►
From YouTube: IETF113-HOTRFC-20220320-1800
Description
HOTRFC meeting session at IETF113
2022/03/20 1800
https://datatracker.ietf.org/meeting/113/proceedings/
A
A
B
A
C
A
A
A
A
Yes,
the
queue
the
qs
testing
is
working.
Also,
you
know
I'm
serious.
It
takes
a
lot
of
people
to
keep
an
eye
on
me,
but
hot
rfc
is
a
thing
we
started
probably
about
four
or
five
years
ago.
That
is
a
good
way
to
find
people
at
the
itf
to
talk
to
you
for
various
reasons,
and
we
don't
ever
really
ask
what
reasons
people
have
for
wanting
to
talk
for
four
minutes,
because
that's
how
long
people
talk
is
for
four
minutes.
A
A
A
D
F
D
If
you
have
network
slicing
and
things
like
that,
this
would
mostly
be
useful
in
a
localized
domain,
no
on
the
wire
protocol
changes
and,
of
course,
if
the
application
is
aware
of
qos
and
things
like
that,
it
can
perhaps
have
better
control
and
be
able
to
do
more
detailed
and
complicated
things.
So
what
happens
when
you
make
a
network
connection
these
days?
It's
pretty
easy.
Your
application
typically
goes
to
the
dns.
The
name
gets
back.
An
address
makes
a
connection
you
talk
to
this
remote
network
interface.
D
D
D
That
the
address
does
more
than
just
identify
a
network
interface,
but
also
has
additional
information
about
how
to
connect
to
that
address,
for
example
in
the
low
order
bits,
so
maybe
just
get
a
quad
a
record
back
and
lower
the
bits.
Tell
you
how
to
actually
do
it
and,
as
I
mentioned
the
first
or
an
early
hop
router
can
make
selected
modifications,
perhaps
to
the
packets
on
the
fly
or
make
the
right
routing
there.
D
D
So
what
kind
of
quality
service
are
we
talking
about?
In
a
course
level
you
might
want
to
just
say
I'd
like
minimum
latency,
because
I'm
a
gaming
application
or
I
want
maximum
bandwidth
or
the
like,
you'd,
also
like
to
be
able
to
specify
more
precise
metrics,
perhaps
some
maximum
jitter
in
microseconds
or
or
minimum
bandwidth
and
megabits,
or
whatever.
D
So
for
more
information,
there's
this
draft
on
how
to
express
these
requirements
for
qos
and
there's
a
draft
on
semantic
routing
and
how
you
song-
and
I
are
the
authors
of
this-
and
hopefully
people
will
get
more
information.
I
am
by
the
way
presenting
on
the
expressing
qos
requirements
draft
during
the
dns
op
working
group
meeting
this
week.
A
G
A
I
Hi,
so
my
name
is
mark
pettigon
and
I'm
going
to
talk
about
verified
internal
draft
using
computerized
specifications.
So
the
idea
of
a
computerized
specification
is
to
combine
three
things
is
to
combine
a
document
format.
In
this
case
I
chose
ascii
docker,
a
so-called
dependently
type
programming
language.
I
So
here's
a
little
bit
how
it
looks
so
this
is
in
three
parts
on
the
top.
You
have
an
extract
of
an
existing
computer
right
specification,
which
was
lfc,
8492,
889.
Sorry,
and
you
can
see
that
you
have
on
top
you
have
after
on
on
the
left.
You
have
this
symbol,
which
is
called
bird
marker,
which
signal
where
the
code
is
so.
This
is
some
idris
code
and
then
you
have
the
text
which
has
the
insertion
of
the
of
some
results,
which
start
with
a
and
are
between
a
packet
right.
I
So
the
text
here
will
be
converted
into
a
credible
text,
so
the
second
box
is
the
command
which
is
executed
to
generate
so
you
can
see
here
from
this
text.
We
simultaneously
generate
the
xml
to
lfc
the
text
html
and
the
pdf
file
from
that
and
on
the
bottom
you
see
the
result
of
this,
which,
which
is
a
various
transmission.
