of
talking
to
canonicalization
algorithms
so
for
the
integrity,
integrity,
protection,
security
context,
there's
a
canonicalization
algorithm
defined
that
appen
in
order
to
append
the
to
specify
how
the
canonical
forms
the
components
of
the
bundle
specified
by
the
scope
parameters
are
appended
and
formed
together
as
a
as
an
input
to
the
security
operation.
H
So
you
know
there's
a
well-defined
operation.
You
know
processing
flow
defined
there,
so
starting
with
an
empty
set
of
length,
zero,
there's
a
bunch,
essentially
a
series
of,
if
statements
and
depending
on
what
are
what
is
specified
as
the
the
input
scope
it
take.
First
of
all.
First,
it
will
take
the
canonical
form
of
the
primary
block,
append
that
to
the
to
the
ippt.
H
Next
up,
it
will
look
at
the
security
header
flag.
You
know,
let's
see
security,
header,
flags
and
and
various
flags
there,
let's
apologize
for
being
a
little
bit
lost
in
the
text
here,
but
essentially
it
you
know
go
through.
It
goes
through
again
looks
at
all
of
the
integrity
scope
parameters
specified
computes
the
canonicalized
form
of
each
of
those
and
sequentially
appends,
those
in
a
well-defined
order.
H
All
right
so
with
that
we'll
flip
over
to
the
next
slide.
Talking
about
the
the
bcb
aes
gcm
input
canonicalizations
generally,
those
those
follow
right
after
exactly
what's
defined
for
the
for
the
integrity,
protection
mechanisms.
H
So
looking
for
the
the
bcbas
gcm
security
context,
there
is
a
there's,
an
encryption
process,
a
decryption
process
and
then
an
integr
and
then
a
integrity
check
that
is
that
can
be
performed
on
that
as
well.
So
for
the
you
know,
canonicalization
of
the
plain
text
used
during
the
encryption.
H
It's
some
language
there
right
from
the
right
from
the
document
as
well
to
specify
how
that's
how
that's
presented
as
an
input
there.
Likewise
for
decryption,
the
ciphertext
is,
is
formatted
in
a
similar
way,
well-defined
way
to
be
passed
into
that
that
processing
and
then
for
the
integrity
calculations
against
the
additional
authenticated
data
that
follows
essentially
just
as
previously
shown
in
the
in
the
integrity,
protection
mechanisms.
A
Okay,
so
sorry
rick,
a
thought
occurred
to
me
while
reading
that
which
was.
Why
was
this?
Why
is
this
text
not
in
bp
sec
itself?
So,
but
I
think
I
know
the
answer
to
that.
A
H
That
correct,
so
this
is
it's
definitely
you
know
from
my
perspective,
it
seems
to
be
you
know,
oriented
that
way
right.
So
that
way,
you
can
have
flexibility
in
terms
of
how
you
implement
the
processing,
how
you,
how
you
implement
your
formatting
in
such
a
way.
That
makes
sense
for
a
given
security
context
that
you
might
want
to
implement.
That
would
be
different
than
this
one.
So
by
not
putting
this
in
the
main,
you
know
bp
sec
again
we're
not
tying
the
bp
sec
to
have
a
specific
implementation.
C
So
rick
an
example
of
that
would
be
context
if
someone
really
wanted
to
do
this,
where
they
would
portion
out
and
and
encrypt
only
portions
of
of
the
target,
as
opposed
to
the
entire
thing
and
get
into
you
know,
encryption
ranges
and
blocking
off
the
plain
text,
and
that's
just
not
something
that
should
be
in
bp
sec.
It's
also
not
something
that
should
be
in
the
default
security
context.
Maybe
it
shouldn't
be
anywhere,
but
if
it
needs
to
be
somewhere,
it
would
be
in
its
own
document.
H
Okay,
if
there's
nothing
further,
we
can
go
on
to
perhaps
my
last
slide
if
my
memory
serves
so
with
the
the
above
changes,
there
are
additional
security
context
parameters
that
are
added
in
that
you
know
really
encapsulate
capture
all
of
the
different
aspects
there,
so
the
sha
variant,
again
kind
of
speaking
towards
to
ident
used
to
identify
which
of
the
the
different
key
links,
which
are
the
variants
to
be
used,
encapsulated
key
to
be
able
to
transfer
some
key
information
and
then
the
integrity
scope,
flags
which
are
used
to
identify
which
portions
of
of
data
are
to
be
used
for
the
input,
canonicalization,
algorithms
to
then
be
processed
by
the
security
context,
and
likewise
for
the
the
bcbas
gcm
context.
