►
From YouTube: IETF99-IDEAS-20170719-1330
Description
IDEAS meeting session at IETF99
2017/07/19 1330
https://datatracker.ietf.org/meeting/99/proceedings/
C
C
A
All
right
we're
getting
close
to
1:30,
so
we'll
let
people
sort
of
drift
in
and
stuff
like
that,
and
if
somebody
sitting
way
in
the
back
sort
of
slacking
off
could
actually
pull
the
door
shut
as
well.
So
we
don't
soil
the
others
having
to
listen
to
us
so
I'm
Tim
and
ask
me
about
my
boss:
welcome
to
ideas,
these
pins,
retorted,
great
identities,
identifiers
management,
sort
of
things,
so
I'm
Tim,
that's
Ryan!
If
you're
in
vienna's
privacy
yesterday,
where
this
is
the
same
crew
I
am
I'm
gonna.
A
Let
Brian
speak
this
time,
because
yesterday
I
didn't
talk
at
all
so
little
Penn,
&
Teller
thing
going
on
so
Alvaro
is
our
IAC
overlords,
I
and
I.
Thank
him
for
inviting
us
to
this
sort
of
turn.
Assertion.
Hannigan's,
Suzanne
Woolf
is
doing
jabber,
scribe
and
I've
got.
We've
got
actually
three
minute
takers,
I'm
tortoise
Nova
and
there's
one
other.
So
could
you
please
raise
your
hand,
so
I
can
see
you
guys
and
oh
sweet.
Thank
you!
People.
A
A
So
I
think
we've
all
seen
this
before
so,
and
actually
it's
the
new
text,
I'm
pretty
sure
I
have
to
take
that
one
and
there
should
be
some
blue
sheets
going
around,
and
since
this
is
a
broth,
we
want
to
get
everybody
to
get
their
names
in
there.
So
we
can
tell
the
secretariat
yes,
there's
interest,
you
know
you
guys
want
to
do
something
move
forward
with
this.
You
know
and
there's
actually
real
people
sitting
in
here
doing
stuff,
so
very
short
agenda,
a
little
bit
of
a
bashing.
Why
are
we
here?
A
Brian's
gonna,
give
you
the
sort
of
run
down
and
sort
of
as
Anna's
gonna
talk
about
the
problem
statement.
Bob
Mott's
chris,
has
got
a
couple
of
examples.
He
wants
to
do.
Show-And-Tell
with
discussion
on
gap,
analysis
and
then
sort
of
open
discussion.
I
know
you
all
have
been
sort
of
working
on
sort
of
some.
Some
charter
text
and
I
took
a
look
at
it
before
the
meeting,
and
the
only
comment
I
can
say
is
less
is
more
so
you
know
as
someone
who's
done,
you
know
sort
of
these
new
working
groups.
A
You
want
to
be
vague
and
allow
yourself
some
flexibility,
but
not
in
not
sort
of
you
know
force.
You
know
not
try
to
you're,
not
trying
to
boil
all
the
oceans.
You
may
want
to
try
to
boil
one
ocean,
but
you
know
first,
you've
just
got
to
prove
that
you
can
actually
get
the
water
going.
So
that's
that's.
My
only
advice,
though,
and
Brian's
got
from
being
a
former
eighteen
he's
got
some
really
great
sage
advice
he's
sort
of
waiting
to
share,
though
but
Brian.
What's
a
chat
about.
A
D
All
right
so
I'm
gonna,
try
and
make
this
quick.
The
the
the
big
thing
here
is
is
that
some
of
this
is
for
the
communities
benefit.
Some
of
this
is
for
the
the
is
G
and
the
IAB
benefit,
because
this
is
a
work
reforming
ball.
So
part
of
what
we're
trying
to
do
here
is
figure
out.
Is
there
sufficient
energy
for
work
to
be
done
in
the
IETF
and
is
there
work
that's
applicable
to
the
IETF
to
be
done?
D
So
with
that
in
mind?
What
I'm
going
to
try
and
do
is
kind
of
cover
the?
What
I
think
is
kind
of
the
historical
basis
of
why
we're
here
there
have
a
variety
of
identity
based
services
and
solutions
that
have
been
posited
about
either
actually
happening
deployed,
or
at
least
been
thought
through.
Some
of
these
things,
we
rely
around
circle
around
like
mobility
solution,
multihoming
solutions.
D
And
so
what
we're
trying
to
figure
out
here
is:
is
there
a
framework
that
can
be
formulated
to
to
provide
these
ID
based
services,
the
ability
to
separate
identity
and
location
from
each
other,
and,
more
importantly,
is
if
we
can't
identify
a
framework?
Is
there
actually
sufficient
energy
and
interest?
You
know
in
the
idea
to
do
that
work,
and
so
that's
why
I'm
hoping
that
all
of
you
are
here
is
to
either
tell
me
yes
or
no
about
that
particular
question.
D
E
So
let's
talk
a
little
bit
about
the
motivation.
Why
are
we
here?
What
is
try
idea
is
trying
to
do
to
understand
that
better.
We
have
to
look
at
the
perspective
of
all
the
actors
in
the
network
in
their
perspective.
What
do
we
have
today?
We
have
a
network
which
is
successful
and
evolving.
We
know
that
the
trend
is
increasing
access
diversity,
as
well
as
device
diversity.
E
We
have
ubiquitous.
New
mobility
is
a
given
it's
the
norm
today
and
for
the
sake
of
discussion
today,
we're
going
to
restrain
ourselves
to
identify
your
location,
split
protocols
when
we
look
at
it
from
their
user
perspective,
what
they
really
want
is
privacy,
finer
grain
access
control,
as
well
as
personalized
context
of
our
features
from
an
operator
standpoint.
Of
course
they
want
to
generate
revenue
from
these
kind
of
services,
but,
more
importantly
as
well.
They
really
want
to
have
operational
and
deployment
simplicity.
E
So
what
can
we
do
here
to
help
out
$2
release
tasks,
and
one
of
the
ways
of
doing
this
is
what
his
ideas
is
proposing
is
to
introduce
the
identifier,
identity,
identity,
identifiers.
But
what
do
I
mean
by
that?
As
Brian
said
earlier
about
10
years
ago,
we
came
up
with
a
concept
of
identifier
locations
flight
and
what
we're
proposing
today
is
just
one
step
forward
more,
which
is
the
identity
identifiers
like.
E
What
do
you
mean
by
that
I'm
going
to
have
a
small
table
here,
which
is
a
10,000
foot
view
of
the
difference,
because
Bob
is
going
to
have
a
longer
presentation
on
identity?
Any
discussion
on
that,
but
two
main
characteristics
is
identity,
is
unique
to
an
entity
and
identifier
is,
you
might
have
multiple
identifiers
and
they
are
associated
to
that
identity.
E
The
identity
has
a
notion
of
secrecy.
It's
never
shown
clear
on
the
wire
why's.
The
identifiers
can
be
shown
as
calendar
wire.
You
understand
that
a
little
bit
better
when
I
explain
their
different
use
cases,
but,
more
importantly,
the
identity
is
an
enabler.
It
will
enable
us
to
have
lookup
access
control,
which
cannot
be
easily
defeated,
protecting
the
privacy
of
your
flows
to
instructors.
E
Okay,
so
here's
the
stuff
is
that
some
reason
animation
is
not
working
well
anyway.
Here's
the
stuff
is
that
originally
the
site
showed
Alice
who's
going
around
and
typically
an
ideal
location
separation
protocols.
