Internet Engineering Task Force 109, 20 Nov 2020

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: IETF109-CORE-20201120-0900

Description

CORE meeting session at IETF109
2020/11/20 0900

https://datatracker.ietf.org/meeting/109/proceedings/

A

Otherwise, we can use this random protocol that we were made aware of the other day and see if it works, though,.

B

Chairs can help, of course, but we need at least one dedicated.

A

A

It was a draft about club over b lee, but I think it expired long ago.

A

If we don't have volunteers, then I would like to ask michael to give me a number from 1 to 42.

A

Well, actually, 1 to 40.

C

I just volunteered.

A

No, you need to increase.

D

The gain a bit.

A

D

Quiet because I'm too quiet yeah he's not better much better. Now.

A

All right, so would you like michael to be the innocent hand? That gives me a a number so that I can randomly select an individual to take minutes if that individual is so kind.

D

Michael, no, I can't figure out not give myself the number right. First.

A

Not so innocent anymore, uh marco.

E

B

A

Me, the number marco.

B

Yes, it's itf 109, so 10 9, 19.

A

19, okay, let's see, let's see people are logging in and logging out just to skip this one two three: I.

D

May I'll take minutes.

D

Thank you. I already said that, like obviously my mic's not working, uh thank you michael and.

A

Believe it or not, I think 19 is joran you're joran salander. You have been chosen.

A

F

uh Yes, I'm here, yes,.

A

You have won the privilege uh to take meets on this session uh together with michael. You could be.

F

A

F

Thank you so much. How do I do to collect the price.

A

uh You just go to the to the url that um the javascript will post in java in a minute and um and just take notes there in the kodi md. Oh and of course, we.

G

Can help you with that.

A

Yes, yeah you're welcome. We will keep doing this in the future. I think it works so.

B

Let's start for small, actually it can be a.

A

B

Smooth yeah, it can be a draft for the small working group.

A

Yeah you could so I think we are. We have uh sufficient amount of people and we have three minutes passed. So, let's start so welcome to core marco, and I will be the chairs for you today.

A

um As usual, you can chat on the jabber and comment on the jabber on on the miteko chat, which is same thing today.

A

We assume people have read the drafts that are going to be discussed and, as usual, um the ipr applies for all the communications in the itf. um Then there'll be our principles or guidelines. Blue sheets are automatic, uh no takers we already have michael and joran, and the chairs will be helping.

A

Please remember the note well applies to to this session as well and yeah. I mean you know how the java works and that the meeting is recording. So for the friday session uh we have well. We have a, I think, a bit of a shift. We will have the adhoc presentation first because it was postponed from the last meeting and we have a bit of a short update on some of the drafts that maybe marco you can. You can give the update.

B

Sure uh all happened yesterday, actually stateless was approved for publication by the isg, as a quick check from ayanna approved, uh enter the editor queue. So that's great thanks to the authors and working group, and also two other drafts are now in last call, so the vrn request tag, so they should also proceed uh well, hopefully, in the coming weeks,.

G

A

And hopefully, after this session, we'll have one or two more. So, let's start already with the echo request, just a second.

A

Unless uh I've noticed that there is some issues, sometimes with the quality of the call, we all have the video. So I guess if we are not presenting or on the chairs, also we can cut the video.

A

So francesca you are in.

H

Yes, hi, can you hear me well.

D

H

Great so yeah thank you for um um putting me up first, um so this is about combining addoc and oscor. I presented this document. This is the second revision, so version zero. One um next slide, please.

H

If you remember from last its where I presented this, the goal of this document is to combine a doc message: three and the score subsequent of oscar request.

H

um So this in this figure you can see erdogan score are run sequentially and then in the next one next slide, please they are combined.

H

So to do so, um as I introduced last time, there were several different options.

H

Next slide. Please and.

H

So, at the last itf meeting we had used the options uh only uh so so we got a feedback from the working group that working book preferred uh to send adoc in a no-score message and not that not to send all score in a talk message. So each of oscore and edok define how to send an oscar or a message over co-op and um we went with send adult score and even then we still have.

H

uh We still have two uh possible options on how to do that, so either signaling this with a new co-op option or signaling in the oscar option itself and use a bit in the oscar flag, flag.

H

Byte next slide, please so just to remind you what these uh two options would look like um if all score, if addock was signal in a new option uh you can see here. This is a co-op message, uh figure actually and um educ message. Three. The data and your cipher text are in the payload, so there are sequence in the payload and the second option next slide is to take a bit in the offer option itself.

H

So this, where the two possibilities?

H

Next, please and in the current version of the draft, I actually have written down examples and of co-op messages based on the two appendices in oscore and edoc test vectors and we have calculated. What's the the actual difference between these two options um and difference is one byte.

H

We got 58 bytes in total for the cooperage when the the signaling on with an empty option and 57 bytes in total, but only because we are using a bit in the flag byte uh that doesn't need to extend the flag by. So, as you know, we only have eight bits in the fight and we are using the last one to signal uh oscar plus endoc in this message.

H

But if we want to use that, um then we would need to uh expand the flag byte of uh eight more by eight more bits, and so uh there will be no difference in size in these two options.

H

So next slide, please so um on our way forward, we still have as a goal to choose one of the alternatives we like to get feedback and reviews from from anybody, and hopefully then this work and standardize. It and it will be a very, very simple, a simple document once we have chosen um so johnny's saying in the chat that we should probably not use the last flag bit better to say that for other stuff, that is sent in a message- and I agree so basically, the difference in size between these two options is zero.

H

um Yeah. Thank you for yeah, that's good. We can put these two slides um and the difference is just that we have to register either one bit in the flag, byte registry ayanna registry, or we have to register a new co-op option that that's the difference. So does anybody have an opinion about that.

H

Okay, so I see custom questions.

H

Yes, so custom: if will the new option really be one bite? Well, the option is empty so uh and it will come after your score. So yes,.

I

Yeah christian just gave the number, so the the data has to be less than 13 and we would have to check. But since it's following the score option, we we know from from which number the data is going to be uh computed.

I

H

And I also, I also made sure to take a number that is correct or yeah. That is free and it's all like critical or all that I calculated it the first available number and it uh it was one byte. It was yeah. The delta was less than 13.

A

um Just a reminder, please guys try to avoid the chat if you can actually just use the microphone so that we have the queue we can. We can start using that.

I

Yeah, except if somebody else is already using the microphone, then I fall back to the chat.

H

Okay and john was in.

C

The ql, I think you don't get to see the chat.

J

Yeah, hey: are there any new known benefit disadvantages with the two options?

J

I don't know I I could think if you use a new option, you might run into problem if, if in the future, there is some second option that also want to add things and concatenated with oscar. Then then you, if you use both options, then we might run into problems. So from that perspective it seems maybe a little bit better to register a new bit in or score, but I don't have a strong preference.

H

E

So any anything that um prescribes some pre-processing of the payload before getting passed on to before becoming the message that would be there. If that option were not present, um will need to solve its sequencing issues. That's independent on whether it's inside the yet hook option or or a new option at all, sorry inside the oscar option or on your option at all.

H

Yeah, so what you're saying is that we need to fix that anyway in in either case, um which makes sense yes.

A

Matt had also another valid comment: matt can you mention it also 40 minutes later.

A

If not, I can also relay from from him. Basically the diana he'll prefer anything on diana registry so that other alliances can reuse it. So I'm assuming that, then he prefers option one instead of two. So those.

H

Options are ayanna in one case: it's a registration of co-op, co-op, new option and in the second case, which is on this right now, uh it's uh there is a ayanna registry for the oscar flag bits so.

A

Okay, okay, I didn't know that.

H

So really, what we're looking for is uh opinions at this point on what do you think is best, and uh if anybody wants to implement- or you know that's obviously, the the best way to give feedback is. Oh, I implemented this way and it really didn't work so, but I personally, uh I personally cannot see a big difference between these two options.

H

Do you want to say something.

F

uh Yesterday we have stefan ristisov on the call. I haven't seen him uh because I think he actually would he plan to implement this, but so we should. We should ask him what what's the status since he's not present in this meeting.

H

And custom, when you say: let's grab that number, do you mean.

I

Yeah, so we are, we should be. I think there are good reasons to to turn this into a curve option, and uh given that there are only a few spots after nine that are one byte, uh I think we should grab that uh number and uh uh go ahead with it.

H

Yeah, maybe we could do it a temporary registration, I don't know if that's the name but.

I

Yes, I don't remember what the ayanna considerations are.

H

Okay, but I'll check that out, we.

E

Might be able to just register it, um I I I talked about that with ayanna just the day before, um and it's an early allocation can basically be done by the work um through the working group chairs. um If there is consensus in the working group that this will be used in late kind of that, this document is going towards is going somewhere.

I

Yes, but earlier location only works for things that require isg action in some form. So what what were the iena considerations for auction numbers? Can you remind me.

