►
From YouTube: IETF110-EXTRA-20210312-1430
Description
EXTRA meeting session at IETF110
2021/03/12 1430
https://datatracker.ietf.org/meeting/110/proceedings/
A
Yeah
they,
my
my,
I
should
be
removed
from
all
the
mailing
lists
and
stuff
by
the
end
of
the
day,
so
my
mail,
my
my
mail
volume,
will
go
down
a
lot.
B
B
C
B
B
B
B
C
D
Yeah
sort
of
on
the
previous
slide,
I
was
looking
through
my
notes
for
109
and
I
think
I
volunteered
for
the
cf
action.
Ayanna
registration
draft
yeah-
so
I
haven't
done
anything
until
today,
but
I
have
some
bare
bone
of
the
document.
Oh
cool.
B
Awesome
I
have
noted
that
in
there
and
you're
on
now,
while
you
and
barry
are
on
all.
D
Gorgeous
yeah,
this
is
just
a
reminder
for
the
process
that
was
followed.
Minimize
changes
for
the
clock,
make
life
easier
for
clients
and
minimize
changes
for
the
servers
from
imap4f1
next
slide.
D
Right
there
has
been
10
revision,
the
revisions
since
last
meeting
a
lot
of
them
in
response
to
isg
reviews
and
whatever
various
other
comments,
I'm
just
trying
to
summarize
things
here
for
people
who
haven't
been
paying
attention.
One
of
the
things
that
I
realized,
based
on
isg
review
and
slightly
late
in
document
cycle,
is
that,
although
the
document
mentioned
I'm
a
bias,
I'm
a
poverty,
ls
port,
it
didn't
segregate
requirements
between
clear
text
and
until
export,
like
some
capabilities,
only
apply
on
a
export.
D
For
example,
I
think
this
has
been
done
over
several
revisions.
B
B
I
don't
know
yeah
go
on,
I
will
meet
myself.
D
All
right
next
change-
this
is
actually,
I
probably
should
have
included
this
search
number,
but
there
is
a
well-known
issue
with
some
strategies:
implementations
where
if
cleartext
data
is
pipelined
in
some
cases
it
can
be
interpreted
as
if
it
was
received
on
the
tls.
D
So,
hopefully
interop
is
going
to
be
much
better
in
this
area.
There
was
a
bit
a
few
changes
explaining
a
bit
more.
How
I'm
up
for
f1
and
f2
can
coexist
in
the
same
port.
D
What
it
means
you
know
which
com
commands
need
to
be
issued
to
to
the
under
4f2
behavior.
Then
there
was
a
long
outstanding
item
about
making
body
part
and
message
sizes
63
bit,
so
this
was
integrated.
Finally,
and
then
there
was
some
cleanup
of
copy
and
move
move
command
requirements
on
that
they
don't
create
target
mailboxes
by
default.
D
D
Daniel
miguel
in
sector
review
found
out
quite
a
few
things,
and
one
of
them
was
the
list
of
tls.
1.2
ciphers
wasn't
actually
correct
and
didn't
quite
agree
with
rfc
7525
recommendations,
so
this
was
fixed.
He
suggested
further
changes.
D
I
wasn't
quite
comfortable
doing
them,
I'm
not
sure
what
the
right
answer
is.
Realistically,
I
think
in
this
case,
is
our
map.
Service
and
clients
will
just
do
whatever.
The
underlying
library
does
so,
and
many
libraries
support
like
both
tls
1.2
and
1.3,
so
they
sort
of
work
out
of
the
box
in
this
reasonable
sense.
D
This
there
is
probably
still
a
chance
to
tweak
it,
and
then
there
were
quite
a
lot
of
security
considerations.
Actually
so
article
branson
and
I
received
the
private
email
about
enable
pointing
out
that
it
was.
D
D
As
allowed
in
a
different
state
that
it
was
in
the
description,
so
description
didn't
mark,
I
didn't
match
abn,
f
and
the
inter.
They
also
reported
various
issues
with
injections
of
various
responses.
If
tls
is
not
negotiated
and
how
different
clients
behave,
clients
and
servers
behave.
D
So
this
was
quite
educational.
In
particular,
they
they
had
some
tests
where
they
were
injecting
list
responses
before
authentication
and
clients
were
happily
displaying
all
the
mailboxes
received
even
in
even
though
the
the
user
is
still
not
logged
in.
There
were
two
things
which
were
particularly
troubling,
and
there
is
extensive
text
on
this.
D
Response
co
response:
actually,
if
it's
returned,
then
it
will
force
the
client
to
bypass
rtls
because
it
moves
the
client
and
the
server
to
their
authenticated
state
and
star.
Tls
is
not
allowed
in
authenticated
state.