They
will
update
the
method
system
and
one
of
her
friends
Mary,
for
example,
would
be
actually
asking
the
record
system
where
they
are
and
repeatedly,
but
by
repeating
Lee
asking
for
her.
She
can
always
find
where
she
is.
That's
actually
great,
because
you
want
your
friends
to
find
you
anywhere.
E
You
are,
but
the
picture
changes
if
it's
no
longer
your
friend
but
a
hacker.
That's
actually
looking
for
you
number
one,
the
fact
that
you
have
a
public
identifier.
Well,
you
have
no
control,
it's
public
data.
Anybody
can
look
you
up,
anybody
can
track
you
and
you
have
really
no
privacy,
and
it
is
very
difficult
to
defeat
that.
So
what
we
see
here
is
that
we
really
need
access
control
tied
to
the
identity,
not
so
much
to
identify
or
IP
addresses,
because
you
can
change
those
and
the
real
balance.
E
E
One
thing
that
will
happen
is
that
you
will
eventually
build
your
IP
packet
with
the
semantics
might
be
a
little
bit
different
depending
on
protocols,
but
you'll
have
an
IP
add
or
your
ID
header
in
your
packet.
But
if
you
have
somebody
actually
sniffing
those
two
points
sniffing
the
packets
and
they
can
actually
look
up.
They
will
be
able
to
identify
as
good
flows
and
whose
or
the
peers
who
is
talking
to
her
and
I,
can
see
most
worried.
E
So
long,
if
I
don't
fires,
can
you
delete
them?
So
you
really
won't
to
have
those
long
live
identifiers,
but
let's
say
now
Bob
that
used
to
be
your
friend
is
longer
your
friend.
And
how
do
we
stop
him
from
using
that
and
you?
So
you
will
have
a
lot
of
unwanted
communication.
You
there's
nothing,
you
can
do
about
it.
E
So
what
we
do
know
is
that
identifier
that
has
been
used
before
by
alleged
stupid
pills
can
be
abused
eventually,
and
if
we
try
to
erase
them
from
the
system,
then
you
lose
all
information
tied
to
that
identifier.
What
you
really
want
is
actually
your
entry
in
the
system
to
be
mutable
because
that's
tied
to
you,
but
the
external
representation
of
that
that
you
share
with
your
peers
the
things
one
should
be
irritable.
E
Earlier
I
mentioned
that
we
have
a
diversity
of
devices,
that's
going
to
come
with.
That
comes
the
implication
that
we
may
not
have
one
solution
fit
all
in
the
future.
So
what
we
saw
here
has
difficulties
in
mapping
systems
is
that
you
might
have
multiple
mapping
systems,
and
this
in
itself
have
been
impediment
for
their
deployment,
because
it's
going
to
be
operationally
very
complex
to
deploy
those
into
maintaining
those.
It's
going
to
be
very
difficult
to
have
common
basic
and
consistent
policies
applied.
E
E
We
have
this
generate
identity
service
which
have
different
instances
and
they
have
different
modules.
You
have
the
traditional
mapping,
module
identity,
identifiers
that
we
have
today
identify
a
location
that
we
have
today
and
then
we're
bringing
the
new
identity
services
policy
based
services
or
metadata
module.
E
So
in
green
is
the
area
where
ideas
would
have
work
done
in
a
day,
I
suppose,
probably
now
the
scope
of
work
we're
really
talking
about
Network
identifiers.
Here,
the
locators
are
assumed
to
be
a
beauty
for
v6.
When
we
talk
about
me,
the
data
is
not
something
complex.
It's
something
very
simple:
it's
not
changing!
It's
very
low
frequency,
it's
not
even
in
the
data
plane
or
anything
like
that.
The
identity
services
is
really
for
registration
of
those
services
and
identities.
E
Depending
on
how
you
want
to
deploy
grades,
you
could
be
able
to
deploy
it
locally
or
on
a
global
scope
and
eventually,
if
we
have
a
global
scope,
integrates
who
might
be
in
the
scope,
then
out
of
scope.
Absolutely
is
we're
not
trying
to
do
mapping
of
domain
names?
We're
not
trying
to
do
application
level,
names
or
directories
that
that's
not
the
point
here.
We're
not
trying
to
do
high
frequency
data
changes
either,
nor
trying
to
bring
very
complex
policies
on
that.
E
So,
thank
you
on
behalf
of
the
ideas
design
team,
which
is
a
large
team,
and
so
the
work
that
I
presented
here.
It
is
really
the
work
of
everyone
in
this
place.
We
also
have
multiple
companion
documents
that
I
didn't
present
today,
but
gives
you
more
use
cases
both
on
identity
and
identified
er
questions.
G
G
G
Because
you're
talking
about
I
was
talking
to
Bob,
and
so
always
Alice
and
Bob
are
connected
to
one
service
when
they
use
some
human
friendly
names
to
translate
that
invite,
let's
that's
a
transparent
applications,
more
or
less
and
those
are
kind
of
more
ephemeral
identifiers.
He
changes
IP
address
changes,
so
this
is
not
persistent
identifiers
at
all
and
I.
Don't
know
how
much
security
is
exposed
because
of
that
because
most
of
the
say
most
of
the
things
are
in
the
higher
application
layer
like
HTTP
and
other
applications.
E
So
I
would
say
this
today
we're
talking
about
applications,
there's
some
application
that
actually
I
can
see
you're
looking
at
it
from
that
level
only,
but
on
the
slice
it
was
written
idea
where
so
we're
really
thinking
about
application
that
our
idea,
where
and
using
an
underlay,
you
know
using
less
or
help
or
other
protocols.
So
it
doesn't
necessarily
mean
that
these
are
service
level
applications,
and
if
this
was
the
case
most
worried,
they
would.
There
are
ways
of
doing
this,
but
this
is
not
really
what
good
yeah
after
so
I
mean
what
I'm.
G
E
G
G
H
Of
his
cases
listed
in
the
use
cases,
one
is
some
primary
use
cases:
mobility.
Wherever
mobility
is
needed,
it
enhances
the
security
of
the
mobility
services
provided
by
the
ideal
location
protocols.
That
is
one
use
case,
and
there
are.
There
are
three
more
use
cases
listing
in
the
IOT
use
cases
with
the
local
grits
instance
and
low-power
and
high
powered
devices,
and
although
IOT
cases-
and
there
are
two
more
use
cases-
it's
all
detailed
in
the
grits
ideas
use
case
document.
G
G
G
A
I
A
J
E
E
But
just
to
answer
you
is
that
the
way
we
see
an
identity
is
a
representation
of
who,
what
you're,
saying
uniquely
identifies
you
and
the
way
we're
looking
at
it
is
that
the
identifier
and
the
locator
is
showing
where
you
you
are,
so
it
really
depends
on
how
you
want
to
define
it
and
I.
Think
it's
better
to
for
Bob's
presentation.
J
E
K
A
L
Luigi
I
have
one
question
he's
on
slide:
eight
you
show
at
some
point
that
is.
If
you
go
down
in
your
scheme,
you
go
down
to
the
control
plane
and
then
you
have
a
bunch
of
different
protocols.
Encapsulation
on
yes
and
you
thought
about
how
you
choose
that
or
maybe
there
is
a
presentation
later
on
on
this
yeah.
E
L
M
I'm
a
little
bit
concerned
about
the
out
of
scope
things:
it's
like
we're
living
in
a
world
where
AI
D
space
gets
shared.
