►
From YouTube: IETF 115 Internet Architecture Board (IAB) Open Meeting
Description
The Internet Architecture Board (IAB) will hold an open meeting 16:30-17:30 UTC on 8 November 2022 providing the usual updates on various administrative and operational topics.
A
Okay,
hello,
everybody.
We
start
one
minute
early,
because
we
have
a
very
full
agenda.
My
name
is
Mia
kuderman
I'm,
the
IV
chair.
A
Meeting
okay,
this,
the
IV
open
meeting,
is
a
meeting
hosted
by
the
IAB,
but
we're
still
part
of
the
ietf,
and
so
the
ietf
note
well
applies,
which
means
everything
you're
saying
here
is
a
contribution
to
the
ietf,
and
you
should
note
well
all
the
policies
and
IPR
regulations
we
have
and
we
should
also
be
friendly
to
each
other,
which
we
always
are
right
now.
This
will
be
a
great
reading.
So
yes,
yes,
meeting
tips.
A
A
We
do
require
masks
except
you're,
actively
speaking
at
the
mic
or
in
front
here,
and
we
do
require
to
be
nice.
It's
on
the
slide
once
again,
because
it's
so
important
this
session
will
be
recorded
and
will
be
live
streamed.
So
we're
exciting.
A
A
If
you,
if
you're
too
shy
to
go
to
my
clan
today
and
tell
us
what
we're
doing
around,
you
can
also
send
us
email
and
there
are
different
ways
to
reach
us.
You
can
reach
and
each
of
us
individually.
You
can
reach
me
at
the
IB
chair,
but
you
can
also
send
us
email
to
the
IMB
mailing
list
and
but
be
aware:
it's
not
only
the
IB
on
that
list,
a
few
more
people,
so
that's
listed
here.
If
you
want
a
more
public
discussion,
especially
on
architectural
considerations.
A
We
have
the
architecture
discuss
list
and
we
have
lists
for
each
program,
which
is
only
one
at
this
point
that
you
can
engage
with
and
if
especially
one
important
role,
we're
having
is
liaison
coordination.
So
if
you
have
a
question
about
liaison,
they
have
a
special
mailing
list
for
that
so
feel
free
to
reach
us
on
any
of
these
ways.
A
Foreign,
the
exciting
part
of
the
meeting.
We
have
a
few
updates
that,
in
order
to
keep
you
up
to
date
with
what
we're
doing-
and
one
thing
we
are
doing
is
we
do
happen
to
publish
documents
from
time
to
time
and
we
happen,
and
we
published
just
two
documents
which
are
both
reports
to
recent
workshops.
A
So
one
is
for
the
eight
Workshop
that
we
had
last
year
and
the
other
one
is
the
workshop
for
measuring
Network
quality
for
end
users.
We
reported
in
both
of
these
workshops,
really
nice
workshops,
a
lot
of
good
contributions,
and
now
you
have
to
report
the
final
version
of
it
out
there
as
RC
we're
working
also
on
documents
that
are
supposed
to
provide
architecture,
guidance,
and
we
have
two
documents
that
are
basically
ready
for
publication.
A
The
past
English
collaboration
document
already
got
a
round
of
last
round
of
community
feedback,
so
this
one
is
actually
ready
to
go
and
you
will
soon
see
an
RFC
and
the
protocol
maintenance.
We
will
do
another
round
or
like
a
final
round
of
community
feedback,
but
there
was
a
lot
of
work
on
this
document
lately.
So
the
IB
thinks
this
document
is
in
very
good
shape
and
you
will
see
an
email
about
this
soon
or
maybe
it's
already
out
I'm,
not
sure
and
just
very
quickly
quickly.
A
We
also
have
two
documents
that
we're
considering
to
adopt
in
the
IAB
one
document.
We
we
already
had
a
presentation
last
iob
open
meeting.
So
you
should
be
aware
this
is
the
minimization
document.
We've
got
very
good
feedback
after
the
session.