A

Just a second, let me interrupt here because we already 17- and I don't want to to do too much on this topic right now. I think francesca you got the feedback you wanted uh and everybody seems to be leaning towards the ad hoc. Can we do the rest offline? Is that okay, so that we can continue with the core session sure.

H

Yes, um so just to summarize I'm hearing that people are agreeing with the new adult option and then there is at least in the room from what I've heard is. uh There is no disagreement about that and uh hopefully we can the earlier location so that would be. I will come back to the chairs about that.

A

Yes, okay! Okay! Thank you. Thank you.

A

So, let's move on to the first item of today, actually, which is similar versions.

I

So um pictures and versions.

A

You wouldn't see the video yet now it's loading yeah there you go.

I

Okay, so the first one is a really quick one next slide.

I

So we have been discussing this draft at the last ietf and I just copied the the headings of the slides there, because I'm not going to show them again so senora uses a version number that version number starts at 10 and the the objective of a version number is of course, to do extensibility, but version numbers are stupid for extensibility.

I

So the proposal is to interpret the version number as bits and turns out since the the number needs to be represented in json. Essentially, we have 53 bits shades of atm and it looks like we can get by with those 53 bits. So that's the existing draft next slide and in this itf.

I

Well, at the last idf we said we needed more reviews and we identified two people who will be doing reviews hello, bill, hello, heimer and uh dash one was submitted recently. There are just minor edits there with an updated reference, so it's essentially still the same document, so it would really be great to get some reviews um and also it would be great to get some implementations um ari, considered implementing it before the meeting. I don't know, did you get around to that.

G

It's implemented, it seems to be working.

I

Okay, so it's not a very complex document, so people who are working with cinema, I probably should have a quick look matthew.

K

Carson um one of the comments you made, that versions and version ids are stupid and I deeply resent that and I don't think you're fully thinking through this as an industry.

I

Okay, that was the the title from the slide I used last time and that moderated this statement a little bit and explained the statement, and so but please don't take this advanced value.

K

No, but I I I represent an industry where we care about versioning, because we deploy embedded devices for 20 years. We care about versioning, and you just said it's stupid- that we care about that.

I

No version numbers are just not a very good way to represent the evolution of a protocol.

K

Right but what's your solution I mean you have not you've not presented a proper solution to that.

K

I

What we're trying.

K

To do is stupid.

I

I didn't uh try to repeat the entire discussion of iot 108, so I apologize for just extracting the title of that slide. That, of course, we all care about evolution and version numbers are one way of doing this, but they are often not the best way.

K

You have to have some way of versioning some kind of iot object, as it evolves over time.

C

It's not the version, that's stupid. It's the number. That's stupid well, either way what we need a solution.

C

His proposed one.

K

C

Just doesn't involve incrementing integers; it involves setting bits in the integer just represent capabilities.

K

Well, I will say in ome alliance: we spent a lot of time on this, probably two or three years, trying to figure this out the best we come up with. We need some kind of numbering.

K

I mean if you've got a better solution. I'd like to see it presented.

I

Yeah, I think we we got that and I apologized for for just extracting the title of the slide and not its content.

I

um So this draft essentially does one thing: it explains how to use the version number that we already have. So I think you you would be happy with that.

A

So I'm next in the queue uh regarding the version I mean regarding the draft, I actually read a few times. It's very short, I just I'm sorry. I didn't have the time to write it down. The feedback is I mean mostly positive, basically, um either numbers or or using uh bit fields, it's different ways to represent some new thing new feature.

A

I I think it's a valid way um so I'll provide the feedback as soon as I can sorry for the delay on that.

I

Okay, so my summary would be. uh We have one implementation and aria if you can write a sentence or two about that to the mailing list, and it would be good if the people who did the reviews actually also write something to the mailing list, and with that um maybe we need a dash or two. But then we should be ready for a new glasgow.

A

At least when I read it, I didn't find anything terribly wrong, um but only one review is not enough. I would like uh maybe bill if he committed and others would they commit today to provide a review.

L

Yeah I'll I'll, I was a bit uh behind with this um review thing, so I will commit to it. Yes, okay, but.

A

It's very short.

L

Let me have a look at it in the next few days and then I'll come back to this.

A

Okay, anybody thank you bill. Anybody else would like to volunteer.

A

Now, okay, I mean we will we'll make two woods with that. So thank you, carson anything else on this draft.

I

No, that was it.

A

Thanks so then we move on. Are you presenting also data city.

I

A

I

Okay, alexa just mentioned on the chat that he has reviewed earlier versions. So that's good.

A

A good point: please many takers, also often this these comments in the chat get forgotten. Please remember to write it down on the minutes. Alexis says it looks sensible.

I

So I hope alex is still talking about versions and not about the content format. Indication.

A

Of course, yeah.

I

Okay, thanks so um data value content from an indication next slide.

I

We also have looked at this in previous meetings. So basically the idea is, if you have a cinema record with some some binary data values uh which in json are represented as base64, but they're really binary values.

I

It would be good to be able to say what content format, uh content, type and content coding is being in use for that.

I

So this draft defines a content, format, indication field or ct field next slide, so in in this example, for instance, uh it would say that the content forward is c-ball, that's the number 60. and then you, when you decode this base64, you actually see. Oh, it's an array with some text in it and and the number 42.

I

I

So that's a pretty straightforward thing: we complicated it a bit when we tried to add a must-understand version of of this field and that turned out to be more complicated than we could bite off at the time.

I

So we retracted that, and now we have a version that doesn't have that uh complexity. So there was a working blast call after the last meeting and there were reviews by uh alexay, jim and thomas next slide.

I

And one comment was we actually need abnf for the contents of of that field. um The abn f is in in a different draft and we need to to understand how we actually handle these drafts. So we can, of course, just just copy the content from that other draft into this draft, so we don't have to reference it, but that would of course, yeah kind of defeat the point of the other draft, or we could adopt that other draft and and put it on on the same track.

I

Now, I'm not talking about cinema versions, I'm talking about the core media content, type format.

A

I am talking to michael richards on his question, not to you.

I

Oh, but I'm not talking about cinema versions right now, I'm talking about data ct.

A

So, just to clarify michael is commenting that the to alex to alexei, which document did he review and I'm just clarifying that he reviewed cinema version. So this is.

I

He is alexa, not me. Sorry, correct.

A

I

Yeah, that's always a bit hard when you're talking about sites to also look at the chat and understand what people are saying in there. Okay. So I'm talking about alexis review here, okay, um yeah, so that that's the decision we we have to take before we discuss this.

I

Let me show the other open uh next slide, so issue number one: what does it mean to have a ct without a binary value in the record now this can actually happen when you have a default value for city obesity, in effect, so it's uh probably the best thing to to simply make this uh allowable, but uh uh without consequences. So um that's the the change uh that is being proposed and I'm I'm pretty sure it's innocuous, but of course we all should be thinking about that before we go ahead with it.

I

So that's pretty much the the technical content here and so procedurally next step once these two items, the next slide excuse me um slide is called next steps. um Once we we have uh processed these comments, we of course can recheck whether we covered everything that was in the reviews and then, since we didn't really do a lot of technical changes. We probably can submit to isg at this point, but we still have to decide on on how to handle the the abnf issue.

A

So now we go for comments, matt you're, in the queue.

I

K

You I'm sorry, I'm not really good at this. So what are the the proposed solutions to these problems? I don't really see drafts that really address them that you proposed.

I

Can you repeat the question I'm not following.

I

Can you hear me yes, but I'm I didn't quite get the question from what you.

I

K

Can you guess.

I

K

I'm trying to understand what are the problems that are trying to be addressed with these last couple.

I

I

Well, there were two review comments.

I

What do you mean with the draft as a.

I

K

I guess what what is the use case.

K

The use case you see what I'm struggling with that we do not have a problem with.

I

Well, if you want to use binary data in a cinema record right now, there is no way to say what these binary data mean and the ct field allows you to say what.

K

Okay, so you want a new ct field. Yes, okay, I'm cool.

F

I

A

You so any any more comments.

I

Any comments, in particular on the abn f issue, ari.

G

So I guess the impact of the abn issue is that if we don't bring it here, it would have to wait for the media contact format to become an rfc before this becomes an rfc, because it would be a normative reference.

I

Yes, and if we do bring it here, it means that this draft becomes becomes the place where we fix the abnf. So I don't actually see a big difference. There.

A

As authors, do you have a preference or it's the same? I guess you're choosing this one since you're, presenting on this draft.

G

A

um Adi carson.

I

Well, I think I will just express the weak preference and I think I actually expressed my preference as well. So I'm not sure I understand the question.

A

Well, sorry, I I think you are preferring this draft basically just to to sorry are you excuse.

G

A

You, as in carsten the person in the presentation I prefer to.

I

To do the whole thing properly in the other draft and reference it from this draft.

G

Fair enough and I'm okay, also okay with that, assuming that we don't get that other draft doesn't get stuck in the process for very long time, because the city is essentially ready to publish, um but I guess we can. We can I mean, do the whole hallway. um With this I mean going forward, I keep having the normative reference and just make sure that the media content time format you know, goes smoothly.