So
you
see
like
a
typical
holistic
company
shares,
maybe
hundreds
of
applications
behind
the
single
EIT
on
the
other
end
you're,
seeing
http/2
getting
more
traction,
so
everything
is
encrypted
end-to-end
anyway,
and
the
idea
itself
is
meaningless.
So
we
have
to
think
about
a
different
way
to
indentify
application,
to
ensure
that
you
can
really
have
great
security,
so
a
puree
Eid
been
good
enough.
I
guess
so!
M
E
N
The
second
one
was
to
do
with
the
layers
that
you've
been
describing,
and
it
was
just
to
point
out
that,
whether
you're
talking
about
the
network
layer,
the
device
layer,
the
application
layer,
the
human
layer
mm-hmm
there
are
identifiers
present
at
all
of
those
layers
and
from
a
human
identity
and
privacy
perspective.
The
point
is
that
you
must
be
conscious
that
an
individual
can
be
identified
by
means
of
data
at
any
of
those
layers.
So,
for
example,
consistent
use
of
the
same
MAC
address
might
identify
an
individual.
N
E
And
we
agree
with
you-
and
this
is
not
really
here-
it's
interesting.
You
ask
this
question
because
I
think
valve
is
going
to
have
the
presentation
where
they
talk
a
little
bit
more
about
identity
and
what
we
mean
by
identity
and
I.
Think
that
will
actually
help
also
some
of
the
discussions
that's
happening
here
where
they
get.
So,
let's
have
this
Bob's
presentation
first
and
then
we'll
have
a
better
idea
like
I
just.
A
Had
what
we
had
one
question
sort
of
as
the
chairs
in
sort
of
looking
at
the
control
plane
stuff,
the
curiosity,
how
many
folks
here
they're
coming
to
deploy
like
list,
for
example,
in
their
network
in
production?
Oh
okay,
it
looks
like
maybe
a
half
dozen
okay,
and
is
anybody
looking
good
because
I
wonder
you
know
you
talk
about
that?
I!
Guess!
That's
a
concern!
A
A
E
A
A
And
and
in
his
comment
about
the
sort
of
service
I
think
you
know
like
the
open
source,
people
would
have
solved
this
with
a
bunch
of
api's.
You
know
with
some
sort
of
you
know:
wacky
software
sort
of
thing
right
and
so
I
think
that
would
be
a
question
that
would
probably
come
out
later
down.
The
road
is
like
you
know
why.
You
know
why
one
versus
two
kind
of
thing
right
so
and
I'm
not
saying
one
is
better
than
the
other
I'm
just
saying
yo.
A
This
is
how
I,
probably
another
group
of
people
would
have
solved
it
right.
I
know,
I,
wouldn't
ask
I
work
at
an
enterprise
company
it
sails
for
us.
We
make
this
kind
of
strange
product
that
some
people
see.
People
seem
to
love,
but
I
wouldn't
talk
to
all
the
network
engineers
cuz.
They
took
all
my
access
away
years
ago,
but
they're
very
the
idea
of
deploying
listed
Network
sort
of
scares
them
and
so
they're
like
big
BGP
people,
but
quickly,
you
know,
and
so
they're
much
rather
they've,
gotten
much
more
used
to
sort
of
saying.
A
E
Useful
man
I
just
want
to
say
something
else.
We
have
a
few
proponents
who
are
not
here
today,
for
example,
there
are
some
of
them
who
actually
working
on
Io
T,
for
example,
and
IOT
for
them
they're
really
want
to
have
a
Discoverer,
so
they're,
just
ending
with
the
worldÃs.
So
it's
true
that
we
may
not
have
everybody
here
whose
real
identity,
yeah.
A
When
I
was
listening
to
his
thing,
it
sort
of
you
know
wrens
needed
a
little
bit.
It
was,
you
know,
about
service,
discovery
and
stuff,
so
it's
just
stuff
for
later
on.
In
the
conversation.
Thank
you.
D
I
The
point
I
want
talk
about
here
is:
there's
a
lot
about
identity
here,
I'm
talking
about
identity
within
the
framework
of
the
IETF,
and
particularly
in
the
framework
of
a
we're
talking
about
identity
or
into
networking
so
defined
any
four
ideas:
ITF
endpoint
identity
is
unique
to
the
identity
entity
and
the
other
key
thing
is
we're
not
talking
about
identity
of
people.
We're
talking
about
identity
of
machines.
I
That's
one
of
the
important
points
here:
don't
bring
up
discussions
about
people,
yes,
there's
a
lot
of
talk
about
your
cell
phones,
here's
personally,
so
your
your
first
identity
and
your
self
are
tied
together.
But,
however,
you
have
like
three
or
four
cell
phones.
We're
talking
here
about
identity
is
unique
to
an
identity,
is
unique
to
an
entity
and
entity,
meaning
a
machine,
a
silicon
creature
here,
an
entity
symbolism
machine,
not
an
organic
entity
and
but
also
to
allow
for
ephemeral,
anonymous
identity
for
privacy,
use
it's
a
fun
discussion.
I
Is
there
only
one
identity
for
an
entity
or
either
multiple
have
a
lifetimes?
Those
sorts
of
discussions
greatest
questions,
I,
don't
want
to
do
that.
Those
discussions
here
in
this
bar,
but
be
aware
that
we
are
having
those
discussions
and
they
are
appropriate
within
the
workgroup,
because
that
will
influence
aspects
of
the
grids,
but
an
other
point
about
this
concept
of
identity.
They
need
to
be
shared
and
understood.
We
need
to
talk
about
identity,
so
they
need
to
be
Express
in
some
language
and
is
that
language,
a
fully
qualified
domain
name,
is
the
x500
name.
I
Inside
of
a
x.509
certificate
is
an
nai,
the
answer
that
is
yes,
we
need
to
support
different
languages
in
which
to
discuss
identity,
and
so
we
talked
about
this
we're
not
going.
We
can't
limit
ourselves
to
one
language
of
identity.
We
need
to
support
multiple
languages
of
identity
so
that
whatever
community-
and
this
is
the
scalability
point-
we
knew
something
was
scalable
and
flexible
and
not
limited
to
one
domain
of
interpretation
and
define
identifier
for
ideas.
I
So
what
we
have
come
up
right
now-
and
this
is
again
going
to
an
area
of
discussion
and
debate,
but
putting
a
stake
in
the
ground
and
for
those
of
you
don't
know,
the
origin
of
the
u.s.
expression
stake
in
the
ground.
I'll.
Explain
that
to
you
later,
there's
an
interesting,
rather
bloody
explanation
for
that
ITF
endpoint
identifier
is
a
valid,
but
typically
non-routable,
ipv6
address
or
an
IP
v4
address.
It
could
be
a
portion
of
a
rata
bull
dress,
so
it
could
be
the
end
part
of
an
ipv6
address.
I
We
have
a
lot
of
fun
in
this
areas.
It
may
be
statistically
unique
or
maybe
some
sort
of
a
managed
space,
but
it
wouldn't
have
to
be
managed
within
a
domain
of
you,
so
you
don't
have
collisions
even
scuzz
with
hip.
We've
done
a
lot
with
the
statistically
unique
and
we
dealt
a
lot
with
being
able
to
avoid
collisions.
So
we
have
a
lot
of
a
lot
of
history
and
experience
about
well,
anything
have
to
have
a
big
space
or
you've
really
got
to
manage
it
previous
to
got
to
manage
it.