So
the
idea
is
that
you
can
simply
change
one
of
this
parameter,
number
transmission
or
delay,
and
the
system
will
automatically
generate
the
correct
thing
which
is
on
the
pattern.
I
So
the
problem
is
that
using
idris
and
the
computer
rate
specification.
That
way
is
quite
difficult.
It
takes
some
time
to
write
this
code,
so
what
I
have
been
doing
for
the
last
few
months
is
to
write
standard
libraries
that
contain
trade
defined
libraries
for
various
things
that
are
useful
for
people
that
are
writing
ietf
and
internet
craft
right.
I
So
this
is
done
by
using
what's
so
called
embedded.
Dsl
dsl
is
a
domain
specific
language
and
which
permit
to
construct
some
interesting
things
and
to
do
that
right
right,
so
I
have
a
library
for
denominate
numbers,
abnf
and
petrinet,
which
is
still
under
development,
that
there
is
other
in
development
too,
so
just
to
show
you
how
it
works
with
an
abn,
fd
dsl,
you
can
see
on
the
top.
You
have
again
the
code
and
the
text.
I
So
the
code
is
a
sim
simple
usage
of
this
adsl
to
define
here
an
abnf
rule
and
then
the
code
text,
which
is
just
underneath.
We
generate
the
thing,
so
it
does
two
things.
It
verifies
that
your
ibnf
is
correct,
and
by
correct
I
mean
that
all
the
rules
have
a
different
name,
that
all
the
names
are
used
at
least
one.
It
verifies
also
that
your
ibnf
doesn't
loop
right,
which
is
something
which
is
not
verified
very
often,
but
in
the.
I
J
J
So,
first
of
all,
I'm
gonna
be
talking
about
standards
going
on
in
the
ieee.
It's
just
my
personal
view.
I
have
to
show
that
disclaimer
slide
next
next
one,
please
so
there's
three
initiatives
that
I
think
are
most
interesting:
motivated
by
low
latency,
low
loss,
high
reliability,
ethernet
based
data
center
networks
that
support
rdma
and
ai
and
hpc
work
gloves.
J
The
three
initiatives
are
congestion,
isolation.
I've
talked
about
this
before
in
other
hot
rfcs,
as
well
as
iccrg
and
other
places,
pfc
enhancements
and
source
flow
control.
All
of
these
are
amendments
to
the
big
standard,
802.1
queue,
and
you
can
find
a
lot
more
background
information
on
this
paper
we
published
recently
about
date,
lossless
data
centers
next
slide,
please
so
real,
quick
congestion,
isolation.
J
If
you're
familiar
with
the
way
data
center,
networking
works
today
we're
using
ecn
marking
to
indicate
congestion
that
gets
fed
back
to
the
source
and,
and
hopefully
the
source
slows
down
quickly
enough.
If
it
doesn't
happen,
quick
enough,
we
may
invoke
priority-based
flow
control
pfc
in
order
to
not
drop
any
packets,
because
loss
is
a
problem
with
some
of
these
protocols.
So
what
there
are
some
problems
with
priority-based
flow
control.
In
particular,
it
creates
head
of
line
blocking
congestion
spreading
it's
difficult
to
use
so
congestion,
isolation.
J
What
it
does
is
it
identifies
the
flows
that
are
causing
that
congestion
and
it
uses
a
separate,
cue
or
a
separate
traffic
class,
and
so
it
moves
them
out
of
the
way
in
an
attempt
to
avoid
using
pfc.
It
has
a
signaling
message
that
goes
one
hop
up
and
it
can
be
a
layer
two
or
a
layer.
Three
message
again:
I've
told
a
lot
about
the
standard
in
the
past.
It's
pretty
much
done
it's
in
its
final
stage.
The
equivalent
of
last
call
next
slide.
J
So
pfc,
as
I
mentioned,
is
still
used
today.