H
You
have
similar
information
as
well
as
an
initialization
vector.
That's
used.
That
parameter
was
already
present
in
the
previous
version,
so
the
the
following
three
items
are
our
new
ads
with
the
o2
version.
So
if
there's
nothing
further,
I
think
that
was
my
last
slide
and
I'll
turn
it
over.
C
My
last
comment
on
this
is,
as
we
look
at
getting
the
the
core
three
documents
through
iesg.
C
The
bp
sec
document
has
a
single
discuss
against
it
from
mira,
and
that
is
that
there
needs
to
be
an
approved
set
of
default
security
contacts
to
go
with
it.
So
this
document
and
the
security
context
dash
o2,
does
need
a
nice
review
before
it
goes
out.
It
is
in
working
group
last
call
if
you
have
not
read
it
or
read
the
new
version.
Please
this
week
take
some
time
and
go
through
it
and
provide
comments
on
the
mailing
list.
A
And
equally,
we
will
be
needing
a
document
shepard
for
this
as
well,
so
that
we
can
complete
all
our
checks
and
balances
before
pushing
it
to
the
isg
magnus
go
ahead.
G
G
I
think,
we're
in
80s
we're
using
part
of
the
data
tracker,
where
maybe
you
don't
see
the
summary
graphics
etc,
which
actually
correctly
summarize
it
it's
green
or
red,
etc,
and
you
may
looking
mostly
at
the
ice,
the
evaluation
page
for
for
the
individual
document,
the
evaluation
record,
and
that
might
give
you
that
misconception
that
they
is
active,
so
okay,
but
but
it's
so
it's
it's
probably
not
blocking,
but
I
mean
we
still
need
to
make
progress
on
this,
because
that
question
of
dependency
is
needed.
A
Absolutely
absolutely
we
have
a
quick
agenda
change
because
we
have
reshuffled
so
that
ben
could
could
get
involved
with
the
tcpcl
conversation
he
has
multiple
clashes
today.
He's
asked
that
we
bring
tcpcl
in
as
the
next
item
rather
than
the
cozy
context.
I
am
very
sorry
to
juggle
everyone
around,
but
we
really
need
ben
and
brian
to
talk
about
tcpcl
together,
so
I'm
going
to
shuffle
it
everything
around
once
more
brian.
Are
you
happy
to
present
now
I'm
really
hoping
you're,
not
getting
a
coffee
he's
there
right
I'll,
find
the
slides.
M
And
as
far
as
the
slides
are
concerned,
this
should
be
relatively
short
in
terms
of
presentation
content.
It
may
take
a
little
bit
of
time
to
discuss.
A
A
M
Yes,
good,
okay,
cool,
okay,
all
right,
so
the
going
to
the
next
slide.
So
the
first
two
slides
are
a
bit
of
boilerplate.
The
goals
are
exactly
the
same
as
they
have
been
a
rough
amount
of
backwards
compatibility,
but
adding
in
new
extensibility
and
intro
interoperability.
M
So
there
were
two
main
sources
of
changes
from
the
last
draft
and
there's
even
a
further
23
revision,
and
these
are
feedback
from
ben
caduc
and
and
feedback
from
martin
duke
and
the
good
news
is.
This
is
not
changing
the
the
structure
of
tcpcl,
not
changing
the
encodings
of
things
in
a
fundamental
way.
M
Interoperable
is
the
goal
here
and
also
usable
with
the
current
pki
x
tools
and
and
tooling
that's
available.
So
this
is
still.
There
are
a
few
issues
remaining
to
be
worked
out,
and
I
have
another
slide
later
on
that
I
I
can
talk
about,
but
it's
really
nailing
down
specifics
about
how
to
make
tcpcl
behave
in
a
way
that
is
in
agreement
with
best
current
practices
and
in
agreement
with
other
protocols
using
the
same
types
of
mechanisms
or
the
same
mechanisms.
M
There
are
some
terminology
changes
again
just
to
be
clear
about
when
an
ip
address
is
being
named
versus
a
dns
name,
and
this
is
again
pulling
tcpcl
closer
in
line
with
other
specs
covering
the
same
ground.
I
added
a
clarification
based
on
scott
burley's
comment
about
how
do
existing
implementations
handle.
If
I
ask
to
make
contact
with
node
a
and
they
respond,
I'm
node
b,
what
should
the
behavior
of
the
convergence
layer
be,
and
that
is
continue
on
with
a
warning?