I

And if we, if we always have an emergency exit, I mean we can switch to copying this stuff over. If the other documents get stuck on something else, exactly.

A

Alex is commenting on the well actually, marco you're, the javascribe so feel free to comment any time.

B

There's a question from alexi: if the reference document needs to be dispatched.

I

I think that's almost a question to the id.

M

Repeat the question please.

B

Yeah alex is asking on the jobber if the reference draft needs to be dispatched actually.

M

If it needs to be.

M

I mean what you: why, wouldn't that just be part of this working group, why does it? Why do you? Why do you think it needs to be dispatched.

B

He says, if I remember correctly, the reference draft doesn't belong to email, core or core.

M

Okay, well, I mean sure, I suppose that's the best way to handle it sure.

N

Shall I just talk sorry um yeah.

N

The reference draft is more generic about use of media types right.

M

Yeah yeah, it's true.

N

Well, um email code charter doesn't allow it's it's sort of a related thing, but at the moment it's not in scope for the charter, because we.

M

Have definitely not in scope for email, core um and.

N

It's more generic than core! That's why I don't think it's the right place for.

M

Yeah, okay, so so yeah take it to dispatch.

A

Okay, then well many takers. Please uh take note of that. So we don't forget about it.

I

Okay, so my plan would be to have another look at that document, because I haven't looked at it for for a while um republish another version, if there's anything that needs to be fixed, it's on the slide, the the draft bomb and core media.

I

It's no longer on the slide. Now it's on the side. Again, it's no longer on the slide. Yes, it's on the slide. Draftwoman call, media content, type format.

I

So this is essentially a reaction to the problem that we have been having in about a dozen uh core documents that we we never quite properly distinguished media types from content types and that we used content format where we actually meant content type and vice versa. And um so this is essentially a housekeeping document that that will be a little bit like like a 2119 for the uh for this group.

I

So we can just refer to it when we define the terminology uh of a specific document, so that that's the idea and this the cinema data ct document would be the first one that actually benefits from this housekeeping.

I

And, of course, we want to tell a lot of people, http, api and and email call and and everything once we get to the working glass call of that, because we want to make sure that we are not creating conflicts for them.

I

But it's a core document in the first place.

A

Okay, so maybe just to clarify a bit so um on borman, core media content type that one will be shepherd by alexey or at least he's volunteering on the chat right and uh carson on this document, then, would you expect any major changes for the next version? So can we let people know that they should start doing the reviews as as soon as possible,.

I

I haven't read it for a year, so it doesn't, it doesn't reflect the events of of the last 12 months or whatever. Okay.

I

I don't mind if people tell me what's wrong, so I can fix it right away, but we should do a larger outreach with the next version of the document.

A

All right, fair enough! Okay, so thank you so much um anything else from this document anything else you want to relay.

I

So back to cinema data ct, um can we work in group lost last call. Excuse me, we did work in glasgow. Can can we submit this thing with a dangling reference.

A

I guess that's not up to me you're asking the the idea right now right.

A

Or is I don't think it's I mean the 80s has been this call and he knows the pending reference. I guess it's not to the working group right or is to it's to the id right. I don't know what is the proper uh pattern on this.

I

Well, we submit uh documents to the asg all the time that have dangling references, so, of course it would be good to hear whether the ad thinks that's a good idea, but it's also something that this working group should have an opinion.

I

M

The ad has no particular opinion on it as.

O

M

um If, if a reference dot, if a normative reference isn't ready, the rfc editor will hold it. So it's it's not an issue as long as the as long as there's something available for the people who review the document to refer to we're good.

I

All right probably, would be a good idea to adopt uh to go through the adoption before uh we get all the the reviews uh in the last call context in the itf class context,.

A

I'm sorry you mean the adoption of the other document in this patch right just to clarify for the minutes.

I

Well, I think we didn't answer the question whether this patches actually actually needs to be involved, but it's probably a good idea to inform dispatch so that that's something we should do in any case.

P

A

Yeah barry.

L

A

Still on the call I mean you're still in the mic.

M

Like yeah- and I don't know, if there's anything else, I need to say.

M

Basically, I agree with what karsten said so yeah. I don't think there's anything more. I need to say.

A

All right, friends.

I

Okay, I think the next steps are clear.

A

Yes, let's move on then to the next draft. If that's okay with you. Thank you. Thank you.

A

So we have uh blockwise, I believe john will be presenting.

A

Are you there with us john.

Q

Yep, that's great. Can you hear me okay,.

A

Yes, the audio is very good. Yes, second,.

A

For some reason now the tab appears just a second.

Q

Sorry, okay next slide. Please.

A

Look, I hope people don't mind that there is a this browser window on the top. I don't know how to remove it right now,.

Q

Okay, so just basically discovering the changes since we had the last interim call is one outstanding question and the next steps next slide. Please.

Q

Okay, so the updates in o2, as opposed to one, we're just basically saying that the uh the options that you either have to support both or neither uh you can't just support one of the two of them. uh We talked about uh or updated how tokens can be handled to reduce the number to be tagged to be tracked, because we can be sending out a whole load of requests at once and they need individual tokens some clarifications about when multiple instances have been used and we removed the restriction on the 231 response code.

Q

uh How we handle packets that we can't send responses back to, because there's too many, uh let's say, options some sort of christmas tree packet coming in next slide. Please uh updated the the definition of how we are holding the data in terms of the response to say, we need these specific blocks to be re-transmitted, making this notes about the fact that every max payloads, when we send out up to 10 packets, then congestion control kicks in and there's an act.

Q

Timeout delay making the recommendation that it's not used in a no sex security mode because of potential security issues. If we don't do that- and there was a comment in there about repeat request- we've clarified that by updating how we're using the m bit in the blocks- and uh we went for changing the name of the options to cue block, 1 and q block 2- which we are subject with a couple of slides. Hence next slide, please, okay, so for the option naming originally, it was block three block.

Q

Four uh that was said that there was confusion because there's block one and block two. uh We set up a doodle for the naming and out of that, the the people who responded we went for q block. Now there has been some comments about. Q block may not be acceptable in certain parts of the world. uh We're just looking for. Is it's good to continue with q block, or should we be using some other block here and either we take a decision here or we go back and revisit the poll?

Q

Add our selections and we come up with um a naming of this new block mechanism is taking place. So any comments at this point.

B

Some preference in the chat for tough block from michael- I remember carsten, also advocating for that previous.

Q

Occasions we we need to settle on something um as a name.

A

If I made just a reminder to the group that now is the time to to make this kind of decision, let's not do like shedding for a long time. Please.

A

So if you have a preference, just go to the chat and just say it.

B

uh Christian alliance, with michael, essentially tough block, preferred q block can be fine as well.

B

And carson follows.

B

And yeah as well.

B

Seems there's more consensus around tough block.

B

And audi asks about the background around tough block and I think carsten proposed that originally.

Q

Yes, essentially, is that we have here the ability to be able to send a stream of packets uh like in a kind of a non-environment where we can have unidirectional transmission of blocks, and there is block recovery in the protocol etc, and it just is the name for the block that supports this. We can send multiple blocks without having to wait for acknowledge, because the standard block one block two has a request response request response, uh synchronization step was with this quick block.

Q

Tough block is we have the ability to be able to send out a block of data and if it happens, to get lost in ether, it doesn't matter quite as much, but there is recovery mechanisms in place, so um tough resilient able to recover um is where that sort of tough block came from, but uh keyblock it's.

Q

So I I think, with q block, unless um there's something to do with castle's reference, that q block or q minus is a bad prefix. I think it was state side. um I think I prefer to go with the q.

A

Block hey marco, can you relate the chat or should I.

B

Sorry I was stopping in the minutes. uh I can really you prefer to block and mad things, and we should keep qblog too.

A

All right, so we have about half and half and I guess it's up to the offers. At this point, q block or tough block. I guess you prefer q block unless somebody has a very strong opinion against q block I'd say we go for q block.

A

Alexi would like his yellow bike. Okay, then we can move on on this subject. I think okay.

Q

Yep next slide, then, please, thank you very much everyone, okay, so um we have in here congestion control, which is absolutely correct, especially as we're talking about primarily udp here and network flooding, all the rest of it. So when we have a large body of data to send it gets parceled down into the now cue blocks and we're either pushing it up to the server or the server sending response back to us, but in there we have the concept of max payloads that in every 10 packets we have an act.

Q

Timeout delayed delay just to make sure that we're just not flooding the network. um By using con, we can see that there's an acknowledgement and, in particular the max payload packet. If a con comes back, we know that the network is still functioning and we can then carry on transmitting, but in the environments that specifically, these blocks came up for uh which is in some ddos attack environments. Where there's network losses, we can't always use a con because we then lose that packet.

Q

We then enter the retransmit cycle in 93 seconds later, whatever it is, we come out of that.