I
The
restriction
of
the
employed
identity
to
IP
addresses
is
to
be
transparent
to
the
applications
and
management
of
the
Lok,
a
I
be
mapping
another
key
operational
protocol
point
and
hip
endless
achieve
this,
and
others
could
achieve
it.
It
part
may
achieve
it
as
well.
There
may
be
assured
hands
fried
enterprise
within
specific
applications,
because
if
your
implant
identity
is
a
v6
address
and
you
have
to
carry
that
in
every
packet
as
well
as
the
look
you
get
these
big
package
that
the
IOT
people
campaign
and
scream
about
so
we
have
short
hands
in
hip.
I
They
are
called
security
parameter
indices,
which
are
just
four
bytes
32
bits,
so
you
may
have
a
shorthand
in
which
you
actually
operationally
use,
which
is
distinguished
from
the
actual
identifier
which
is
in
use
in
the
negotiation
protocols
and
the
rest
of
it.
These
two
slides
is
what
we
have
discussed
a
lot
over
the
last
20
years.
I
can
go
back
even
to
earlier
discussions
if
I
want
to
you
want
to
corner
me
on
that.
We've
been
talking
us
for
a
long
time.
I
The
problem
we
have
had
is:
we
have
not
built
the
infrastructure
for
discovery.
How
discover
your
partner,
how
discover
what
services
are
available?
How
to
do
the
reverse?
If
you
have
my
dint
of
fire,
what
identity
is
at
4
and
are
you
allowed
to
know
what
policies
are
in
place
to
constrain
that
discovery?
This
is
not
about.
The
actual
ability
is
not
about
how
low
I
see
ID
works
here
been
Lisp
and
ila
address
that
this
is
how
we
get
from
the.
What
is
I
want
to
I
want
to
talk
to
how
how
I?
I
What
is
identity
of
that
then
what's
identifier,
so
that
I
can
find
them
in
the
network
and
if
I'm
permitted
to
work
with
them
the
network.
So
those
are
my
two
slides
which
are
for
discussion
points.
I
will
now
open
briefly
discussions,
but
know
that
most
discussion
we
want
to
take
to
the
main
list.
Yes,
okay,
if.
P
You
go
back
to
previous
slide.
Okay,
you
mentioned
any
odd.
We
have
been
here
annuity
of
before
about
to
explore
the
meaning
of
identity.
Okay,
it's
not
new!
Okay!
Now
we
especially
I,
remember
in
if
working
group
pap,
even
Triple
A.
When
we
talked
about
nai,
we
said
yeah
nari
has
to
have
a
user
identity
and
also
the
realm.
So
there
are
two
pieces
we
didn't
even
care
about.
Ipv4
ipv6
address
now,
I
think
identity.
The
scope
of
identity
is
not
really
that
simple.
P
So
we
need
to
look
into
like
a
billable
identity
that
you
can
use
that
like
today,
you
have
a
service
for
your
cell
phone.
You
have
a
service,
not
the
person
that
owns
the
phone,
so
that
is
like
your
IMSI,
which
is
a
service
related
identity
which
is
globally
unique
by
the
way,
then
you
have
an
identity
for
the
device
itself,
the
shell,
so
that
is
your
I
M
er,
which
is
the
equipment
identity.
Then
you
have
an
N
AI,
which
basically
takes
you.
C
P
Maps
your
those
identities
into
a
service
that
is
consumable
by
the
network,
okay,
which
is
mainly
nai,
and
that
nai
now
is
well
positioned
in
IETF,
and
it's
widely
used.
Okay,
so
I'm
new
to
ideas
but
I'm
trying
to
explore
or
relate
or
link
their
ideas
into
what
we
know
so
far
about
identity.
That
I
mentioned
examples:
I
am,
I
I
am
si
and
then
we
have
nai
and
of
course
we
have
the
IP
address.
But
I
don't
think
that
IP
address
is
that's
relevant
to
this
yeah.
C
P
Identifier
and
Lok,
okay,
so
those
are
eggs,
a
good
example
and
need
to
really
focus
on
the
scope
of
this
new
working
group
and
to
see
which
problem
this
working
group
is
aim
to
solve.
Each
problem
is
that
they're
billing
problem
is
the
routing
problem.
Is
that
authentication
problem
is
that
authorization
problem
is
something
else
billing.
I
To
me
is
metadata,
so
if
that
identity
has
billing
characteristics,
they're,
apart
of
metadata,
which
we're
getting
to
the
policy
of
access
and
the
rest
of
that
and
those
people
who
live
with
those
sorts
of
identities
as
they
as
they
add,
as
they
add
their
their
piece
of
this
into
what
we
do,
they'll
provide
that
metadata
and
how
it
works,
and
then
what
the
policies
are
used
to
this
notice,
I
say
e/g.
These
are
examples.
It
is
not
meant
to
be
an
exhaustive
list
or
maybe
even
a
proper
list.
I
Maybe
an
AI
doesn't
belong
here,
I'm,
not
gonna,
say
yes
or
no,
that
I
was
told
to
add.
Nai
I
did
not
have
them
first
version,
my
slides,
so
that
that's
that's
the
point
there.
So
this
is.
Let's
take
this
discussion
to
the
list.
We
are
really
open
to
this,
but
we
want
to
create
an
environment
where
we
are
not
constrained
to
one
particular
domains:
concept
of
identity.
We
want
these
various
domains
to
be
able
to
work
and
gain
access
to
the
identifiers,
loke
capability.
I
M
Can
we
look
at
just
to
add
to
what's
already
said,
I
think
nowadays
I
as
a
consumer?
Okay,
I,
don't
care
about
the
endpoint,
identify
this
disc
right
here,
I
care
about
the
application,
I'm
talking
to
and
I
think
the
security
guys
haven't
done
a
good
work
of
saying
about
it's,
not
database,
whatever
don't
already
generate
identifiers
for
application?
Maybe
it
makes
sense
to
replace
the
endpoint
identifier
by
somehow
and
identify
or
it
being
used
in
the
security
environment,
to
identify
applications
and
replace
this
one
I
think.
P
Q
Stupid
question:
what
about
using
just
the
public
key
as
the
identifier,
because
it
solves
the
problem
of
being
about
creating
your
identity,
as
desired
application
developers,
understand
this
concept.
It's
very
simple:
it
doesn't
require
a
lot
of
new
infrastructure.
You
can
have
one
identity
for
everything
like
logging,
every
website
with
just
your
public
key
or
you
can
make
a
new
I
didn't
identity
or
identifier
as
desired
for
privacy.
If
you
need
to
retire
one
or
separate
your
identities,
please
read
the.
I
Hip
architecture,
RFC
I,
did
this
some
time
ago,
one
the
challenges
with
a
public
key
for
identifiers
which
public
key
format
and
their
size
and
other
shapes
the
whole
one
of
the
major
things
that
hip
without
getting
shortly
on,
is
to
have
a
consistent
representation
of
identifiers,
regardless
of
the
IP
particular
underlying
crypto
algorithm.
So
you
can
say:
oh,
let's
just
use
a
public
key
and
I
select
which
one
which
public
key
sites
which
algorithm
which
representation
OpenSSH
keep
on
that.
Yes,
just
thank
you.
R
I
I
A
lot
of
people
here
up
north
list,
some
people
from
me
with
hip
I'm
Eunice
as
a
hip
back
rounder.