However,
it's
very
difficult
for
many
people
to
use
it
has
it
requires
that
you
calculate
what's
called
headroom,
which
is
the
amount
of
buffer
you
need
in
order
to
absorb
packets
in
flight
and
that's
dependent
on
cable
length,
but
also
internal
delays
and
implementation
details.
So
it's
complicated
to
figure
out
what
pfc
headroom
should
be,
so
this
enhancement
uses
the
time
persistent
time
protocol
to
automatically
measure
the
delays
between
the
end
stations
and
automatically
calculate
that
pfc.
So
there's
no
requirement
for
user
configuration.
J
We
also
found
a
problem
with
pfc
being
encrypted
over
maxsec
protocol,
and
so
we're
going
to
fix
that
as
well
in
this
enhancement
next
slide,
please,
I
think
the
one
that
you're
going
to
be
interested
in
is
source
flow
control.
Now
I
I
source
flow
control,
uses
some
of
the
ideas
of
congestion
isolation,
but
it
doesn't
move
any
traffic
to
a
different
queue.
What
it
does
is
it
signals
across
the
network
and
remotely
invokes
priority-based
flow
control,
so
it
avoids
some
of
the
problems
of
priority-based
flow
control.
J
J
So
I
have
scheduled
a
a
side
meeting
for
this
week
to
go
into
the
details
of
all
these
protocols
in
much
more
deep
depth.
We
do
have
a
non-ietf
working
group.
Mailing
list
that's
been
around
for
a
while
as
well.
That's
for
people
interested
in
congestion,
control
for
rdma
and
I'm
going
to
use
a
microsoft
teams
as
well
during
that
side
meeting,
so
try
to
bring
other
people
in.
So
I
made
it.
G
Go
okay,
hello,
my
name
is
olej
vista.
I
work
for
the
swedish
internet
foundation
and
this
work
combined
with
schumann
hook
and
we
are
working
with
a
whole
group
in
the
multi-signer
project.
Next
slide,
please,
and
so
the
our
goal
is
to
fix
some
inconsistencies
in
the
dns
sec
rfcs
and
the
next
slide.
G
Please,
and
so
a
short
recap
of
what
multisign
is
it
basically
is
the
idea
that
you
have
a
dns
zone
and
you
have
two
independent
signers
of
the
zone
that
signs
the
zone
and
dispute
it
on
the
internet
and
for
this
to
work
you
have
to
exchange
zs
case
and
next
slide.
Please
let
me
hop
over
that.
One
next
slide,
please.
This
is
just
for
reference
if
you
want
to
look
at
this
narrator.
G
So
there
is
a
challenge
in
this
that
the
providers
have
to
use
the
same
algorithm
and
if
they
use
different
algorithms,
then
you've
got
problems.
You
can't
do
this,
basically
with
today's
rfcs
and
we
think
that
isn't
a
problem
that
should
be
closed
because
one
of
the
let's
say
special
applications
of
multisignup
is
you
can
have
a
signer
currently
and
you
would
like
to
move
your
domain
to
a
different
signer
and
you
don't
want
to
go
insecure.
G
Then
you
need
to
do
multi-signer
in
the
middle
and
well,
if
you're
big
enough,
maybe
they
would
the
the
service
providers
would
humor
you
and
use
support
the
algorithm
you
want,
but
for
most
of
us
this
won't
happen
and
you
just
have
to
use
what
they
get.
You
give
you
and
if
they
give
you
different
algorithms,
you
can
do
this.
Okay
next
slide,
please,
and
so
the
the
problem
is
that
in
the
the
nsx
rfc
it
says
that
any.
G
If
there
is
a
in
your
dns
key
set,
then
you
have
to
have
signatures
for
it
and
next
slide.
Please,
and
of
course,
if
you
have
a
signer
that
doesn't
support
one
of
the
algorithms,
then
you
can't
do
that
and
so
then
there's
an
another
rc
that
says:
well,
if
you
are
a
resolver,
you
shouldn't
look
at
this.