M
Basically,
the
bundles
must
continue
to
flow
and
martin
duke's
feedback
did
lead
to
one
change
and
that's
the
addition
of
transfer
refuse
reason-
and
this
is
something
that
really
was
an
oversight
from
earlier-
that
when
it
comes
to
shutting
down
cleanly
shutting
down
a
tcpcl
session,
there's
a
period
of
time
when
you
can't
accept
new
transfers
because
you're
shutting
down
that's
the
whole
point
of
having
that
clean
termination
procedure.
So
one
of
these
refusal
reasons
is,
I
am
terminating.
M
Your
bundle
is
perfectly
fine,
but
don't
send
it
to
me
right
now
in
this
session,
because
I'm
terminating
so
that
distinguishes
it
from
the
other
refusal
reasons
which
is
more
to
do
with
your
bundles
malformed
or
I've
run
out
of
disk
space.
Something
like
that.
M
So
if
you
can
go
to
the
next
slide,
so
that
covers
what's
in
22,
and
some
of
this
is
also
changes
in
23
focused
on
the
pki
aspects
of
things.
I
I
am
planning
on
doing
so
this
first
topic
of
how
to
define
the
use
of
can
tls
contact
header
flag
after
looking
at
what
ran
and
ben
have
been
have
been
discussing
on
the
mailing
list.
M
I
I
want
to
take
that
terminal
that
verbiage
that
they
had
narrowed
it
on.
M
I
think
this
is
an
appropriate
thing
to
do
in
the
sense
that
it
changes
the
language
from
you
can
speak
tls
to
your
entity
is
configured
to
to
use
tls,
it's
a
minor
from
the
spec,
it's
a
minor
change,
but
it
brings
it
more
in
line
with,
and
I've
also
added
to
the
security
considerations
as
an
explicit
piece
of
text
in
that's
going
to
be
in
the
upcoming
revision,
and
this
is
something
that
maybe
scott
might
want
to
look
at
eventually,
also
in
the
sense
of
it
says
explicitly
man.
M
It
says
the
phrase
mandatory
to
implement
but
optional,
to
use
with
a
little
bit
of
explanation
of
what
does
that
mean,
so
you
could
steal
that
for
something
like
bpsec
or
or
those
extension
blocks,
but
that's
like
I
said
it's
in
an
upcoming
draft,
so
I
think
that
can
tls
should
at
that
point
be
put
to
rest.
M
The
one
comment
that
came
in
from
I
believe
it
was
from
martin
about
a
supported
version
set.
This
is
something
that
hadn't
been
discussed
prior,
it's
not
something
that
had
been
present
in
the
previous
tcpcl.
The
concept
is
in
some
protocols.
You
can
say
I
don't
support
version
three,
but
I
do
support
version
four
and
two.
M
The
next
contact.
Please
use
one
of
those
versions,
the
current
spec.
The
way
it
operates
is
you
start
the
top
of
your
list
latest
revision
and
you
work
down.
So
there's
a
risk
that,
if
you're
talking
about
just
pure
open
network
anybody
talking
to
anybody
the
risk
is
it
takes
you
two
or
three
failed
connection
attempts
to
negotiate
a
shared
version.
M
I
don't
necessarily
see
a
problem
with
that.
It's
a
question
to
working
group.
If,
if
it
seems
like
it's
worth
adding
complexity
to
the
contact
header
right
now,
the
contact
letter
is
short
and
fixed
length,
and
this
would
just
add
a
little
bit
of
complexity
to
the
contact
header.
So
it's
I'm
not
sure
that
there's
much
value
in
this
for
the
use
cases
that
are
known
on
this.
M
There
was
a
suggestion
to
add
two
different
contact
failure,
reason
codes,
which
is
version
two
high
and
version
two
low,
instead
of
simply
version
mismatch.
That
seems
to
be
a
little
bit
more
reasonable.
A
M
G
A
Okay,
I
may
have
some
ideas.
I
won't
I
won't
interrupt
now,
but
I'm
just
thinking
yeah.
I
need
to
think
them
through,
but
okay,
let
me
okay.
M
For
the
near
term,
my
plan
is
to
not
touch
the
contact.
Header
leave
this
as
a
an
open
item.
A
Just
rather
than
being
cryptic,
my
preference
would
be
a
a
an
error
response
which
says
something
like
upgrade.
I
understand
you're
trying
to
talk
tcpcl
version
three.
I
am
a
v4
implementation
go
away,
but
please
upgrade
I
I've
implemented
just
enough
tcpcl
version
3
to
give
you
that
return
code.