Q

So in the case of non, which is the preferred how we operate in the particular lossy environment, we would be waiting for timeouts, and so the question really came up is how can we reduce these turnaround times if the network and the environment are all fine and can handle the particular sort of packet load, so the concept of signaling, something in the max payload packet to say I want a response of some sort. If the response doesn't come back through lossy networks, we still wait the act time out. It's not the end of the world.

Q

We we discontinued but it'd, be nice to be able to speed things up so next slide. Please.

Q

It was suggested last time around that we can use the no response option, which is an excellent idea, but it only works um for pushing data to the server. uh The no response option can't be used uh for when the server wants to send back some sort of uh subscription observe response or whatever it may be. That no response is not a standards track. I don't know if that's an issue, but really the question is also.

Q

How can we handle uh block two and if we are using for whatever we do for block q block two, we could um we need to think about doing it for q block one as well. Does it make sense, for both last time around proposed that we added in an additional bit into the block option, the r bit and, if set just means trigger some sort of response or trigger the next get request?

Q

It came back with how about the no response option, but we looked into that. We found it unfortunately only works for qblock one. So is it worth going forward with something like this response bit um or does the working group think well? Does it really matter if we just have this uh act time out in two seconds pause period periodically, so that's really where the question here is any feedback.

A

Just go ahead: don't wait for there is not a lot of people in the queue just go ahead.

E

um On the on the topic of um is, is that act timeout? Okay? I think you are the best to answer that. So um do you expect to run into this? That often at all I mean given that you 10 10 payloads are already quite a bit issue problem for your application, because if it is, then it needs to be addressed. If not, you know you are the driving. You have the driving use case.

Q

Okay, I'm enjoying this okay. So what we're talking about here is passing telemetry information about what's happening with ongoing attacks between the client and the server, and if there is a fairly aggressive christmas, e3 type attack, that's taking place, which is taking place with multiple vectors and multiple things going on. At the same time, then, it's very easy to overflow, the ten packets, okay.

Q

uh But if we can't come forward, it's there's a two second delay in the a two second delay is not critical in terms of ddos attacks, but it's nice to be able to uh for the peers to be able to exchange information so that people are trying to mitigate the attack can be more effective more quickly or, if they're, using ai to kind of control. The attacks.

E

um I I I'd be happy to look into the new response in in the other direction again whether whether I can come up with something I have just haven't had the time to look through that particular question. Yet.

Q

Sure, okay, but there's no response, it's it's! It's! It's a third party ie, not core standard. It's not a status track, so modifying that would be difficult and also the fact that it says response in its name is not appropriate. It could be that we come up with another option to handle this, but I'm just not. I just don't want to spawn off options for the sake of options.

A

Yeah just a very quick question- maybe I misunderstood, but um what wasn't it in in dots that the data path was resconf and signaling was for uh was using co-op and that therefore the telemetry was going to go over resconf, or maybe I misunderstood that part. Sorry for that.

Q

Okay, so there is some telemetry stuff that is passed over rescoff, which basically is vendor mapping. So these attack ids mean this type stuff, but in terms of the actual telemetry signaling that would be done at the signal channel. Because again, we are challenged by we're working in lossy networks.

Q

Yep and westkoff doesn't work that well when it's. When attacks are taking place, we need to get the telemetry information across if we can.

A

Okay um and just for clarification for people in core it would it be possible to have some access to some sample data of the kind of signaling data being sent over co-op during those attacks. Do you have something you can share.

Q

uh Certainly, I can create some information that that it would be yeah. I I I can create some dev uh information and just put it on the list for that. There's no problem at all. Thank.

A

B

Just to relay a comments now, a few minutes ago from mad that two seconds is not critical. It's just an optimization and so far they have recorded the.

Q

Q

Very good, I don't think there are more comments, john okay, sure, okay, next slide, then please thank you.

Q

Yeah, so it's it's really is: um do we make any changes to do with this uh additional bit, maybe or whatever it may be, but uh the implementation that there is already a code that is working on this front that I have working here, so uh I can modify or not, as a case may be based on further decisions.

Q

um Other than that, you know we're ready for a worse working group. Last call from my position: it's otherwise it's ready to go. It does what it says on the tin.

Q

Any other comments or feedback.

A

Okay, so um usually for the step of working on glass call, we get a few more reviews. Normally, I was wondering, maybe if some of those who have been active on on this work, but not not the authors like, for instance, christian or or others would like to volunteer to do a last review or if we would like to do the review during the working class call as well. I mean that's another option.

A

Okay, christian is nodding very good. Thank you christian. um I did ask two questions, though. So what are you knowing for the review? I I know you're gonna do a review, but I guess to you: it doesn't matter whether it's during the working group last call or or before right, exactly all right, very good. Any anybody else would like to volunteer a review.

A

All right, so uh what we can do, then, um once once you submit all three, I think we can do uh the working class call and then hope for for user. In that time,.

Q

Okay, the the only change that will be in the 03 is to do with um handling this max payload issue. That's the only thing we're expecting to change everything else at the moment is good and ready to go.

A

All right, so people can start reviewing already uh michael you're in the queue go ahead.

C

So if I can only run over next, no sec, that seems to me, tell me that it has to run over a dtls and it can't run. Oh.

Q

So yeah that's, I may have had too many double negatives. It cannot run in a no sec. Well it the recommendation is it does not run in a no second environment, I.e. We do have to have dtls in place. Absolutely. You have to have gtls.

C

But I think that we can't use this with os core, because os core would be below would be within it.

C

Right because the co-app headers will be outside of the os core uh id contact. Okay,.

Q

Okay, it's we do say in the draft it can be in or out it's up to the implementer uh what they want to do. There.

C

We just need to have those bits authenticated which, which oscore does.

C

Okay, when you say bits authenticated, what do you mean well.

Q

C

Is that that um the point is that that you better have some security on the request? Otherwise it's a uh an amplification uh packet application system right. So that's the point I think is that you're trying to make and I'll I'll read the document to see that I got it sure yeah.

Q

It just yeah it just is that people can abuse the source address and yeah cause issues absolutely, and hence why there should be a security environment of some sort, so that there is trust in that. You do trust where it's coming.

A

A

I already own, actually I don't get feedback on the screen anymore.

B

And there are comments on jabber from michael on the usage of all score as not validating the originating ip address.

B

And matt is asking for more feedback on the draft text also about it. I think maybe.

A

Maybe others familiar with oscar could provide a review from that point of view.

A

Too, uh jordan go ahead.

F

Yeah, it sounds like christian is saying exactly that in the.

A

End all right! Sorry, then! Oh yes, thank you, christian, okay, then uh john. If you're, okay, um you don't have any for your comments, then we move on to the next presentation. Thank you. Yep.

Q

Yeah. Thank you very much for your time.

A

I have one of the old drafts that we have been working on with our for a while as just a second build, because I really like to have the proper full screen. I don't know, what's happening.

Q

A

I'm open for suggestions by the way on the full screen thing.

L

Does it work if you use just one browser.

P

R

A

Well, let's, let's yeah, I don't know, let's just use this sorry for that again,.

L

No no problem, I guess you can hear me and see me right. Yes,.

A

Yes, we hear you and see you very well.

L

Thank you. Okay. Well, hello, everybody good to be back for core! I'm sorry that I've been a bit uh silent lately, it's just been work, but um this is a. This is a quick update here about what's happening with dynalink, which um they said version 11 right now. um Can we please move to the next slide or yeah, so um I'm just going to take a bit of time to to solicit some feedback about some developments that are going on in in dynlink.

L

My screen, just flashed, so is everything. Okay, all good, all good good, so um dyn link is currently at version 11.. We are close to releasing version 12. um constantly. As always. Whenever there is feedback received, then we try to incorporate that, and especially any kind of corrections and clarifications.

L

So the slide side I'm describing right now is basically what's in the editor's copyright uh or what is the editor's copy at the moment and and also about the the new proposals which are pretty much exclusively coming from from oma. um So I thought I'll brief you about what's happening there and then get your feedback there as well.

L

Can we move to the next slide? Please.

L

So, um as always, the editors drop is available in github, that's the link to the dead draft and and when I refer to downloading latest, that's basically, what's what's there we have now two new attributes um in the uh in the dining draft ep min and epmax. We had rather colorful discussions and.

L

Some recommendations on how to proceed forward, but um I think we are. We have some consensus that that will include these two attributes, which are also used in the live m2m specifications and um ep min is, is an evaluation period that indicates the minimum time and that's that's separate from pmin and epmax is the maximum evaluation period between between the uh two evaluation between the um uh two sampling periods that the server may read and um and then notify the client so ep and epmax are currently in the in the editor's draft.

L

Are there any comments on this.

L

Okay, so let's move on to the next slide, these next few slides are basically recommendations and and and um suggestions that have been put forward by both dave, navarro and and alex all away from the oma.