D
D
Another
similar
example
was
about
alert
response
codes,
in
particular,
not
too
big
on
outlook,
but
outlooks
does
display
alerts
and
it
does
url
highlighting
linking
so
if
alert
is
sent
with
the
url
so
and
you
this
can
be
done
before
star
tls
issued
again,
then
the
client
user
can
be
tricked
to
follow
url,
for
example,.
D
You
know
your
server
has
detected
that
your
client
is
out
of
or
your
os
is
out
of
date.
Please
download
this
service
pack
whatever,
and
you
know
users
have
been
tricked
by
this.
So
again,
there
is
text
saying
before
start
tls
ignore
all
alerts.
B
Yet
again
we're
seeing
what
a
bad
idea
start
tls
is:
connect
the
ssl
port,
negotiate
your
security
layer
first
there's
so
many
so
many
things
that
have
been
caused
by
this,
including
clients
that
will
just
send
the
credentials
in
the
plain
text
if
the
server
rejects
the
start,
tls
attempt
this
is.
This
has
been
seen
in
the
wild
very
many
times.
D
Yeah
I
mean
if
people
implement
star
class
properly,
but
it's
I
suppose
it's
easy
to
make
mistakes.
Yeah.
D
I
suppose
in
the
future
we
can
consider
whether
we
want
to
duplicate
clear
text,
port
imap
and
start
tls
altogether,
but
I
think
realistically,
at
this
point,
we're
probably
not
quite
ready
for
this
yeah.
D
Yeah
this
was
actually
raised
a
week
or
so
ago.
I
think
people
are
asking
what
is
the
meaning
of
dot
mime
for
leave
body
part
and
like
def
code
and
cyrus,
give
different
results?
I
think
realistically
we
should
say
that
client
should
never
ask
for
this,
because
it's
not
valid,
but
so
maybe
this
is
something
that
can
be
clarified.
D
I've
just
got
bare,
and
I
received
questions
from
mayana
about
updating
various
registries
and
we
also
found
various
minor
bugs
like
capability
response
code,
wasn't
actually
registered
in
the
in
the
response
code
registry,
and
it
wasn't
also
wasn't
marked
as
valid
for
a
map
for
4f1,
so
that
was
nice
to
fix.
At
this
point
yeah,
I
think
we
need
implementations.
D
I
suspect
there
there
will
be.
People
will
be
submitting
bugs
at
some
point,
so
maybe
in
a
year
or
so,
depending
how
many
bugs
and
how
soon
people
submit.
D
Well,
yeah
that
in
a
way,
this
is
a
slightly
different
problem
in
a
sense
that
now
it's
a
good
time
to
organize,
interrupts
and
try
to
promote
it.
Yep.
D
B
Great,
I
guess
it
did
switch,
then
it
it
threw
up
an
error
too
many
microphones
or
something
else
I
tried
to
switch,
but
then
it
seemed
to
work
so
good.
I
can
type
and
talk
cool
thanks
alexi,
so
I
mean
there's
nothing
really
for
us
to
do
here,
other
than
be
aware
of
where
we're
up
to
rfc
editor.
Has
it
do
you
need
anything
from
this
group
other
than
interop.
B
Cool
all
right,
well
you're,
on
for
the
next
one
as
well,
because
next
is
the
quota.
D
So
yeah
I've
done
a
quick
revision.
Sorry
took
me
so
long,
but
I
was
sort
of
tied
up
with
the
mf4
f2
itself,
so
I
did
clarification
saying
that
this
quarter
can
work
with
either
I'm
a
401
or
f2
updated
examples
to
use
dot
example
domain.
I
think
it
was
cut
and
phase
from
mark
crispin's
rfc,
so
it
was
using
wrong
domain.
So
my
uncle
clarifications.
D
Personal
quarter,
disclosing
personal
quarters
to
anonymous
users,
can
disclose
information
about
status
of
various
resources,
which
is
probably
not
a
great
idea.
D
It
required
characters
which
cannot
be
used
in
response
code
like
closing
square
brackets,
so
I
think,
even
though
it
would
be
nice
to
have
it,
I
think
consensus
last
time
was
that
just
take
it
out,
and
I
had
explanatory
text
saying
that
in
some
cases
it
can
be
ambiguous
whether
it
applies
to
the
current
mailbox
or
to
the
target
mailbox.
But
this
is
probably
not
going
to
be
very
common.
B
Group
lascal,
it's
been
in
a
working
group
last
call
and
the
only
comments
were
about
there
over
quota.
So
I
don't
know
if
we
need
to
do
another
last
call
fine.
D
B
B
Murray
up
back
in
these
slides,
it's
me
sip
mailbox.