What
really
is
the
host
identity
protocol
and
I'm,
partly
to
blame
for
where
hip
has
been
pigeon-holed
in
terms
of
where
it
should
could
have
been
the
host
identity
protocol
based
on
a
new
flat
namespace
the
host
identity
tag,
which
is
a
valid
non-routable
ipv6
address?
We
are
assigned
by
Ana
ipv6
prefix.
This
is
a
valid
address,
get
routed
what's
about
address
and
they
hit.
Also
a
new
tag
is
cryptographically
derived
from
the
host
identity.
I
So
it's
a
raw
public
key
in
a
defined
format.
Is
that
our
essays
at
the
SI
is
an
e
CC
which
ECC
the
rest
of
that.
So
that's
defined
to
come
with
a
consistent
representation
whose
informant,
which
is
the
hit
and
the
protocol
is
a
minimalistic
Sigma,
compliant
where
there's
not
in
theme
security.
That
means
signed
and
Mac
protocol.
I
I
Oh
boy
have
we
had
these
discussions
in
depth,
so
the
i1
trigger
exchange
is
basically
I
want
to
talk
to
you.
There's
no
Kryptonian,
there's
no
initial
demand
attack
against
the
responder
extensive
discussions,
but
even
here
we
have
found
in
IOT
some
reflective
attacks
in
IOT
against
the
responder.
The
important
thing
here
is
that
the
responders
host
identity
is
sent
in
the
clear
cuz.
I
We
don't
have
any
keys
yet
to
protect
it
and
again
that
to
address
a
resource
exhaustion
attack,
then
the
IT
response
by
this
point
you
have
a
key
and
then
they
are
to
acknowledgment
so
and
and
in
the
header
there's
the
hit
both
initiator,
responder
and
everyone.
The
point
here
is:
this
is
a
very
lightweight
protocol
for
exchanging
identifiers
and
the
underlying
identity
in
the
exchange
and
establish
the
relationship
between
them.
I
With
a
lot
of
concern
in
a
very
simple
state
machine
that
either
party
can
be
the
identity
initiator,
you
can
switch
roles,
you
can
cover
from
from
loss
a
state,
a
number
of
other
related
things.
My
first,
professor
in
college,
was
death
on
state
machines.
You
didn't
do
the
state
machine,
you
got
a
zero,
so
I
did
the
state
machine
with
this
hip.
Mobility
is
a
concept
of
a
rendezvous
service,
as
I
think
it
was
Steve
during
who
told
me
that
Bob
you
have
to
be
able
to
meet
when
you
both
move.
I
So
how
do
you
meet
you?
Randy
do
so?
That's
the
origin
in
the
Ronnie
we
serve
our
state
Steve
Jerry,
for
getting
me
on
that
path.
Pierre
registers
to
an
obvious
using
the
hip
registration
protocol,
the
Pierre
publishes
its
re
s
address
as
its
location.
An
initiator
sends
the
I-12,
the
RBS
as
a
result
because
doesn't
worthy.
It's
where
wants
to
go
to
with
RVs
does
and
the
obvious
for
is
I
won
to
the
pier,
and
the
pier
then
sends
our
one
directly
to
the
initiator,
and
so
we
talked
about
is
a
slingshot
operation.
I
There
are
via
slingshots,
I,
went
to
the
pier
and
has
no
further
interaction.
So
the
obvious
is
a
very
low
all
communications
overhead
requirements
because
you
registered
to
it
and
it
sends
forward
until
the
pure
moves
when
appear
moves.
It
sends
a
hip
notify
hip
update
with
the
new
location,
both
to
its
peers
in
case
appears,
have
moved
and
to
the
RVs,
so
that
the
obvious
now
it
knows
where
the
pier
is
so.
You
can
tell
if
your
hello,
I
just
moved
over
here.
I
just
moved
over
here
and
in
perfectly
the
same
team.
I
But
what
have
to
be
both
you?
At
the
same
time,
how
do
you
handle
the
double
jump
so
in
the
double
jump,
when
you
sent
your
pure
he's
no
longer
there
to
receive
it
he's
gone.
So
that's
where
the
RVs
you
can
relearn
via
the
RVs.
We've
accelerated
this
in
my
new
hip
fast
mobility
graph,
using
what's
called
a
shotgun
approach
to
be
able
to,
in
some
cases,
to
go
to
one
or
even
zero
round
trips
for
the
mobility
operation
so
hip
well
handles
the
identity
and
and
the
move
operation.
I
I
But
again,
does
this
I
also
say
that
I
in
attitude
15
there
is
a
key
management
pathway
to
use
hip
pull
in
for
for
ipv4
8215
for
devices
for
the
key
establishment.
So
hip
should
not
be
about
simpler
ESP,
but
about
connecting
to
end
points,
but
there
were
weaknesses
here
too
much
crypto
people
have
always
complained
that
he
has
too
much
crypto
in
it
and
that's
why
that's
one
of
the
justifications?
Why
shouldn't
say
it's
done
back
in
the
day?
We
want
something
with
less
Krypton
one
the
answers
I've
done.
I
This
is
the
hip
diet
exchange.
Why
do
lose
Sigma
compliance
and
a
few
other
things,
but
it's
the
mineral
cryptographic
operations
and
this
new
hip
in
IP
arm
tunnel,
which
does
not
report
which
give
up
the
crypto
protection
the
packet?
If
you
assume
that
your
network
is
safe
to
run
such
a
thing
over
the
other
complaint
is
a
change
in
IP
stack
behavior
that
you
have
to
implement
in
the
stack
the
hip
to
Lok
mapping,
and
that
means
an
actual
change
to
the
end
point
where
there's
been
resistance
against
that
other.
I
We
have
DNS
resource
record
for
core
for
fqdn
for
to
go
from
a
high
to
get
a
high
and
a
hit,
but
that's
the
only
real
thing
we
have
there
and
we
did
an
experiment
with
distributed
hash
tables
to
do
reverse
lookup
to
given
a
hit,
how
you
can
get
back
to
the
to
the
to
the
fqdn
to
go
back
to
DNS
and
all
around
and
we've.
Never
really
a
well
address.
Inside
of
here,
what
is
being
discussed
here
in
ideas,
so
this
could
be
one
of
the
big
enablers.
I
Today
we
get
the
hip
more
usable
than
this
today,
so
new
work
in
hip,
rather
than
them
working
with
ideas,
there's
hierarchical
hits,
which
will
actually
also
play
in
to
better
work
with
with
ideas.
There's
a
fast
mobility
so
that
we
can
even
go
faster
than
we're
before
and
there
is
new,
faster
crypto
and
stay
tuned
for
even
more
faster
crypto
that
I'll
be
working
on
as
well.
Some
people
who
complain
about
the
crypto
we're
really
working
on
that.
That's
what
I
have
is
introduction
to
hip.
I
So
you
can
see
that
that,
in
terms
of
what
we
and
again
we're
talking
about
here
of
identifier,
Lok
separation
and
identity,
to
identify
or
use,
and
then
how
I
and
then
why
we
need
ideas,
because
there
are
things
that
have
not
been
well
done
and
the
discovery
is
a
very,
very
important
piece.
So
that's
all
I
have
on
him
and
if
you
have
any
questions,
I'll
answer
them
or
we
can
take
it
to
the
list
and
I
gave
this
as
like
as
a
reference
sub
presentation.
So.
B
Hello,
so
I'm
going
to
present
the
gap
analysis
for
identity
enabled
networks.