L

This this particular slide mentions um an interesting scenario in which um we should allow p min to be equal to p max in in certain certain use cases. So the current wording in dynlink states that the maximum period or pmax must be greater than zero and must be greater than p min. If it's present, if pi is present, the the logic behind that is that p min basically defines the minimum time between two consecutive notifications, even if the if the resource step has changed.

L

Whereas pmax refers to the maximum time between two notifications, if the resource state has not changed christian you're on the q.

E

um Does it say for either p min or p max, which party is responsible for cutting the other party slack for non-synchronized clocks.

L

No, no, that's that's nothing about um synchronization yeah at all. um So no, but that's! The suggestion from the oma is that they actually have a use case where, um where they they have an implementer who who is uh looking towards um sending exactly uh one notification per and second, so what they were wondering is. If there is any, um then you need to have this. This strong constraint that p max must always be greater than p min or instead have bmx equal to pmin.

L

If the client wants notifications to be sent every every n seconds. So if, if we, if we go with that, then the text has to change so that the p max must be greater than zero and must be greater or equal to p min, uh if the mean is present. So I just like to get some feedback on on this new proposal from anybody.

L

Are you okay with this, or are you against this, or do you have strong support for that.

L

And incidentally, these are all um github issues, so you can. You can also go to github and and keep your comments there.

A

Yes I'll make sure to relay these to uh alan and klaus, which I guess the opinions on this. They.

L

Comment, this uh dave had actually sent this on the mailing list um in core, but but there were no no responses there so um and then he raised the github issue, so I wanted to just ensure that this is. This is not um something that um that goes unnoticed and- um and I thought all the race is not up now and then, um as usual.

L

You know we have been a bit dormant with dining at the moment, so we'll have to um get back the uh uh either interims or or then have our small meetings and uh and then discuss this um each case individually. But if there are no comments on this one, then let's go to the next slide. So the next.

B

Video see there is a comment in the chat from alexi that it seems reasonable to allow this.

L

Okay, thank you alexi all right, that's good! um Then. The next, uh the next three slides will uh we'll actually be talking about new attributes. um If you move to the next slide, please- and these are all by the way, attributes that are found that are found in the the labyrinth or specs, and I think I think, I'm not sure if they're already there, since I I don't- have the visibility to their specifications, they're either they're in the current specifications or they are being incorporated in the new one to 1.2.

L

But the first of these is an attribute called edge.

A

Bill sorry for cutting just a second uh since you're asking, I think we have nicole hanes and matt, um I'm not so familiar with the attribute h. At least it doesn't ring a bell to me. Maybe they can quickly comment.

A

R

uh Hi this is um I I don't want to talk about the edge, and maybe david and mata are more qualified to do so, but regarding the specifications um sort of they are publicly available, the latest one uh which was just got approved uh this week, needs to be uploaded. uh So that's why you you.

O

R

Seen it there or I haven't seen it yet so, okay, okay, thank you.

O

K

What what specifications do you have open access to, and how can I fix that? Because we believe that all of our specifications are open.

L

Okay, uh what I meant to say was that basically I haven't, I haven't seen the current specifications to see if these attributes already there.

K

L

That you have not seen them sorry, so I'm basing this on the um on the github issues that that are being put into the core call working group repository for dynamics. Okay,.

K

L

Yes, yes, so that let's say that it might be in the new specification. So that's why I'm using it.

A

uh Bill I'll make sure that we have a look on the edge con and hq max. Yes from the.

L

Oma organization, thank you all right, so I'm just raising these issues up these these three attributes, the the edge basically is a is the attribute um specifically applied to boolean resources to indicate either falling age or rising edge.

L

There's nothing very controversial about that, and I think that that's that's actually a fairly valid use case, um but I'd like to ask for comments on anybody who might uh have anything to say about this being included into the dialing draft.

E

Just just like just answers just from looking at it sounds a bit tricky to get this guaranteed through a proxy, because if it's only if only the rising edge values are sent, then the proxy might see. This is a repetition unless there is, in addition, some some p max value that ensures that the value is forwarded anyway, which would result in a in a max h. That means that the proxy needs to send it.

L

Okay, any other comments.

L

Okay, if not, then let's go to the next one. Oh honest.

R

Yeah, I I I don't know if participants saw that david just posted the link to the chat video. I actually wasn't aware that staff had uploaded this, so um this is the version I want to do of the specification, which is brand new, uh something we had worked on over a long period of time and contains a couple of new interesting features: uh multi-transport gateway, support, etc.

R

uh So, for those who care about iot device management might want to take a look at that specification. Okay and it.

O

R

Information about this, given that it hasn't been available in the didn't link draft. But the intention is um to have um sort of the whole bundle that didn't link document with these attributes um to be available as a idf rc and then to make a reference instead of uh including the text in in the library and term specification itself, because we have been extensively using and referencing. The work from this group.

L

Okay and- uh and also, I think I think, dave- is davis here. I'm sorry dave that I didn't see that you were. You were in the in the call uh when I checked um so we just covered one of the github issues that you just raised regarding the pmin pmax, and if you have any comments on that, then please feel free to mention it.

L

I'm trying to monitor the chat as well at save time. So, okay, thank you all right. So then, let's go to the next attribute, uh which is um called the uh con, and um this is taken, and I believe that ellen, when he uh put these issues in in github, he basically took the the text from the the course back itself. So so this uh the terminology is very is very um specific to libra m2m, but obviously that needs to be modified in order to fit into dynamic.

L

But essentially the uh the notification confirmable attribute specifies that all notifications must be sent over confirmable transport.

L

I'm not completely aware what confirmable transport really means in this case, whether uh you're talking about um observe um just having a norm and con or are we talking about uh using something like a tcp? Instead of uep, so if dave you can yes, this is thecube.

P

Hello, can you say first.

O

P

Can you hear me.

G

O

Yes, so yes, um in the right recent specification, there is a separation between the lightweight and twin protocol and the under transports, which is which can be co-op or new things now so. Hence the that's strange are working, but basically is this: when you are using co-op over udp to observe a resource, this attribute will just tell you to send the notification as confirmable message, confirmable message: instead of co-op non-confirmable response.

L

Okay, uh matt is on the line too.

A

Hey matt go ahead.

K

David already said what I was gonna say.

E

All right, then, we have christian um sorry to say, come up with the same thing all over again. um This is something that works for the origins for the origin server, but it doesn't necessarily work for proxies. So I think we now have the separation of things that configure the server and things that are actually kind of relating that work in the rest architecture, and if this goes into this uh configuring, the server bin, so so be it.

E

um But I don't think that this is a general thing that we should advertise for um for for co-op, because this is this works as long as you don't have proxies in there and yes, that might be a situation in which some architectures are. But this is not the generic case. So if it's in that bin meh, but it should be noted there.

R

E

R

Is honest, can you can you explain uh the problems you see with the.

E

Proxy, the thing is, um if you set this con attribute um either proxy might not be aware that this is a kind of this, so you're setting up something like an observation or you're setting up um you're setting up any transport and the the server will send this notification um and it will send it in at home and it will send it to the proxy through which that observation was established and the proxy will receive that and the proxy will have to make its own decision, whether to send that, through a con or through a non or maybe that next pop on the proxy is over tcp and then obviously the next after that, uh we'll forward it as another con as well.

E

So the proxy cannot rely. You cannot rely on all hops in the in the proxy chain, ascending this value as con, and even if you do, if, after this con another non comes around, maybe the other proxy doesn't even see that something was sent on this con. So um you can tell the server that it's that you want the server to do something like this, but you can't expect this to extend over the whole chain.

A

O

A

Add to the comment that um this has been a recurring discussion, also with timing and pmax right bill on the yeah.

A

So it's also up to the group to comment now or the kind of behavior that we should expect when these messages are routed through proxies is the expectation that the uh the attribute has to be honored all throughout the path, or is the expectation that it's not.

A

So it's a also a good point for discussion.

L

Yeah yeah, I think I think we had discussed this- that this this should be a hope by hope, feature and not an end-to-end feature, but this is. This is a good point to bring up right now, also because there.

O

L

Attributes in the dyn link that actually affect um uh implementation behavior, if, if we don't really know what the proxies are going to be doing,.

A

Yeah, I don't want to um speak on behalf of alan, but I guess one of the discussions. At least he was mentioned that the view on live within 2m at least or other sdos, that is end-to-end and not that's a different design choice there. So just to keep it in mind.

R

Also well, uh this is honest again uh yeah and uh in the lightweight mdm architecture, there is no there's no proxy per se, so um the issue doesn't occur but uh yeah. It's definitely something worthwhile to look into on how this relates to some of the others and what could be done to make it uh work over through proxy. If someone wants to have that feature.

E

The thing is, if you want to specify it in core, I think it has to work with the generic rest architecture if it only needs to work for the live with m2m case, where there are no proxies, then um this is something that can be extended on the list of attributes. We define here for this particular application.

R

I I think, that's um you have a specific preference on how you would like to see these things working and um it's it's like- maybe maybe that's uh shared by others in the group as well, but since I'm also a member of the group, uh I I don't share that with you, but uh I always thought the proxy design was a mistake, um but yeah.