G
You
should
only
see
if
there
is
some
valid
signature
and
then
you
should
accept
the
whole
thing,
and
obviously
these
two
rfcs
are
not
totally
in
sync
about:
what's
the
right
way
to
go
here
and
so
next
slide,
please
and
one
we
think
one
of
the
part
of
the
fix
could
be
this
in
rfc
6840
there
there's
it
says,
should
not
insist
on
this
on
all
algorithms
and
well.
An
obvious
solution
here
would
be
a
must.
Not
that
would
make
life
very
much
easier
for
us
next
slide.
G
Please
so,
and
then
there
is
a
validation
requirements.
Obviously,
so,
if
a
resolver
gets
an
answer
and
it
doesn't
support
the
algorithm
that
just
this
nameserver
instance
gives
back
then
obviously
there's
a
problem,
and
we
would
need
to
find
a
fix
for
that,
and
that
is
why
we're
here
today,
because
there's
some
questions
left
with
this-
how
we
make
this
work
and
we
would
very
much
like
input
from
the
community
and
next
slide,
please,
because
this
is
the
next
problem.
It's
downgrade
protection,
because
we
heard
a
lot
about
this.
G
You
know
having
all
algorithms
in
all.
Signatures
is
a
type
of
downgrade
protection
and
well
maybe
it
is,
but
I
think
we
would
need
to
talk
about
the
security
properties
of
the
whole
solution
and
I
think,
there's
hope.
Hopefully
some
people
here
in
the
room
that
can
are
more
qualified
to
discuss
it
than
I
am,
and
we
would
be
really
happy
to
talk
to
you
and
with
that
I
have
one
second.
A
A
K
L
L
L
L
So
my
idea
is
actually
this
idea
is
pretty
common
and
it's
picking
up
the
trend
is:
can
we
virtualize
the
control
unit
away
from
the
I
o
modules?
It
has
several
benefits
that
now
you
can
control
the
size
of
a
control
unit.
You
could
customize
memory
and
power
a
compute
power
based
on
your
requirement,
and
you
also
don't
need
to
build
up
rugged
cages
or
something
to
maintain
your
plc's
on
the
factory
floor
because
many
times
they
are
in
the
harsh
environments.
L
L
A
A
K
K
The
second
one
would
be
the
cloud
side
where
there
are
the
applications
that
these
users
consume,
and
finally
the
third
one
would
be
software-defined
network,
which
links
both
the
users
and
the
applications
and
provides
some
connectivity
and
now
imagine
in
this
scenario
we
have
a
growing
number
of
users
that
require
this
application,
so
the
load
grows
and
the
cloud
decides
to
allocate
more
resources
to
that
application.
So
it
can
manage
all
the
requests
that
they
are
getting
next
slide.
Please.
K
K
So
how
can
the
network
react
to
these
cloud?
Auto
scaling
events
in
the
cloud?
There
are
two
different
things
done,
the
first
one
being
vertical,
auto
scaling,
which
means
adding
more
resources
to
replicas
of
the
application
that
are
already
deployed,
and
the
second
one
is
horizontal,
auto
scaling,
which
means
deploying
more
replicas
of
the
application
to
distribute
the
load
more
evenly.
K
So
by
leveraging
the
software
defined
networking's
capabilities
and
its
underlays.
We
have
proposed
a
solution
based
on
the
right
path
and
allocating
elastic
bandwidth
on
terminals
to
translate
how
to
scaling
to
be
also
done
in
the
network,
and
if
you
want
to
see
more
of
actually
how
we
have
implemented
this,
you
can
come
and
see
us
at
panargy
presentation
that
takes
place
on
thursday
at
1pm
and
also
we
have
a
paper.
So
if
you
want
to
scan
the
qr
code
feel
free
to
do
so.
Thank
you.
M
The
first
slide
slowly,
so
the
title
is
trustworthy,
digital
supply
chain,
transparency,
services,
and
so
I'm,
I'm
here
on
behalf
a
lot
of
people
talking
about
this,
and
so
let
me
unpack
the
the
end
of
the
parenthesis
here.