So,
although
Brian
did
a
very
nice
historical
and
technical
context,
politician
I
would
like
to
complement
it,
given
a
little
bit
of
background.
So
it
is
very
well
known
that
IP
addresses
coverage,
semantics,
meaning
that
IP
addresses
both
identify,
who
they
notice
and
where
it
is
attached
to
these.
B
At
least
this
is
the
oldest
reference
we
could
find
is
well-documented
idea
back
in
93
and
a
well-known
solution
for
this
is
to
use
the
ID
locator
speed
paradigm,
which
means
that
we
create
two
different
namespaces
one
set
of
one
name.
Speed
will
be
used
to
identify
who
the
noticed
and
the
one
where
the
note
is
attached.
So
what
happened
is
that
over
the
years
we
have
seen
several
solutions
which
have
been
developed
following
this
paradigm,
for
instance,
keep
and
locator
ID
suppression
proto.
B
Now
what
those
solutions
have
in
common
is
that
they
create
an
infrastructure
where
you
store
the
mappings
between
the
WHO
and
the
world,
where
you
store
the
mappings
between
both
namespaces.
So
in
these
pits
called
mapping
system
and
its
rendezvous
server
in
hip.
So
now
complementing
what
Robert
did
I
will
very
briefly
introduce
how
this
works.
Just
in
case
someone
is
not
overly
familiar.
B
So
in
this
query
tuning
spaces
following
the
locator,
the
split
problem,
we
have
a
leaf
which
identify
and
host,
and
then
we
have
a
routing
locators
which
are
rated
to
a
topological
location
of
such
a
hostage.
Then
the
router
that
connects
that
connect
both
namespaces.
They
are
called
tunnel
routers.
So
what
happens
in
a
very
in
a
least
pocketed
changes
that
first,
the
host
hostel
retrieves,
the
AED
of
course
B
with
an
external
mechanism,
can
be,
for
instance,
the
rest
and
then
it
sends
a
packet
just
as
in
a
standard
ap
towards
host
B.
B
Then
this
packet
is
intercepted
by
Perigord
X,
which
what
we
will
do
is
it
has
to
map
where
this
node
is
so
it
will
use
the
list
mapping
system,
which
is
this
infrastructure,
that
stores
mapping
between
who
and
where,
and
it
will
play
the
infrastructure
asking.
Ok,
where
I
can
find
know
the
AED
for
house
B,
which
is
B
well.
B
The
answer
is
in
Y
in
locator
Y,
so
what
it
will
do,
it
will
encapsulate
the
packet
and
send
it
to
word
router
Y,
so
in
that
in
the
packet
will
go
in
capsulated,
the
outer
heater
will
be
the
air
locks
source
air,
lock,
router
each
destination,
air
lock,
router
Y
in
your
packet
will
be
the
original
packet
source,
any
host
a
source
destination,
Bing
Crosby
the
packet
will
reach
router
I,
which
will
decorate
the
packet
and
send
it
finally
to
horse
B.
So
this
is
pretty
much
how
an
ultra
brief
introduction
on
list.
B
So
rubber
alder
arrived
it
a
nice
interaction
on
hip,
so
I
am
going
now
to
focus
on
on
to
the
gap
analysis.
So
this
is
light
is
trying
to
show
conceptually
what
this
ID
log
protocols
have
in
common.
What
the
cutting
common
is
that
we
have
identified
to
located
infrastructure,
which
is
used
both
for
nodes
to
publish
their
mappings
and
for
other
hosts
to
retrieve
the
mappings
okay.
So
these
conceptual
so
I'm
not
right
going
into
the
details,
but
we
more
or
less
can
agree
that
this
is
what
happens
typically,
when
we
follow
this
pattern.
B
So,
as
pana
were
saying
one
of
the
issues
that
we
have
or
something
happening
when
we
follow
this
kind
of
paradigm,
is
that
a
moral
node
whenever
it
is
moving
for
each
hand
over?
It
will
obtain
a
new
locator
which
will
publish
into
this
infrastructure,
which
means
that
it
is
somehow
easy
for
an
attacker
to
track
the
location
of
this
mobile
node
just
right
by
querying
the
infrastructure?
Okay,
you
don't
actually
need
to
change
any
packet.
You
just
have
to
pull
it
infrastructure
and
you
will
be
able
to
track
the
location
of
this
morale.
B
So
this,
of
course,
raises
privacy
concerns
now.
The
solution
that
we're
proposing
is
to
define
policies,
so
users
should
be
able
to
define
policies
which
are
stored
into
these
ideas,
infrastructure.
That
will
be
enforced
now
the
policies
are
related
to
I,
want
to
control
how
this
mapping
information
is
disclosed
and
who
can
query
it
and
who
cannot
quiet.
So
in
this
very
simple
example,
the
host
on
the
left,
they
can
define
an
access
policy
which
can
be
as
simple
as
I
want
to
be
reached
only
by
people
in
my
workplace.
This
is
just
an
example.
B
You
will
store
this
policy
into
the
areas
infrastructure
which
will
then
enforce
it
now.
What
will
happen
is
that
attackers
won't
be
able
to
track
you
if
this
policy
is
enforced,
while
legitimate
users
will
be
able
to
obtain
the
information
for
packet
exchange,
so
the
god
that
we
have
identified
it
is
that
existing
protocols
typically
assume
that
identified
the
location.
Information
is
public
and
the
ideas.
What
ideas
introduced
is
the
notion
of
privacy
regarding
this
information,
so
privacy
means
fine-grained
access
policies
to
enable
custom
disclosure
of
identity,
identifiers
and
locator
information.
B
B
So
now,
let's
introduce
the
concept
of
identity
which
is
central
to
a
Venus,
so
why
we
need
to
introduce
the
conservator
entity.
I
mean
there
are
many
reasons,
but
one
of
the
reason
or
our
way
and
easy
way
to
understand
it
is
this,
although
there
are
other
reasons,
is
that
it
is
very
easy
if
I
want
to
prevent
cracking.
What
I
can
do
is
I
can
use
a
familiar
identifiers
right,
so
I
can
use
a
few
more
identifiers
and
I
can
throw
them
away,
so
I
tracking
becomes
way
harder.
B
The
problem,
if
you
use
always
a
similar
identifiers,
is
that
legitimate
users
won't
be
able
to
reach
you.
You
need
some
sort
of
permanent
identify,
and
this
is
one
of
the
roles
of
the
identity.
Sorry
lambda
t
it
is
expected
to
be
permanent.
This
is
still
under
debate
and
I
will
say
that
at
least
it
has
to
be
understood
that
something
which
is
very
long-lived.
Okay,
then,
if
the
identity
is
wrongly,
if
we
can't
have
identifier.
So,
in
this
case,
a
host
can
publish
the
identity.
B
Identifier
identifies
two
locator
mappings
and
an
access
policy
and
then
use
a
familiar
identifiers
for
communication
with
other
hosts.
This
can
start
event
tracking
and
also
can
help
prevent
that
other
people
or
people
that
are
monitoring
the
network
and
see
to
whom
I'm
talking
to
an
Saba.
So
the
god
that
we
have
identified
identified
is
that
well
identify
locator
protocol.
They
rely
or
identifier
locators.
B
While
ideas
introduces
this
notion
of
identity,
which
is
unique
per
entity,
it
should
be
permanent
or
at
least
very
long-lived,
and
it
should
be
tied
to
the
policies
that
we
were
discussing
before
and
never
be
revealed
over
the
wire.