M
So
that
was
the
one
alternative
that
was
proposed
in
the
comment
was
to
have
two
different
failure:
responses,
which
is
version
two
high
and
version
two
low,
so
you'd
know
which
way
which
way
to
try.
Your
next
attempt.
A
M
A
Yeah,
I'm,
I
assume
we're
we're
optimizing
for
the
case
where,
where
both
ends
actually
know
the
versions
and
have
made
contacts
previously
and
have
some
idea
that
that
you
know
so
we
don't
the
version
mismatch.
I
don't
think
is
on
the
is
on
the
critical
path
for
these
things,
but
it
does
need
to
be
specified.
Okay,
yes-
and
it's
also-
I
mean
this-
it
could
be
kicked
down
to.
M
A
So
I
understand
that
they
sort
of
I.
I
have
no
idea
what
you're
talking
about
seems
to
be
a
fairly
valid
reason
code
or
possibly
just
killing
the
tcp
connection.
I
you
sent
me
something
which
looks
like
garbage
to
me,
which
is
different
from
you've
sent
me.
I
something
I
understand
as
a
tcpl
version,
3
header,
so
so
version
2
low
I
can
I
can.
I
can
implement
that
version,
two
high,
I'm
predicting
the
future,
but
let's
take
this
offline.
Okay,.
M
It's
not
gonna
be
changed,
at
least
in
the
near
term.
Here's
the
takeaway
here
the
last
topic
has
been
augmented
a
little
bit
from
some
feedback
from
ben.
The
question
was:
is
there
a
need
or
value
to
having
a
pki
extended
key
usage
allocated
for
in
somewhere,
another
dtn,
and
the
reason
for
this
is
currently
I
can
take
a
certificate
that
somebody
gave
me
issued
to
me
for
my
http
server
for
my
ldap
server
whatever,
and
I
can
repurpose
that
and
use
it
for
tcpcl
no
problem.
M
I
keep
my
host
name,
it's
the
same,
and
now
I'm
talking
tcpl
using
the
same
circ.
So
it's
a
question
of.
Is
this
a
desirable
behavior
and
the
the
following
question?
That's
not
on
this
slide
is,
and
I'm
I'm
going
to
be
doing
some
communicating
with
the
expert
on
the
oid
for
the
iana,
which
is
does
it
make
sense
to
have
two
different
levels
of
this?
M
Is
a
dtn
transport
purpose
versus
a
dtn
bundle,
security
purpose
or
is
there
simply
one
level
of
this
is
a
a
valid
user
of
dtn
security
at
some
level,
trust
them.
G
A
I'm
I'm
being
sort
of
was
it
principle
of
except
but
with
control.
So
if
I
so.
M
The
way
the
protocols
make
use
of
this
kind
of
thing,
other
modern
protocols
is
to
say
if
the
certificate
does
have
an
eku,
it
must
be.
It
must
contain
this
value.
So
if
a
if
a
ca
just
says
you
are
a
valid
holder
of
this
name,
do
what
you
will,
then
that
will
be
accepted.
But
if
a
ca
says
you're
a
valid
holder,
this
name
and
it's
intended
to
be
used
for
ocsp.
M
If
it's
intended
to
use
for
ntp,
if
it's
intended
to
use
for
something,
that's
not
etn,
then
don't
accept
it
for
dtm,
because
the
ca,
the
idea
is
the
ca
issued
it
for
something
else.
Should
you
be
trusting
it
for
dtn.
M
The
way
that
it's
specified
or
the
way
that
it
is
or
will
be
specified
is
as
a
recommended
security
policy.
So
there's
the
requirements
are
if
the
security
policies
are
so
and
so
here's
how
you
act
and
then
there's
a
separate
statement
is
the
recommended.
Security
policy
is
x,
y
and
z,
so,
okay,
yeah.
A
B
Wanted
to
say
a
little
bit
about
extended
key
usage
values
in
general.
B
I
mean
you're
quite
correct
that
the
cas
will
sometimes
just
not
have
any
eku
at
all,
but
then
other
times
they
will
have
some
and
the
sort
of
idea
there
is
that
the
ca
is
bothering
to
specify
in
detail
what
the
certificate
is
intended
to
be
used
for,
and
you
can
tell
that
because
there
is
any
extended
key
usage
present
in
the
certificate
at
all,
and
so
now
that
you
know
that
the
ca
has
some
intent
or
some
information
about
what
the
certificate
should
be
used
for.