It's
had
it's
basically
ready
to
go,
but
one
issue
that
came
up
was
that
there
was
some
abnf
in
the
document
and
I
removed
it
in
the
revision
07,
which
is
the
current
one
based
on
the
reviews,
but
there's
questions
about.
Should
it
be
added
back,
I'm
leaning
towards
there
being
no
point.
Based
on
this.
B
B
C
B
B
Does
anyone
have
any
strong
opinions
about
that?
It
should
be
added
back
in
or
should
we
just
say,
let's
leave
it,
how
it.
B
It
it's
certainly
incomplete
if
it
does
add
to
these.
What
are
the
productions?
What
are
they
called
from
the
original
sieve?
Spec?
There
are
many
specs
that
have
added
to
them,
but
have
not
done
the
abnf
so
that
there's
no
one
place
that
you
can
collect
the
full
formal
syntax
that
you
need
anyway,
murray.
E
C
So
the
issue
with
the
abn
f
in
general
is
the
base
sieve.
Spec
was
not
written
in
such
a
way
where
new
tests
and
actions
can
be
easily
added
to
the
grammar.
The
grammars.
There
are
basically
to
say
that
a
test
is,
I
think,
it's
an
identifier
or
token,
or
something
and
same
thing
with
the
actions
and
there's
there's
no
way
to
easily
add
them.
In
fact,
the
base
spec
itself
doesn't
even
add
file
into
and
discard
and
all
the
the
the
normal
actions
and
tests
to
the
grammar
themselves.
C
A
I'll
have
to
add,
as
somebody
who's
written
some
civ
stuff,
that
when
I
wrote
my
documents,
I
found
it
hard
to
do
the
abnf
correctly
and
found
it
odd
how
we
were
having
to
do
it.
So
I
have
mixed
feelings,
but
I'm
leaning
toward
leaving
it
out.
B
Many
of
those
in
the
no
grammar
section
had
barriers,
one
of
the
authors,
so
I
I
can
see
that
you've
run
into
that
issue,
all
right,
murray.
I
think.
Let's.
E
E
B
A
And
it
would
be
good
when
we
have
the
resolution
to
reply
to
francesca's
ballot
and
say
that
oh
yeah
so
tell
her.
What
the
solution
for
yep.
D
I
would
like
to
actually
separate
two
issues.
One
is
having
a
bnf
for
new
pieces
of
grammar
and
the
other
one
is
for
linking
it
to
existing
one.
I
think
the
the
latter.
What
ken
was
talking
about
a
and
barry
was,
is
probably
less
important
than
describing
grammar
for
the
pieces
you
specify
in
the
document.
D
B
C
B
B
C
B
B
I'll
double
check
all
right,
yeah,
whatever.
B
C
I
am
up
okay
next
slide.
Please.
C
So
there
weren't
a
bunch
of
changes
in
the
most
recent
draft.
Basically,
I
just
implemented
what
we
had
discussed
at
109
so
as
just
recently
discussed
this,
this
allows
both
mailbox
id
and
special
use
to
be
used
in
the
same
snooze
action,
because
we
determined
last
time
that
they
are
mutually
exclusive
in
one
another.
C
I
also
stipulated
that
the
snooze
action
cancels
implicit
keep
under
the
the
logic
that
snoozes
is
very
similar
to
file
into,
and
it
should
have
the
same
distribution
disposition
as
512
does.
C
I
also
remove
the
text
about
how
this
could
be
implemented
using
future
delivery,
smtp
future
delivery
for
our
discussions
and
specify
that
implementations
have
to
use
a
special
snooze
mailbox.
This
probably
needs
more
text
and
I
would
welcome
any
contributions
in
that
area,
as
also
discussed.
I
added
a
registration
for
this
new
special
use
attribute
to
that
registry,
which
I
think
barry
created
in
one
of
his
drafts
and
finally
added
an
example,
as
requested
of
manipulating
imac
tags,
both
at
snooze
time
and
awaken
time.
C
B
C
C
B
It
feels
to
me,
like
issuing
a
working
group,
last
call
and
seeing,
if
anything,
pops
up
fair
enough,
it's
probably
right
any
any
further
feedback
on
that.
Anyone
want
to
comment
there's
at
least
a
couple
of
people
in
here
who
haven't
said.
D
Anything
I've
read
the
earlier
version
and
I'm
very
happy
for
good
working
group.
What's
called
so,
I
can
just
double
check.
B
B
First,
we
have
civ
eai,
which
expired
over
a
year
ago
now,
a
year
ago
and
we've
had
the
sieve
actions
registry,
which
hopefully
alexia
will
do
soon
and
that
I
imagine
we'll
go
almost
directly
to
working
group
last
call
because
the
only
question
will
be.
Is
it
comprehensive
enough
really
has
it?
Has
it
captured
everything
that
exists?