E

Here we go, maybe we should have that extended discussion at some point. Yeah.

A

Yeah, it sounds like a nice discussion for another interim and um looking at the clock now and we still have a few items. I don't want to push out all the presentations, so if you could build uh continue or.

L

I don't know yeah so.

A

L

I have just one one other attribute that was put into the in the list and I and I don't believe that we need to um discuss that thoroughly since we can uh schedule some time during intermin interim. So so then, the other, the the last attribute that was proposed by ellen, was um hq max, which was uh for maximum historical queue um and, um and it's a very worthy little um passage that I've I've written here.

L

But but it refers to what happens when, when the 11 m2m client is in disconnected mode basically and then when it comes back online.

L

So this is uh the the behavior that how much how much should be stored and um and how much should be conveyed to the nfm server in this case.

L

um But please have a look at the downlink issues in github and and we'll go through these in a more detailed meeting.

L

Yes, thank you bill. Okay, so and.

A

That was the last one. I had yeah go ahead, so I guess so from from what I'm saying uh document-wise. This is still needs uh some work right, there's no conclusion: yeah.

L

I think, with the current uh with the current inclusions, uh we need to discuss some more and then afterwards um we will have to then work on the on the binding tables and all right and the the editorial changes that need to be done. Yeah yeah.

A

Okay, but I guess the biggest issue and um marco also correct me or bill or both uh is this end-to-end versus hope. I hope- and I guess we could have an interim after after ita 109 and discuss explicitly that just to clear it out. I think that would never work. Okay, marco, you said you agreed right.

B

A

B

A

B

Time check, we are about 25 minutes late and essentially consume the flex time, so we have enough schedule time for all the following documents.

A

Fair enough uh feel free to use the countdown clock by the way, marco. You can also use that feature, because I cannot keep check of the time at the same time I'm trying, but this is kind of hard with the discussions. Well, thank you bill, so thank you very much. Yeah go ahead, guys!

A

Okay! I guess that.

L

A

That's that's all I wanted to.

L

Say um that's not not much else so so. Thank you and let's, let's continue the discussions later.

B

Perfect, I think the next presentation is fazor actually.

A

Yeah, I agree damn it.

A

Sorry, for that.

G

S

Okay, can you hear me well.

A

We hear you there's a bit of a static noise actually, but.

L

A

S

Is this better now.

A

um We hear you sufficiently good yeah. Please continue no problem. Okay,.

S

Hopefully, okay, I I try to do this very quickly, so you can keep here scare you. uh So this is a quick status update on on passwords craft next, please uh so there hasn't been a sparrow's update for a while. So a very quick recap on what's this all about so far, is an alternative algorithm for co-op to handle re-transmission, timeout and consciousness control.

S

So it's optional mechanism, just like the the coco and I'm not going to go, do the details, how it works, but just saying that it's pretty similar to the tcp timer mechanism, which provides the two-state exponential, back-off logic. But we add there a an additional state and that allows the fossil to to have one quick retransmission to to address random wireless losses so recovering quickly in those cases, but at the same time it kind of does the tool back off to take care of potential congestion.

S

So if the plus was not not because of random error but congest uh next, please.

S

So uh zero zero version was published in in march after the working group adoption uh and there we addressed the feedback from christopher. That was recording the uh the retransition count option. So we clarified the the limitations in in the use of the uh the option, so so basically saying that here, for example, if there is a proxy in use which is sending uh empty uh empty acknowledgements, then then the option cannot.

H

S

Because there is no such way to send an option with an empty acknowledgement and we also clarified the meaning of the new destination endpoint uh and in one that was published in last month. uh We further clarified the return count of option.

S

So now we just simply explicitly say that that we increment the value by one on its retransmission and just a few additional editorial changes. So that's that's basically also, as we can see there is. There has not been much modification for for over one year now, so that takes us to the next steps in the next slide. Please.

S

So what obviously we we would like to have, and and and what is needed, is more review. So please read the craft and and provide us feedback, and- and we did also because this is about the construction control. So we need some feedback from the reviews from the transport area as well and- and I believe.

H

S

In in after a couple of revisions, we we hopefully then are ready for the very blast. So that's all worst opponents.

P

Regardless go ahead.

T

Okay, so uh all I think we've been working and doing this.

S

Sorry, I have a hard time to hear you.

T

Hello, can you hear me.

S

Okay now, but now it's better.

T

Yeah, okay, so I was saying first of all, I believe this is important work and also interesting and interesting mechanism, and one comment would be about the amount of evaluation work related with this document. So when we did the work on cocoa, we were warned that we would need to to make it sure that the document well, the mechanism would be safe and we did lots of evaluation and well. It was only in the end that we found well. You found some issues in some scenarios.

T

So um do you have like a plan for uh evaluation of this mechanism.

S

So, okay, we we have done the from our party, the evaluation and- and it would be very, very good if we have some additional evaluation by by some other thoughts. uh I haven't checked there. There are a number of papers that have been very recently or quite recently published if someone actually already has done so so I had something that we need to check if there is already is additional evaluation but but any any any evaluation. This is very welcome.

S

uh Currently, we don't have plan plans to do additional evaluation for ourselves, but here.

T

Yes and perhaps perhaps another economy would be to try to get um evaluation in a diversity of scenarios, including different uh technologies, technologies, uh traffic patterns and so on. So it would be good to see also for any papers coming from the research community on this.

S

Yeah sure so it would be very.

T

S

Good, if, if any anyone there, this is having these different kind of environments, so, of course they have. We had quite a large uh uh emulated set of of of characteristics. There are different buffer sizes, different loss, probabilities and such, but of course more is.

S

A

Yeah, so um in the chat they just saying that there's a bit of noise in the audio, but I guess the regarding this draft- the outpost would like more comments and also from the transport area.

A

I guess marco and I can contact the transport area chairs to make sure that we get some reviews there and regarding the group I would like to ask uh for reviewers: does anybody? uh Can anybody commit for reviews that we can move this document forward except the output.

A

E

A

On the chat, if you want to provide a review or go to the microphone, I mean we need to conclude this document. It.

G

Has been quite some time ready from the alpha point of view, we just need the.

A

S

A

Carlos um okay, then we will take it to the list, also to ask for more reviews, and after that I think, unless there is some major changes, and you need to do another revision after that, we can go for working with last call right. Marco.

B

Ria there's actually a comment in the chat room catalyst um he can review the document in the next couple of months.

S

Yeah yeah, that's.

A

What marco just said: yep, okay, okay! Thank you, marco.

P

E

So um something seems to be odd again with my video, but at least do you hear me we can.

A

Hear you yeah, okay, so uh just a second. We just try once again go ahead.

E

Okay, so hello, um I'd like to present a potential transport for co-op that is over gat, which is next slide. Please, the generic attribute profile for uh for of bluetooth, low energy.

E

um So this this would be yeah our next slide, please, uh the the hard question here is, of course, why would we want to do this because we already have a perfectly good way of using co-op over bluetooth? That is ipsp and the reason I propose this is that we have the same situation that we have with web browser applications also with some smartphones.

E

So while in theory the device that would want to participate in the internet of things um has the technical capabilities to in websockets case open a tcp connection, open a udp connection, and in this and the bluetooth case run ipsp, the application um is typically not in a position to do the full to to actually use it. So, um while ipsp has been implemented in linux, um it's not practically available on android um and uh same seems to be true for um for ios based devices.

E

So you can you can if you, you have a smartphone and you have a device and you want. Basically, you are in control of both of them, but you can't establish a connection with co-op yet so um this is proposing to tunnel co-op over get because get is available on everything on on for phone applications and at least for um at least for chrome, even even from the browser and like web sockets.

E

This is not something that you should ever do if you can avoid it, but implementers that I've talked to, and users often find themselves in the situation where all they get is the very limited co-ops uh bluetooth stack that the operating system offers and gap seems to be the most common denominator of those.

E

There is a potential additional use case in that um this could be combined with chick to even make things available that don't speak coordinatively without real application, specific software, but more with application. Specific headers, but- and I don't use um out of out of font characters lightly. uh There is a large question mark behind this for a very good reason, um and this is just something to be that can be explored while, while going along with this next slide, please so.

E

The mechanism that is currently proposed is to have a bluetooth characteristic and that that the um I'll say phone to just identify the rules, because I'm not too good with the full bluetooth terminology um uses the bluetooth, write method to write the method, the any options and the payload into that characteristic and later on. Read it back out where there is a notification mechanism and where there is a way like a notification mechanism that allows asynchronous processing here and also there is um a mechanism to do those rights in a in a reliable way.

E

So we don't have to import the whole um message id and message type mechanism from co-op over over udp, and we- and at least that's something that I'm I'm I'm playing around with here. We might not even need to do tokens because there is already a multiplexing mechanism available for those descriptors. So why not use that in practice? It's showing that um one limit here is the the mtu which appears to be for most modern devices, uh 512 bytes, which means that we can transport the full kind of a reasonable co-op message in there.