B
Then
you
should
check
for
this
one,
but
we
don't
need
to
have
a
very
strong
requirement
that
if
you
have
a
certificate,
you
should
have
a
certificate
that
has
this
eka
value.
I
think
the
way
that
the
current
ecosystem
is
set
up.
It's
not
guaranteed
that
or
it's
not
necessarily
going
to
be
very
easy
to
get
a
certificate
that
has
this
particular
eku
value.
M
M
To
publish
another
revision-
and
maybe
this
will
wrap
things
up.
I
hope
so
and
thank
you
again
to
the
chairs.
A
So
I'm
conscious
we've
got
half
an
hour
left
and
we
have
three
ten
minute
presentations.
So
for
the
sake
of
people
following
you,
can
I
ask
people
to
be
timely?
Let
me
find
the
other
slide
called
bp
set
cozy
contexts
which
is
not
not
these
slides,
because
it's
still
brian.
A
Okay,
brian,
you
have
say
seven
minutes.
M
Okay,
yep,
so
the
short
take
away
here.
If
you
skip
to
the
next
slide,
you
can
skip
the
the
first
two
they're
just
background
on
what
the
intent
here
is,
but
really
the
goal
here
is
pki
and
pki
with
existing
mechanisms.
So
if
you
flip
to
the
third
slide.
M
M
There
can
be
some
feedback
on
this,
for
if
this
makes
sense,
but
the
idea
is
that
the
structure
of
whether
it's
used
in
integrity
or
confidentiality
is
exactly
the
same.
What's
different
is
what
types
of
messages
will
be
embedded
in
the
results
so
having
one
context
or
having
two
contexts.
It
really
doesn't
structurally
change
what
is
being
represented
here,
but
the
idea
is
that
the
context
is
parameters
are
some
key
materials.
Public
key
materials
results
are
cosi,
messages,
an
integrity
result
either
has
a
mac
or
a
signature,
or
some
future
cosy
message.
M
That's
going
to
do
that.
Job
and
the
confidentiality
result
has
an
encrypt
message
in
it,
and
the
reason
for
cosi
itself
can
transport
public
keys
with
the
individual
results.
The
reason
for
having
them
in
security
parameters
is
that
if
I
choose
to
sign
every
single
block
in
my
bundle-
and
I
have
15
different
results-
I
don't
want
to
have
15
different
copies
of
my
public
key,
so
the
parameters
have
the
public
key
and
then
the
results
have
the
key
identifiers
that
reference
the
public
key.
M
So
it's
relatively
clean
in
that
structure
and
then
each
result
is
a
cosy
message,
and
this
is
dipping
toes
into
that
realm.
That
ed
had
mentioned
of
of
getting
into
a
little
bit
of
madness
of
of
structure.
Cosi
is
quite
vast
and
can
get
complex.
There
is
in
this
document,
if
you
flip
to
the
next
slide.
M
M
So
this
nails
it
down
at
least
to
a
realizable
and
implementable
set
of
things
that
you
can
do
and
also
restricts
that
you
can't
have
arbitrary
depth,
nested
messages,
all
kinds
of
complicated
stuff,
and
the
last
draft
also
has
examples
of
using
this
kind
of
stuff.
So
it
is
realizable
if
you
wanted
to
start
implementing
something
like
this.
The
good
news
is
that
the
cosi
ecosystem
is
is
present.
M
M
Then
this
is
similar
to
what
was
presented
for
those
interrelated
contexts
for
bp
sec
that
cosi
this
profile
requires
authenticated
encryption
with
additional
data.
It
requires
certain
structure
that
that
cosi
doesn't
mandate
about
all
this
context.
Data
that's
coming
out
of
the
bundle
that's
coming
out
of
the
primary
block
or
the
the
block
header
of
the
target
block.
M
The
one
last
statement
is
just
that:
kosi
natively
has
this
concept
of
a
protected
header
versus
unprotected
header.
What
gets
what
gets
secured,
what
gets
nailed
down
and
what's
not
what's
potentially
allowed
to
change,
and
this
carries
through
with
that
same
concept.
So
the
security
parameters
for
this
context
are
not
part
of
the
protected
data.
C
So
so
brian,
this
is
ed
a
couple
of
of
quick
things
number
one.
Thank
you
so
much
for
writing
this
up.
I
I
think
that,
having
more
than
one
security
context
and
showing
how
you
can
accomplish,
you
know
a
variety
of
things
with
the
security
context.
Concept
is
important.
It
also.