Then
the
file
can
be
understood,
then,
from
a
different
perspective.
You
can
see
it,
and
this
is
an
analogy.
So
this
is
just
an
allergy,
but
you
can
understand
it
as
a
session
ID,
which
can
so,
which
means
that
can
be
ephemeral
and
can
be
transmitted
over
the
wire
and
clear
because
it
should
not
be
revealed.
B
It
should
not
be
tied
to
any.
It
should
prevent
disclosing
any
private
information
regarding
the
event,
while,
finally,
the
locator
pretty
much
identified
its
it
has
exactly
the
same
meaning
as
in
in
in
the
IP
log
as
paper.
So
the
third
gap
that
we
have
identified
is
that
I'm
sorry,
this
is
a
mistake.
An
eyelash
should
be
on
the
other
plane,
but
the
third
job
that
we
have
identified
is
that
when
you
start,
when
you
have
multiple
ID
locks
with
paradigms,
each
one
is
defining
its
own
infrastructure
right.
B
So
here
the
idea
is
to
develop
a
common
infrastructure
to
support
a
consistent
policies
and
so
on.
So
the
gap
is
that
the
existing
protocols
offered
the
wrong
mapping
service
for
identified.
Key
locator
and
ideas
introduces
this
common
infrastructure
for
identity
to
identifiers
and
identifiers
to
locator
mappings
working
always
with
existing
protocols,
so
to
offer
consistent
policies
and
to
what
is
never
match.
So
this
is
the
last
slide,
which
is
a
very
short
summary
of
the
three
gaps
that
we
have
identified.
B
So
first
we
introduce
the
notion
of
identity,
which
has
its
own
life
cycle,
which
is
different
by
identifiers
and
requirement.
We
have
a
strong
requirements
in
terms
of
privacy
which
are
tied
to
the
identity
and
should
be
understood
that
usually
fine
and
fine
grain
access
control
policies
and
finally,
this
common
infrastructure.
So
questions
I.
D
P
If
you're
talking
about
identity
in
a
fixed
Network,
maybe
the
scope
of
the
problem
is
simpler
and
you
can
attack
it
and
solve
the
problem
much
easier
than
when
you
are
in
a
mobile
scenario.
You
have
the
visited
Network,
the
home
network
and
the
intermediate
network
that
are
basically
delegating
some
of
the
functions
between
the
two,
like
you
have
seen
their
IP
sphere
and
grx,
and
so
what
is
the
scope
of
ideas
here?
This
mobility
brings
a
new
dimension
to
this
problem,
so.
B
I
F
S
D
K
D
Have
about
24
minutes
left
in
this
session?
What
I'm
gonna
do
is
I'm
gonna
allow
for
an
open
discussion
up
until
about
10
minutes,
and
then
I've
got
some
questions
and
if
those
questions
are
answered,
the
way
I
think
they're
gonna
be
answered.
Then
we
may
go
over
what
may
be
parts
of
the
Charter,
but
I
want
to
make
sure
everybody
understands
the
problem
statement
in
the
gap
analysis
so
that
we
have
a
coherent
conversation
about
whether
or
not
there
is
work
here
for
the
I
to
have
to
be
done.
K
A
So
taking
a
quick
read
of
the
Charter
I
will
say
that
simply
it's
way
too
dense
and
you
should
go
and
probably
take
three
quarters
of
it
out
just
from
experience
and
getting
sort
of
groups
chartered.
You
want
something
very
lightweight
and
very
flexible
that
you
can
build
stuff
around
and
a
lot
of
that
can
be
sort
of
done
on
the
list
as
well.
So
that's
just
my
opinion.
A
Having
you
know,
sort
of
sort
of
spread
up
working
groups
in
this
and
and
the
ad
seem
very
much
more
agreeable
to
sort
of
spitting
able
working
group
with
a
very
lightweight
charter
that
can
be
it.
You
know
flexible,
give
you
some
space
and
you
guys
are
really
trying
to
be
very
specific
about
stuff,
which
is
great
you're
thinking
about
stuff,
but
you
know
give
yourself
some
room
in
case
you
get
to
go
down
the
road
and
you
realize
oh,
we
have
to
go
backwards
and
do
something
else
right.
Oh.
T
T
A
Yellow
document
weird
yeah
cuz
that
wasn't
I,
know
we
weren't
going
to
talk.
We
were
gonna
talk
about
here
and
we
weren't
sure
if
that
thing
was
really
gonna
move
forward.
So
how
about
a
show
of
hands
from
the
use
case
document
so
I'd
say
about
half
of
what
was
from
who
read
the
problem
statement
and
gap,
analysis
that
seemed
about
right
from
yeah,
okay,
so.
D
O
Listening
at
Albert's
presentation
on
the
gap,
analysis
and
looking
at
bad
maths,
slides,
especially
the
one
that
was
trying
to
define
what
are
the
work
item
of
the
working
groups,
I
think
there
is
a
bit
of
a
disconnect
from
Albert's
presentation.
The
takeaway
is
that
the
focus
is
on
the
meta
protocol,
that
is,
between
existing
mapping
system
and
a
higher
level
mapping
system
that
provides
the
service
of
Safavid
separation
between
identity
and
identifiers
and.
O
That
is
what
I
take
away
from
Albert's
presentation.
Right
is:
okay,
there
is
a
service
where,
given
an
ID
separation
protocol,
whatever
it
is,
there
is
a
way
that
if
we
have
concern
about
privacy
about
access
control
to
the
mapping,
I
can
use
this
protocol.
The
idea
protocol
to
to
basically
do
that
mapping
when
I,
look
I
think
slide.
8
is
the
one
that
I
think
also
Luigi
was
referring
to.
O
In
that
slide,
there
are
various
pieces
of
work
that
are
suggested
and
some
pieces
are
at
the
meta
level
between
the
first
level,
mapping
protocols
and
the
higher
level
mapping
protocol,
but
some
pieces
are
also
between
other
data
planes,
the
like
green
arrows
there
between,
for
example,
either
in
ila
those
refer
to
control
plane,
that
is
a
mapping
protocol
like
keep
or
like
or
like
lists
so
I.
Think.
O
E
C
E
Are
still
things
that
need
to
be
discussed,
we're
not
saying
that
it
has
to
be
there,
but
as
nothing
exists,
there
might
be
other
things
coming
out.
Do
we
want
to
do
that
or
not
what
I
mean
scope
or
not?
This
is
still
up
in
here.
I
think
that
this
is
further
down
the
road
and
we
don't
want
to
go
there
right
now
and.
O
E
U
Am
the
coach
I
am
so
as
far
as
I
understand
this,
you
are
saying
today
we
have
different
services
applications.
They
all
use
some
or
could
benefit
from
some
kind
of
identifier
mapping,
so
for
aim
solution
for
finding
locators
and
so
on.
So
there
could
be
a
benefit
in
yeah,
defining
a
generic
anything
service,
and
if
you
do
that,
you
could
also
have
this
additional
privacy
feature
and,
for
example,
have
policies
that
can
control
unwanted
communication,
for
example.
U
U
U
I
Moskowitz,
there's
definitely
one
the
use
case
we
want
to
handle.
We
want
to
have
it
so
that
devices
I'm
looking
for
Padma
and
I
want
to
talk
boys
to
her
and
well
you're,
not
in
her.