B
What
do
we
do
after
that?
With
this
working
group?
Is
there
any
new
work
that
anyone
wants
to
bring
here.
D
Cannot
think
of
anything,
I
probably
can
have
a
look
at
cvi
in
a
couple
of
months,
so
now
that
I
actually
I'm
slightly
freer
with
my
other
documents
and
the
only
other
thing.
If
I'm
a
4f2
is
to
be
revised,
it
would
be
nice
just
to
have
a
working
group
in
a
dormant
state
for
a
bit
right.
A
Yeah
and
adding
and
for
for
murray's
consumption
when,
when
we
chartered
extra,
the
intent
was
to
have
it
stick
around
as
a
dormant
working
group
when
its
work
was
finished
to
pick
up,
other
email
related
things
that
crop
up,
because
they
do
quite
often
so
probably
the
best
thing
to
do
is
when
we
are
when
we're
dormant.
We
stay
dormant
rather
than
being
closed.
D
I
don't
think
you
have
to,
I
mean
realistically,
if
you
years
ago
in
first
then
mine
has
to
just
include
snooze
in
the
list
right
or
true,
yeah,
okay,
a
good
point:
oh
we'll
figure
it
out.
You
know
I,
I
don't
think
it
matters.
D
Obviously
I
encourage
you
to
read
my
my
draft.
Once
I
publish
it.
B
Excellent
well,
this
is
the
milestones
we
have.
Cbao
is
going
to
be
submitted
now,
but
nothing's
happened
on
in
the
past
year,
so
and
update
charter.
I
don't
know
if
we
need
to
recharter.
B
B
No,
it
was
just
if
it's
gonna
happen,
then
then
you're
gonna
have
to
come
back
and
and
recharter.
It
was
basically
a
we
want
this
to.
We
want
to
have
to
pay
attention
to
this
if
you're
gonna
fiddle
with
manchester.
I
think
that
understood.
I
wasn't
involved
in
that
discussion,
but
yeah.
D
I
think
it
was
more
speculative
just
in
case.
If
somebody
wants
to
update
it,
then
we'll
do
it
here.
D
Sort
of
makes
it
now
overtaken
by
events
a
little
bit,
but
also
as
an
email
core
co-chair.
I
think
well,
all
smtp
and
email
format
and
mime
is
likely
to
go
to
ml
core.
Everything
else
is
going
to
end
up
here
right.
B
Yeah
yeah
there's
there's
enough
other
bits
and
pieces
going
on,
aren't
there,
but
anyway
so
submit
quota
april
2020
submit.
I
don't
know
why
see.
B
D
Yeah,
I
suspect
you'll
probably
need
at
least
one
division
just
to
make
sure
like
yeah.
If
I
missed
anything
depending
on
what
we
want
in
the
table,
what
kind
of
information,
so
that
would
be
useful
to
have
a
look.
B
But
I
imagine
we
won't
probably
want
to
meet
at
next
atf
unless
there's
a
lot
to
discuss
there,
because
it's
this
one
hour
we
have
used
half
of
and
we're
already
done.
Basically.
D
I
would
be
very,
very
happy
if
you
last
call
the
document
before
the
next
atf
and
then
we'll
just
do
it
on
the
mailing
list.
So
that's
fine
cool
I'll,
say
july.
Then.
B
And
yeah
cbi
eai
wasn't
yours
originally
alexi,
but
if
you
wanted
to
take
it
on,
obviously
that
would
be
fine.
Do
you
think
there's
demand
for
it.
D
Think
implementations
will
slowly
need
to
be
updated
for
this,
so
I
think
just
having
a
look
at
what's
in
the
draft,
I
haven't
looked
at
it
yet
and
see
how
much
work
it
is.
A
Yeah,
let's
say
I'll,
look
at
it
with
you.
My
sense
is
that,
because
the
uptake
of
eai
has
been
so
low,
it's
unlikely
that
anyone
would
implement
it.
So
it's
a
question
of
whether
we
want
the
suite
to
be
complete
for
form's
sake
or
whether
we
really
think
anybody
cares
about
us.
A
Yeah
because
to
update
it,
then
we
can
do
it.
But
if
it's
going
to
be
a
lot
of
work,
then
it's
probably
not
worth
it.
B
B
Sure
I'll
well,
I've
got
to
finish
my
bsl
socialize
for
a
few
minutes
and
I'll
go
to
bed.
I
think
I'm
skipping
the
last
one
all
right.
Thank
you.
Everybody
probably
won't
see
you
in
an
extra
meeting
for
a
while.
At
this
stage
it
looks
like
we
we're
going
to
just
finish
off
these
documents
and
then
then
go
quiet.
So
thank
you
for
hanging
around
with
us
for
the
past
few
years.