If
we
get
implementations
of
this
and
the
default,
we
can
start
doing
things
like
sizing
comparisons,
processing
comparisons,
how
easy
it
is
to
push
through
code
in
the
bpas.
C
The
last
is
there
is
a
draft
out
for
a
security
context
template,
and
it
might
be
a
good
to
look
at
how
you
formatted
this
document,
how
the
default
security
context
document
was
formed
to
see.
If,
if
we
can
then
work
together
on
what
would
be
a
good
template
to
to
give
to
other
authors
of
other
security
contexts
to
make
sure
that
the
information
is
presented
in
a
in
a
standard
digestible
way.
M
Yeah
I
have
browsed
that
context
template
and
I
agree
that
it's
good
to
try
to
pull
things
in
line
with
that.
The
only
the
only
bit
of
a
nuance
in
this
case
is
that
it's
one
context
used
in
two
different
security
blocks,
which
is
probably
not
something
that
was
originally
looked
at.
C
M
A
Okay,
thank
you,
brian
any
other,
any
further
questions
from
the
floor.
I'm
watching
the
clock
and
conscious
that
other
people
still
have
to
speak
thanks,
brian
right.
So
next
up
we
have,
I
believe,
fred
templin.
He
says
jumping
between
the
agenda
very
quickly.
No,
we
don't.
We
have
sarah
heiner
won
bp
sex
security
templates,
perfect.
N
If
anything
is
not
coming
across
clearly
so
I'll
be
conscious
of
time,
so
I'm
sarah
heiner
I'm
going
to
present
a
little
bit
on
security
policy
and
also
the
security
operation
life
cycle.
So
if
we
can
move
to
the
next
slide.
N
So
we'll
start
with
the
discussion
of
security
policy
for
bpsac.
We
know
that
bpsec
enables
the
representation
of
a
security
operation
in
a
bundle
as
an
extension
block
and
there's
been
some
work
done
to
determine
what
the
life
cycle
of
an
extension
block
looks
like.
So,
you
may
have
seen
this
in
the
security
context
template
draft.
N
N
So
it's
not
enough
to
come
across
the
correct
cipher
suite
implementation
for
a
security
service.
We
also
need
the
policy
settings
to
be
correct
in
order
to
process
a
block
and
verify
the
security
service
that
it's
representing.
So
we
need
both
security
contacts
and
policy
in
order
to
derive
meaning
from
security
services.
N
Please
so
here
we're
moving
into
the
life
cycle
itself,
recall
that
bpsec
allows
both
a
security
operation
and
its
associated
security
context
to
be
represented
as
a
block
in
the
bundle.
So
that
means
that
we
can
establish
universal
policy
points
by
tracking
that
block
life
cycle,
which
is
what's
shown
here.
N
In
the
most
basic
case,
a
security
operation
would
encounter
four
events.
A
node
would
have
to
be
identified
as
the
security
source
for
that
operation.
It's
required
to
be
represented
in
the
bundle
it
would
then
move
to
being
successfully
represented
in
the
bundle
arrive
at
its
acceptor
and
then
be
subsequently
processed
and
removed
from
the
bundle.
A
Thanks
sarah
yeah
really
interesting
stuff.
I
informational
draft
be
absolutely
brilliant
about
this
sort
of
thing.
That
would
be
great.
I'm
going
to
close
the
line
comments
on
the
list.
Everybody
please!
A
Thank
you
very
much.
Next,
we
have
fred
templin
fred
if
you're
there.
A
Good
news,
fred,
so
a
little
point
of
order.
The
last
item
we
have
is
after
this
slide
is
a
demonstration
by
dave
from
apl
who
has
got
some
quite
fun
tools
for
playing
with
amp,
which
is
the
asynchronous
messaging
we're
gonna
run
along
on
this
session,
so
we'll
fix
we'll
get
dave
in
after
we
have
officially
finished
the
session.
So
just
our
intention
is
to
run
long.
A
I
understand
some
people
have
to
leave,
but
that
does
give
fred
his
ten
minutes,
because
this
is
another
convergence
layer
and
looks
like
it's.
It's
really
interesting
stuff.
So
go
ahead.
Fred.
O
Okay,
thanks
rick,
so
the
title
of
this
is
ltp
fragmentation,
but
it
really
concerns
anything
that
uses
the
udp
convergence
layer.
So,
let's
go
on
to
the
next
chart.
O
O
Please
so
the
bp
convergence
layers
c,
such
as
ltp,
often
use
the
edp
transport
layer
to
break
bundles
into
segments
as
the
largest
atomic
block
of
data.