E

We just have to fragment on the co-op level, but we have the mechanisms for that, so that shouldn't be too much of an issue, but this still needs further experimentation on what practical devices um really offer, because if the specification wise, this could go down to something like 32 byte and we can't really work in in that area anymore, with even with block wires fragmentation without creating huge overhead. So if that is really relevant, then some some additional fragmentation mechanism might be necessary, but right now I hope we can avoid that next slide.

E

Please um the hardest part about this, I think, is not how to align it technically, but how to make it work with the with the uri space um that we that we all use. So what co-op over web sockets and tcp et cetera are doing they're introducing this additional scheme, um which then could encode the bluetooth address or, as in the web browser case, just some identifier, which really behaves and that's the third line here, behaves like an interface identifier.

E

It's unusable across devices for reasons of privacy from the brow from within the browser, so those would not be well expressible in practice, but they would serve at least as some bazel, as some baseline here.

E

Of course, there's still the ongoing work in protocol negotiation, which would allow us to to use um better identifiers here and possibly even link this in with the rest of the name system, but that's at the current point, rather speculative and primarily hinging on protocol negotiation.

E

So for now, unless good ideas come up here, which is part of why I'm doing this um I'd stick with the above, just because this is how we have been doing it with in previous protocols, um but still protocol negotiation needs to needs to come at some point, probably even before we can specify this in any standards track document.

E

um Before I get to the next steps. There's a next slide, please just kind of uh as a brief demo on how I um how this looks like in practice. So even if you're going from, if you're accessing, if you're running from a smartphone, you can go to web website, you can access that bluetooth device by pushing a button, then the browser asks you.

E

um Basically, the browser looks through what is available locally allows you to pair with one of those and which, in many cases, doesn't involve any additional steps, and then you can run code over that and and use any addition. Any security uh context, for example like oscar that you establish in that you establish. um However, you establish the next slide please and once you've clicked there. um You see the co-op exchange playing out here. So this is a very minimal demo. um I have one implementation for each site out there or two.

E

um The other party has implemented this as well, so this is. This is working enough to to to run, but of course, it's still very early next slide. Please um so there's a lot of implementation, experiments together here and I'm actively doing this in parallel with advancing the draft further to see whether there needs to be additional changes and also to expand functionality right now.

E

This can't even send requests from the device to the smartphone, so this is clearly not a full co-op transport yet, um but yeah the right now I'd like to so my my proposal is to keep this as an experimental document that just describes that there are people who are running co-op over cat, and this is how they do it, um but yeah. Basically, I'd like to hear from from the working group whether you want to have some work about this here or whether you have any other good input that I could process into this.

E

B

There's an input already from john matson on job there on java, it's good to extend the support for co-op for other environments platform, especially as popular and experimental scenes, a good way to take it and karsten concourse.

K

So why isn't this uh draft being implemented in six low versus core app versus core the.

E

The thing so um six low there is already a way to do six low over bluetooth, that is ipsp and that works, and this is microphone.

K

Why not? Why not? Why not present a better way to do it? There.

E

The the thing is the way to do it. There is already good, but applications often find themselves in a situation where they can't do it right, and then they have to do it wrong, which is by hooking into a mechanism that is not designed for this kind of thing, but that happens to be the only thing that operating systems expose.

E

So this is a workaround and sure this could be made into a workaround that also encompasses six low, which is something that was proposed by in a similar way um by developers at fitbit who published their. um I think they call it golden gate proposal, which is basically udp over cat, which is just or ip overcat, even which is kind of having the same drawbacks, um but just put pulling in more layers.

E

So, yes, that would be an alternative, but I think that, given that we are already kind of um stacking up workarounds here, using going for co-op right away, is the easier and more convenient approach, especially given that this will never end up visible to an operating system. So you can't use the operating systems network stack, which you usually would want to use anyway and would then need to ship your additional ip stack.

E

If you were to use ip over ble and then udp and co-op over that.

C

Michael go ahead, please um so I browsed your document because we I mentioned the interest at the beginning of the session, and you mentioned you're talking about it and I go oh okay. So, um somewhere in the document it says coat, plus gap, g-a-t-t and and then other places. It says bluetooth and I looked at the uh w3c document a little bit. It's long, it's not like so long, but um what I didn't discover yet is how or if the bluetooth connection gets, authenticated um or.

E

So um the way I think this would be primarily employed is with bluetooth. Just works mode, which is no authentication at all, and in e is at least kind of.

E

um What do you call it um opportunistic encryption um it I so I see no way how why this would not be combinable with all the other ways of bluetooth authentication and that that might even be a good thing for some deployments, but um the the in in the end, security should probably not rely on bluetooth security, but on on something that can be secured on top of co-op, which would practically be your score.

C

Right that that sounds ideal to me, um and the specific use case I have in mind, is essentially as the uh commissioned part of uh well. Some people call it commissioning tool um we're calling.

O

C

Agent um in the brewski sync enroll process, and so part of this would actually be. This is how I get that device onboarded for the rest of its network stack. uh Given that ble has some proximal.

C

um You know you get a little bit of proximity. You can't attack it from too far away but um stuff like that.

E

Yeah yeah theory. Yes, I mean there there is. There is the possibility that you do use the additional modes, which would then probably fall back to nfc um for the for the proximity based business, authentic, bluetooth, initialization, so you kind of would would go through another step um that might that might be a way to to avoid the the bluetooth range here, but yeah either way should work.

C

Well so then the question is, why not could we could we just run co-op over nfc at that point? Yes,.

E

We can, and in fact that was my original plan to run co-op over 6-0 over nfc, which is specified. But this brings me into the same situation on apple.

H

E

I have no access to nfc at all on android phones, I do have access, but it's limited as well and from the browser. I have no way out.

C

At all, so um so you would let the operating system do the uh nfc setup for bluetooth and then use gat to talk to something, and then in my case I would say: oh that's great. Now we can build a network of the devices elsewhere.

A

I have I have two comments uh so on the browser basically on on chrome, you have tested it and it works safari. I guess it doesn't and also you're waiting for mozilla right. So the thing.

E

With mozilla and yeah, I think I I had it on the slides, but I didn't talk about it. So, yes, um first chrome. Yes, I tested it on chrome, both of chromium both on from linux and from android um safari. I don't have access to, um but the thing is with mozilla um they evaluated the. They found a position for co-op over uh sorry for browser access to get and their position is that it's not secure, which is understandable.

E

um So I I won't go into the full background, but the um the thing is, the bluetooth device doesn't specifically ask to be contacted by a browser. So um so they don't want to to open us up into another cross-origin situation. Now, even with different protocols, um there is a suggestion of how to do it better from mozilla, especially ecker and um martin thompson, whom I want to get back on this.

E

Basically after we've talked about this here, that would probably wind up with something like um webrtc data channels, over b over gut, and then we could hook into that. So if, um if that becomes a thing, that would be great because it would mean that it's accessible from mozilla devices as well, um but this would probably look a lot different, at least on the wire and we'll have to see whether this can be something that is, that supersedes what we do, what I'm doing here right now or that would be in like an augmentation.

E

um This is still to be seen right now. The only proposals that are a few comments on guitar.

B

Sorry to interrupt time is really running out and we have one more slot to cover.

E

Exactly your comments, yes and I'm always available email. Of course. Yes,.

A

Personally, I think I think, by the way, that this is great, that we are at least taking a position on this, because I have read so many theses and papers and work, but don't buy others on on this topic and and it's nice to have somewhere where we can point them to so an experimental draft would be perfect. I think so.

A

um Thank you. Christian moving on to the next presentation.

J

Is it this one yeah? uh I will make it quick, so we have time to look at the christian graphs also, which are very nice next slide.

A

Just a second sorry.

J

There you go okay, yeah, so see if audrey is working on equations to calculate 80 limits and the equations for ccm8 is quite limiting. You can see them here.

J

What they are based on is that you choose the probability and the length of your messages, typically maximum length, and then you get limits for the number of packets to encrypt and the number of failed decryptions, and it's worth noticing that these equations are. These are not equations, there are inequalities. So, basically, if you choose numbers for v and q, you know that your probability for a four jury attack is lower than some value, but it might be much lower or it might might be close to the bound. We don't simply don't know.

J

J

And tls, dtls and quick has adopted quite strict limits um based on these equations for a lot of different ciphers.

J

They are at least a lot stricter than any previous security protocol, and I think that's good for general use and re-keying is easy. So that's not the problem for general non-constrained use of this protocol. At least you can see below here that the limits are around 20 package and for ccm8 in dtls. It must not be used without additional safeguards.

J

I hope I assume the tls working group will look at additional safeguards, maybe in in ctls, because this is quite limiting.

J

In tls, it's okay to use because tls sets v to 1, so it's not the problem to use ccm8 there, and I think this is very good work from cf audi, but in general I don't think this is probably. This is not the biggest security problem that implementation have. I have never heard of a practical problem with a 64-bit tag.