You
hear
her
list
of
friends
go
away
or
get
connected,
so
it's
that
sort
of
discovering
how
to
do
it,
maybe
beyond
our
ability
or
we
make
be
able
to
achieve
it.
I
So
that's
good,
take
it
to
the
list,
because
that
is
really
one
of
the
things
that
we
would
like
to
say
here
is
the
SIP
phone
discovery
service
here
is
the
this
one
here.
Is
that
what
can
we
find
a
way
to
sum
up,
more
map
them
together,
or
maybe
it's
too
big?
You
don't
know,
let's
give
it
a
good.
Let's,
let's
give
it
a
go.
I.
H
Just
my
name
is
Uma
I
just
want
to
add
about
what
he
said.
Like
you
know,
the
sick
mapping
system
you
talked
about
and
I
am
that's
completely
different
to
mind.
I
get
sick
I
am
is
completely
an
application
to
mind.
That's
not
we're
talking
about
this
is
for
network
layer,
Network
layer
separation
from
identify
what
the
fraction
it's
not
application.
A
K
C
K
So
it's
the
corner
comment
is
that
I,
actually
don't
really
have
an
opinion
about
this
particular
proposed
work
other
than
that?
It's
probably
related
to
that
the
need
and
desire
to
do
the
the
IP
locators.
Please
work
in
general,
so
that
probably
should
be
a
guidance
for
us,
but
the
question
I
had
and
and
I
worry
I
was
listening
to
this
and
you
guys
talked
about
identity
and
identifiers.
K
At
least
some
of
the
presentations
or
presenter
said
identity
is
it's
a
permanent
thing
and
it
could
be
that
it's
just
a
sort
of
philosophical
difference
or
construct
and
and
and
I
have
no
reason
to
worry,
but
I
certainly
wouldn't
like
to
see
a
situation
where
sort
of
like
I'm
a
let's
say
a
you
know
he
posed,
or
user
and
and
I
would
have
some
infrastructure
that
I
have
to
have
an
identity
relationship
with,
and
then
whenever,
when
I
change,
my
identifiers
add
more
identifiers.
I'd
have
to
be
somehow
interacting
with
that
infrastructure.
K
I
Being
thought
extensively
and
in
the
design
group
we
have
spent
hours
on
this
point
already
and
we
know
and
and
I
know
we
have
to
comedy
I-
think
most
residue
as
well.
So,
yes,
we
talk
about
identity
as
being
permanent
but
which
identity
is
privileged
to
which
ones
are
not,
and
our
identities
really
permanent.
It's
it's
there's
different
opinions
on
this
and
I.
Don't
think,
there's
one
answer
so
I
confirming
my
worries.
I
D
I
D
V
B
D
V
V
D
D
V
Yeah,
what
I
mean
it's
fine,
if
you
say
the
scope
is
up
getting
identity
to
work
with
locator
ID
separation
protocols,
that's
the
entire
scope
mine,
but
you
know
there's
other
approaches
to
this
identity
problem
that
effort
for
for
host
and
network
layer
should
I
accept
this
package.
Should
someone
be
able
you
know,
should
someone
be
able
to
vouch
for
this
packet
sort
of
things
that
you
know
you
at
least
thought
of
people
ought
to
understand?
What's
been
done,
I
was
there.
V
A
Yes,
it
sometimes
needs
to
do
that,
because
then
you
can
sort
of
focus
on
stuff,
and
you
know
sometimes
you
get
pulled
away
in
the
things,
but
I
think
some
of
these
are
probably
you
guys,
probably
have
already
looked
at
sort
of
thought
about
and
sort
of
you
know
yes,
so
just
to
give
it
some.
You
know
friendly
friendly
suggestion
sort
of
thing,
though,.
D
F
D
My
ears,
I,
was
definitely
more
of
a
of
a
favor
of.
There
is
work
here
for
the
ITF
to
do
so
now,
I'm
going
to
put
people
on
the
spot
if
there
was
a
working
group
forum-
and
there
was
work
to
be
done,
such
as
writing
perhaps,
and
reviewing
drafts,
raise
your
hand
if
you're
going
to
contribute
to
it.
Just.
W
On
the
previous
one,
before
you
move
on
:
Jennings,
sir
I
think
that
when
a
lot
of
people
name
sorry
Collin
Jennings
as.
W
Think
that
a
lot
of
us
when
we
think
the
work
is
somewhat
undefined
and
if
you
had
asked
the
original
question,
as
do
you
think
the
problem
in
the
Charter
statement
as
written
is
well
defined,
I
think
you
would
have
gotten
an
even
less
ambiguous,
hum
I
think
when
we
don't
know
what
the
work
is.
It's
really
hard
to
answer
the
question:
is
there
a
report
for
the
ITF
to
do
here
so
I
wouldn't
read
too
much
into
that
second
hum,
given
the
results
of
the
personal.
R
D
So
I
do
agree
with
with
Cullen
that
there
is
a
little
bit
of
nebula
sness
in
the
question.
Given
it
some
people
don't
think
the
problem
is
well-defined.
This
is
really
more
for
just
a
sense
of
of
what
people
are
thinking
here,
but
if
there
was
work
to
be
done
here
in
the
IETF,
who
would
be
active
participants
as
either
writing
documents
or
reviewing
documents,
please
raise
your
hand.
D
Yep
thanks
all
right.
Any
any
parting
questions
are
the
chairs
plans
going
forward
is:
is
we're
going
to
sit
down
with
Alvaro
and
have
a
discussion
about
what's
been
going
on
and
what
the
what
we
take
away
from
from
the
session
yeah.
S
And
just
to
find
out
Kristin
Padma,
but
it
for
a
year.
Ramon
is
my
name,
and
there
was
a
short
discussion
on
the
IRS
G
mailing
list
discussing
whether
or
not
this
was
more
suitable
as
a
research
group,
rather
than
the
working
group
I.
Just
wanted
like
to
hear
is
having
this
discussion
around
not
being
well
defined.
Trusting
to
hear
your
thinking
behind
why
you
shifted,
as
for
working
group
rather
than
a
research
group,
yeah.
I
Hamas,
which
I
don't
mean
to
put
words
in
Dino's
mouth,
but
Deena
and
I
have
been
working
this
area
for
a
long
time
and
I
think
we
have
maybe
a
little
different
view
of
what
would
benefit
versus
the
some
of
the
other
people.
So
there's
gonna
be
a
little
bit
of
negotiation
coming
together
about
how
things
aren't
working
and
what
pieces
are
going
to
be
done.
I
So
it
is
little
undefined
right
now
as
we're
trying
to
shake
out
exactly
what
protocols
or
function
out
and
other
things
which
need
to
be
defined
to
get
this
to
work.
So
there's
no.
The
first
level
discussion
is
no.
How
does
this
infrastructure
work?
What
things
are
it's
providing
and
how
does
it
work
then?
How
do
then
build
around
what
ITF
already
has
what
maybe
be
augmented
so
that
we
can
then
deliver
this
this
particular
functionality?
I
A
And
one
of
the
things
that
sort
of
we
think
about
sometimes
at
least
I-
think
about
in
the
DNS
base,
is
how
would
we
solve
this?
You
know
if
we
were
just
a
bunch
of
software
hackers.
You
know
who
had
no
access
to
any
sort
of
network
protocol
that
we
would
just
write
a
bunch
of
code
and
how
would
we
do
it
sort
of
thing
right,
so
I
sort
of
you
know,
or
you
sort
of
pose
that
question
as
well
to
get
people
sort
of
thinking.