The
underlying
data
datalink
layers
must
deliver
it
as
a
single
unit,
and
it's
also
known
as
the
the
re-transmission
unit.
Each
loss
segment
must
be
retransmitted
in
its
entirety.
O
O
O
O
So
the
answer
is
that
some
operating
systems
support,
what's
known
as
the
send
multiple
message
system
call
or
send
mm
message,
and
that
allows
an
application
to
present
multiple
segments
to
the
kernel
in
a
single
system
call.
So,
for
example,
you
might
present
16
4k
byte
segments
instead
of
just
one
64
gigabyte
segment
and
that
enables
the
use
of
smaller
segments
without
increasing
the
number
of
system
calls.
It
provides
the
benefits
of
bursting
while
using
smaller
segment
size.
O
So
that
means
that
the
loss
unit
can
be
made
closer
to
the
re-transmission
unit,
so
that
loss
of
a
single
ip
packet
or
fragment
results
in
the
retransmission
of
far
less
data,
and
we
can
even
tune
the
amount
of
ip
fragmentation
allowed.
We
can
have
none
some
moral,
ip
fragmentation
or
lots
of
ip
fragmentation,
while
presenting
multiple
segments
in
a
single
system
called
produce.
A
burst
of
bursts
next
chart.
O
So
we've
implemented
this
in
the
the
ion
implementation
and
demonstrated
its
use.
It
allows
for
setting
both
the
segment
size,
which
is
the
edp
datagram
size
and
a
burst
limit,
and
preliminary
performance
results
showed
an
increase
in
network
utilization
without
causing
receiver
congestion.
O
A
Thanks
fred,
I
was
on
mute.
Sorry,
that's
really
interesting.
I
I
have
one
quick
question
and
which
is
no
I'll.
Take
it
to
the
list
I'll
take
because
there's
purely
an
implementation
detail
to
do
with
linux
kernel
optimization,
but
so
that's
fine,
but
really
interesting
to
talk
about
the
re-transmission
and
packet
subdivision
that
that
hadn't
really
worked.
I
hadn't
hit
that
one.
That's
that's
really
interesting!
I'm
thank
you
for
that.
A
O
It's
currently
expired,
but
I'm
going
to
be
reposting.
The
draft
in
the
next
couple
of
days.
A
That
would
be
great
yeah.
O
A
So
that's
that's
should
be
of
real
interest
to
the
working
group.
So
have
a
look
any
other
questions.
A
Nope,
okay,
so,
as
I
said
earlier,
we're
going
to
slightly
overrun
because
we've
had.
G
A
Busy
schedule
I'm
really
pleased,
we've
had
a
very
busy
schedule,
but
while
I
line
up
david
adele's
slides,
I.
A
K
I've
talked
about
the
amp
me
tool,
which
is
a
prototype
experimental
tool
that
does
a
variety
of
things,
to
help
management
and
interfacing
with
network
manager.
So
I'm
going
to
show
off
a
couple
of
things
that
I
can
do.
It
also
is
a
prototype
of
showing
off
a
lot
of
things
that
we
could
do
with
the
ui
in
the
future,
with
many
stubbed
out
features,
so
the
main
functionality
of
it
is
taking
amp
messages
and
converting
them
between
various
formats,
so
over
here
I've
already
pasted
in
a
sample
uri
format.
K
K
In
addition,
there's
a
uml
view
which
breaks
down
the
message
into
a
very
nice
diagram,
which
is
very
helpful
when
trying
to
debug
why
an
implementation
isn't
working
you'll
notice
in
the
uri
format
here
for
the
hex,
it
is
prefixed
with
a
term
here.
Ari
means
this
is
an
ari
message.
K
You
could
also
use
message
for
an
individual
message,
report
or
messages
for
a
message
group.
Currently,
the
ion
and
a
manager
will
actually
output
in
the
debug.
That's
prefix
when
it's
receiving
traffic.
K
So
well,
so
this
entire
interface
is
written
actually
in
javascript
right
now,
functionality
I
just
shown
was
running
entirely
in
the
browser,
but
it's
also
designed
so
it
can
run
in
node.js
via
the
command
line.
So
if
I
switch
over
here
and
scroll
up-
and
I
can
run
the
same
decommutation
in
the
browser
in
the
command
line.
I
K
No
problem
so
other
capabilities,
you
see
here
it's
showing
a
list
of
agents
right
now.
It
is
querying
this
both
from
the
running
network
manager
instance
using
the
rest
api
that
was
included
in
the
last
release,
and
it
is
also
querying
the
mysql
database
and
showing
records
in
there.