There's
a
email
list
on
the
slide.
That's
skit
and
skip
means
supply,
chain,
integrity,
transparency
and
trust.
So
if
you
are
interested
in
the
topic
supply
to
that
itf
email
list,
there
are
weekly
meetings
on
mondays.
M
All
this
is
not
on
the
slide
deck,
but
we
have
to
present
hot
rfc
stuff
here
and
this
two
types
of
content,
one
of
those
about
architecture
and
one
is
about
a
specific
cozy
standard.
We
want
to
promote
here,
so
that's
a
hot
rfc
and
already
wasted
a
minute.
So
let's
go
for
the
next
slide.
I
have
four
slides
so
so
all
of
you
know
supply
chains,
there's
a
very
specific
one.
That's
interesting
to
the
itf.
M
I
think,
because
is
about
software,
and
I
think,
there's
a
lot
of
hype
about
software
right
now,
because
there's
a
executive
order.
I
heard
about
in
the
u.s
and
it's
somehow
about
securing
cyber
security,
and
I
guess
it's
about
software
and
also
something
called
the
software
build
of
material.
But
in
the
end,
all
this
is
going
to
solve
a
problem
and
the
problem
is
the
auditability
of
all
of
that
and
I
think
we
as
an
itf.
M
M
So
now
I'm
going
to
do
a
quick
dive
into
the
two
things
which
are
the
architecture
and
the
res
receipts
on
here.
So
let's
start
with
the
left,
left
right
side,
first
right
and
and
and
then
you
have
the
artifact
in
your
supply
chain.
It
can
be
everything
can
be
a
fish.
It
can
be
a
s-bomb,
that's
very
on
vogue.
M
It
can
be
a
car,
so
anything
and
there's
an
artifact
that
is
produced
and
variated
in
supply
chain
that
you
can
create
statements
about
and
you
issue
them
and
the
issuing
happens
by
signing
them
and
then
you're
in
an
issuer,
and
this
is
a
gun
already
cozy
stuff.
So
on
the
left
side,
you're
the
the
receipt
thing,
you
already
see
some
cdl
there
that
reveals
this
is
a
counter
signing
thing.
M
So
when
you
have
the
issued
signed
claim,
you
can
put
a
identity
document
thing
like
I
did
this
in
there
and
then
this
is
a
claim
claim
might
be
a
bad
term.
Let's
not
talk
about
this
right
now,
but
then
you
put
it
to
this
transparency
service.
That's
the
ledger.
You
might
heard
a
blockchain,
that's
not
a
blockchain,
it's
close
to
it,
but
it's
an
append.
Only
ledger
and
the
important
thing
is.
M
You
can
trust
this
ledger
and
then,
when
you
did
the
commit
of
this
transparent
claim
to
your
supply
chains,
everybody
wants
to
know
about
this
and
come
back.
You
get
a
receipt
and
the
receipt
is
a
counter
signing
method
about
merkle
trees
that
we
do
and
then
it's
a
transparent
claim.
So
now
we
have
this
statement.
That
is
the
statement
about
the
artifact.
M
You
have
the
claim
itself
and
the
received,
and
now
you
can
offline
validate,
that
you
can
put
trust
in
the
trial
in
the
ledger
and
the
transparency
service
and
just
be
offline
and
that's
an
important
feature.
I
think,
but
also
you
can
go
back
to
the
ledger
and
do
the
service
audit
trail
back
to
this,
because
at
the
bottom
left
there's
auditors.
We
want
to
make
sure
this
all
happens.
M
M
M
A
N
N
The
guardian
described
it
as
a
starkest
warning
yet
of
major
inevitable
and
irreversible
climate
changes.
So
the
basic
question
now
we
need
to
ask
is
what
we
should
do,
and
what
can
we
do
so
we
started
to
ask
ourselves
a
subset
of
questions.
We
term,
such
as
how
if
we
apply
the
ipcc
recommendation,
then
what
would
be
the
impact
on
the
itf?