J

J

I think there's I think, distinguishing attacks are very theoretical. They it's hard to say if they have any practical implication at all. Forgeries are very, very practical. Somebody gets a forged message to you. uh I think there's a lot of things that can be discussed for a iut setting yeah the probability two to the minus 57 for tls, dtls and quick was its arbitrary issues it and I think we can definitely accept the slightly higher for your probability for constrained iot.

J

Also, if you are on a constrained radio connection, sending a lot of packages for a attacker is a lot harder than if you are on a gigabit optical connection.

J

Any effects on the system should be denial of service effect should be com compared with other denalo service attacks on the system. um Also, messages is much lower, but that may or may not matter actually, and then there are some other solutions that you you might not. You might or might not look at absolute length and you might not close the connection.

J

You can still send, for example, error messages, saying that please rekey next slide so specific for os score au score has uh the number package you can encrypt is dependent on the algorithm, but it's always lower than two to power. 40 and currently, I don't think any of the algorithms have lower limits specified.

J

The ccm eight limits based on the cfrd equations will apply long before 2 to the power of 40., and then you need to re-key. We need to set guidelines for this. There's a lot several different ways to re-key listed here, but they all have some overhead yeah next slide.

J

Yeah so general problem. We need to discuss this. I think in general, for for iot constrained, iot setting and as uh been right on jabber. There has not been a huge amount of justification for this chosen limits.

J

After this ln p has been used and there's some slight trade-off between the limits q and we there's been some discussion in lake already and tls dtls quick have discussed this in their working groups. I assume tls working group will discuss this more for ctls there's a discussion for lake questions.

J

If there are any other protocols use of ccm in iut in itef, where this is relevant, more specific for os score, we think it's needed a new draft that introduce that you need to keep count of q and v, how many protected packages and failed failed. Decryptions and q q counting is needed on the server. The client already does this, then, when maximum values of these have been decided or yeah, we? How is that decided? Who decides and how it's communicated?

J

Then we need to specify actions when the limits are reached, which is re-keying could also be sending error, messages to ricky and then implementation guide guidance. For example, when you have a reboot similar things are needed also for group or score group score. It's a little bit more complicated.

J

It might be slightly worse for some reason or slightly better than two pero score for some reason. That's for further study- and this leads to thoughts that it we should analyze- maybe more lightweight, symmetric, key re-key mechanism for oscar. It might be it it's possible to do something lighter than the current question is: if it's worth doing that, that's for further study yeah, I think we can go to christian slides or, if there's questions, comments on.

E

This um so what we are seeing here is basically a kind of a sketch of a sketch of the numbers we've been getting in here now and to which, which should help us determine the effect of the the effect of those limits. So just to run you through the axes um on on the axes um going from left to right. We see the length of messages on the axis coming from from within. Within the picture, we see how many messages we can encrypt on on the vertical axis.

E

We see how many messages we may decrypt kind of how many, after how many failures to decrypt the message we need to um leave, leave that key re-key um stop the connection whatever um up until so for me up until start of the week when I heard of the cfrg document practically up until we do something about this, um our action space was rather big. We could encode encrypt up to 2 to the power 40 messages, provided that key lets us.

E

We could um encrypt as long messages as that keyword, letters on that axis from left to right, and we could tolerate any number of failures now. Given those assumptions that went in there are not right, we have to strip down the space of what we use in terms of numbers.

E

The lines here indicate red red is aes gtm, which has a comparatively long tag, and this is on the safe side. um Cha-Cha is independent. The chatter numbers are independent of the number of messages we send at all, and the blue and troops indicate the limits for aes, ccm and turkeys in say, ccm8 next slide. Please.

E

So this is cut from cut from the left and shows the limits that, in in the in the full lines, the limits that we have with the current p values, which is that a sccm after 128 ish messages, depending on how many we decide to send show, is over um so 128 messages practically would mean that we really need a different, a different mechanism or a cheaper mechanism to rekey or just do as as dtls does and not use a sccm8 at all, because the attacker with what just 100 crafted messages could force us into an expensive re-keying.

E

But the re-keying is not so expensive. So if we could, if we can justify an altered limit of p, say for the dashed version p to the power of minus 2 to the power of minus 52, which is, admittedly grabbed out of thin air. But there needs to be discussion that I'm not qualified to to contribute to on on the particular value.

E

We need here then, that that cap of we can go up to something like two thousand four thousand messages, after which the leverage we give an attacker that sends 4000 messages by doing an additional, um an additional re-keying is probably negligible, but this needs the discussion of of which p we accept and and just one more point from the slide, because before I hand over to the floor discussion again, um it doesn't help if we arbitrarily limit the number of messages we send.

E

So um the hard cutoffs here are, depending on the on the values 2 to the power of 23, to 2, to the power of 26, and so, if we allow the partial iv number to go all the way up there, um then this severely limits the number of um failures we can tolerate. But if we just put it an order, a binary order of magnitude below that we are already roughly at that plateau limit. So we don't have to reduce the number of on encryptable messages.

E

We really have to limit how many we can decrypt and fail to decrypt and still use that context. Thank you.

A

Okay, christian, we are now effectively over time. Let's try to keep the discussion quick and to the point so benjamin carson jordan, please go to the.

A

Microphone, if not maybe the javascript can relay the opinion.

B

Yes, uh ben was mostly mentioning about. Perhaps if you only send it once and then close the connection, it is close enough. So there was really the connection closing early in the in john's presentation and otherwise there's no explicit rational coming to the bounds for tls, for what is worth more kane has background information from carsten.

B

But please chime in on the mic. We should have a few minutes more before the session closes.

A

And also for mini takers, please copy paste. The long chat comments.

B

A

J

J

Main conclusion is that there will be a draft to the next before next itf.

I

Here we can devote an entire interim to a view from the core world on on the crypto world, because things have changed since we made the decisions uh some some seven or eight years ago, what went into seven two five two, and maybe it's just a good idea to to open this up a little bit more. uh Look at that ketchup, related things, look at new modes um and so on and just see. Is there anything that that is getting ready for being picked up, or at least we should be starting to do experiments.

J

I guess if you can allow larger tags it you get much much nicer limits, just keeping ccm and switching to 128 bit tags.

F

You're on here I have a little comment, I think, while we we should look at what's coming next. We also need to handle what we have in terms of hardware, support and existing devices. I think we need to. We need to run. We need to run with ccm8 for a while and that's basically, what one of these uh activities can um address. Okay, you're, not disagreeing with that person great so just like. Could you go to the last slide of john's presentation?

F

Just quickly say uh um a few words, as I said there are. These are four activities here. The first paragraph second paragraph and the next, the last and last uh statements are four different activities and for the four first activity, I wondered that I think it's not. We need to get beyond core there. What people or what iot deployments are uh what companies are working with with iot and and see the need to use ccm8, and how do we handle these new restrictions on ccm?

F

I think that that needs to be addressed by a wide audience.

F

Well, the second paragraph is that that's a new draft there, where there's already material in this and this presentation we could work on the group- was core people need to look at the that and adapt it and for the last one that's basically if there is sufficient support and interest to to work on a on a lightweight uh secret, ricky mechanism. I think that we should do that, but that sort of it's based on interest from the community.

F

I think there could be something which is either done in in lake or or in core sort of somewhere in between good point.

F

A

uh Okay last few comments: please join the queue we are already over time and we will be shut down any minute now. Matt, please go ahead.

K

Talk about the specific groups that need to provide feedback and requirements. Do you have any in mind.

F

I'm sorry it wasn't you. Yes, I think I mean everyone that that that I mean this is industry consortium. These are different areas in the idf that uh that that needs to use ccm8. Basically, that's that's a good starting point. How do we continue using ccm8 uh for the time until we have some some alternative and uh so.

K

Certificate industries are using it and, like you know, I work in the smart grid industry. How does it affect me? That's what I'm trying to understand with this, this presentation and the risk factor.

J

I think there's no, no, no new at tax. This is just uh increasing, then the security bounce to make it really sure that there's no potential attacks. So it's not like somebody has come up with some new attacks on ccm8.

A

From the jabber michael richardson is asking matt: are you using ccm8, maybe for 800.15.4 or for application data.

A

So it's a question directly to matter if he knows.

F

For co-op security, this is the mandatory to implement algorithm right.

F

So that's what, when you're using co-op with the mandatory to implement algorithm, you would use ccm8.

A

Okay, it sounds like let's expose it now, because we're already beyond the time. Thank you for the presentation. Thank you for the discussion. I guess this is material for yet another interim, I think yeah. We should maybe have it at some point uh shortly. uh So thank you all for attending course. Thank you for the time. Thank you especially for those in the us, because it's pretty late for you and for the rest of us in europe have a nice friday and those in asia.

A

I don't know what time is it there, but probably used to have some time ahead. Thank you also to the mini takers. By the way, thank you so much and see you again in the interims. Thank you all. Thank you. Bye.

B

I

P

L

L

L

L

L

L