K
K
Last
time
I
gave
this
demo
somebody
commented
that
would
be
useful
to
actually
view
some
of
the
atms
and
controls.
So
there
is
an
adm
listing
view
here.
This
shows
all
of
the
adms
that
are
available.
K
You
can
double
click
here
to
go
to
the
ietf
page
with
a
raw
definition
which,
of
course,
maintenance
low
or
you
can
double
click
anywhere
else
and
it'll
show
you
the
raw
json
file,
which
the
node.js
script
here
is
actually
using
to
control
a
lot
of
the
parsing
and
it's
how
it's
able
to
decommute
decommutate
some
of
the
uris.
K
K
I
gave
it
here
a
uri
format
of
a
control
and
it's
inserted
into
the
database
and
told
me
the
id
if
my
manager
was
actually
running
properly
right
now
it
would
parse
it
and
the
send
it
out
and
the
response
report
would
come
back
into
the
database
right
now.
My
connectivity
isn't
running
so
we
can't
see
the
report,
but
if
we
did,
there
is
also
a
show
script
here.
A
So
david,
as
I
understand
it,
this
is
effectively
a
a
a
prototype
of
functionality
that
that
one
would
have
in
a
networks
operations
center
for
managing
in,
in
the
loosest
sense,
a
series
of
devices
using
amp
for
for
management.
So
this
is
handling
and
decoding
the
messages
from
their
heavily
encoded
form
down
to
something
manageable
understanding.
The
reports
allowing
humans
to
understand
what
on
earth
is
going
on
and
and
see
the
traffic
flow,
as
well
as
the
the
data
itself,
is
that
right.
C
Forms
is
really
it's
really
interesting
work,
and
and
when
we
start
talking
about
the
concept,
what
does
it
mean
to
do
asynchronous
network
management?
You
know
the
the
ion
distribution
as
a
reference,
implementation
of
bundle,
protocol
and
dtn
protocols.
In
general,
you
can
use
amp
to
configure
and
run
ion
to
configure
security,
to
configure
ltp,
to
configure
ipn
and
naming
and
so
on
and
and
these
kinds
of
utilities
on
the
front
side.
C
Allow
you
to
then
start
putting
that
into
you
know
the
the
text-based
scripts,
compiling
them
into
the
seabor
representation
and
then
sending
them
the
agents
that
will
that
will
implement
them,
and
so
it's
as
as
you
do
all
of
that,
these
kind
of
tools
will
become
more
and
there
are
a
couple
of
projects
and
other
organizations
that
are
also
starting
to
to
bring
these
tools
together
and
and
release
them
open
sword.
K
C
A
Okay,
so
on
that
note,
I
think
we've
probably
got
to
call
it
then,
because
we
have
overrun.
Thank
you
very
much
all
the
presenters.
Thank
you
very
much,
all
the
attendees.
Whatever
your
time
zone,
I
appreciate
you
making
the
effort
yeah
so
we're
meeting
again
it's
a
virtual
interim
in
march
early
march.
I
think,
eighth,
ninth,
something
like
that.
We
haven't
got
dates
for
the
actual
dtn
session,
but
early
march
put
in
your
diary.
This
will
be
happening
again.
Please
look
at
the
drafts
that
are
in
iesg
review.
A
Please
keep
an
eye
on
the
discuss
resolutions
that
are
happening.
Please
get
feedback.
Please
provide
feedback
to
the
authors,
because
without
confirmation
from
the
working
group,
the
authors
aren't
100
sure
that
they
are
reflecting
the
opinions
of
the
working
group
and-
and
these
are
working
group
documents.
Otherwise
ed
do
you
want
to
add
any
final
words.
C
Thank
you
to
everyone
that
took
excellent
notes
through
all
of
this.
I've
been
looking
at
the
cody
md
site
and,
and
it
is
a
terrific
capture-
and
I
noted
that
somewhere,
someone
wrote
avoid
madness
and
I
think
that's
probably
the
best
that
I've
seen
that's
all.
I
have.
A
I
think
that,
oh
yes,
one
last
thing.
Obviously
we
now
have
a
secretary
slot
open.
I
will
put
a
message
on
the
mailing
list
about
this
as
well,
but
if
you'd
like
to
put
your
name
forwards
for
working
group
secretary,
we
would
be
very
interested
to
hear
from
you
otherwise
enjoy
the
rest
of
your
day
night,
whatever
it
is
wherever
you
are
and
thank
you
very
much,
I
think
that's
it.