There
has
been
a
vision,
and
mainly
we're
also
clarifying
what
the
difference
to
the
system,
privacy
considerations
and
because
that
also
talks
about
data
minimization.
But
we
believe
there's
more
to
say
here.
A
A
Okay,
besides
documents,
we
also
have
this
tool
of
technical
programs
that
we
use
to
do
work
and
engage
with
the
community
and
currently
we
we
just
closed
recently,
and
that
was
also
discussed
at
the
last
IB
open
meeting.
We
closed
the
Model
T
working
group,
it
doesn't
mean
there's
no
work
to
be
done
and
we
just
think
the
work
needs
to
be
done
in
the
ietf,
but
you
can
still
use
the
architecture
discussion
and,
if
you
have
anything
to
discuss
in
that
relation
foreign
active
program,
we
have
is
the
EDM
program.
A
That
program
didn't
have
a
meeting
since
the
last
ITF
meeting
and
but
there's
the
progress,
and
mainly
their
focus,
was
on
this
protocol.
That
I
was
just
talking
on
this
document.
I
was
just
talking
about
about
protocol
maintenance,
so
that's
the
main
focus,
but
you
can
also
see
the
current
status
about
other
things
that
that
will
be,
or
are
in
scope
for
this
program
and
based
on
GitHub
issues.
So
if
you're
interested
in
in
these
things,
please
look
at
the
issues.
Please
comment:
please
subscribe
to
the
mailing
list
or
talk
to
the
chairs.
A
Okay
liaison
updates.
We
will
have
a
slightly
longer
update
coming
up
next
from
Russ
about
IEEE.
This
is
something
we
started
the
last
meeting
that
we
actually
asked
one
of
our
lizard
coordinators
to
talk
about
the
respective
organization,
because
we
hope
that
is
helpful
to
the
community
and
then
just
like
one
little
news
here.
A
We
one
of
our
tasks
is
also
to
maintain
and
Lease
our
managers,
so
we
had
Alison
Menken
who
served
us
as
a
result
manager
for
a
very
long
time
and
great
thanks
for
that,
and
she
asked
us
to
step
down,
and
so
we
had
to
find
a
replacement,
and
so
Warren
is
happily
taking
this
up.
Thank
you.
Thank
you
to
both
Ellison
Edward.
A
The
next
Workshop
we
are
I'm
going
to
take.
You
just
missed
the
deadline
yesterday,
but
if
you
actually
want
to
contribute-
and
maybe
there's
still
a
tense
I,
don't
know
talk
to
to
Yari
and
the
other
program
committee
members,
but
this
Workshop
is
definitely
coming
up
beginning
of
December
first
week
of
December,
and
this
will
be
an
online
Workshop.
A
A
Okay,
that
was
the
quick
update
and
we
will
next
go
to
Russ,
except
somebody
has
an
agenda
patch.
That
would
be
your
opportunity.
D
So
this
relationship
is
has
been
going
on
for
a
long
long
time.
Obviously,
but
it
got
written
down
in
RFC
7241,
which
is
actually
an
update
to
an
earlier
RFC,
but
it
describes
the
way
that
the
two
organizations
by
Triple
E
project
data
2
and
the
ITF
choose
to
cooperate.
D
D
So
each
meeting
cycle,
both
the
ITF
and
the
IEEE
802
each
meet
three
times
a
year,
and
so
between
each
of
the
meetings.
So
roughly
February,
June
and
October.
D
We
will
have
kind
of
a
coordination
call
to
find
out
what's
going
on
with
the
other
group,
so
802
will
present
the
things
that
they
are
considering
beginning
work
on.
These
are
called
project
approval,
requests
in
their
terminology,
and
we
will
talk
about
the
boff
sessions
that
are
coming
up
just
basically
to
make
sure
that
each
of
us
is
aware
of
what's
going
on
in
the
other
and
not
surprise
each
other,
and
then
we
have
a
list
of
things
that
are
of
mutual
interest
where
we
want
to
collaborate.
D
So,
each
time
a
working
group
is
formed
or
each
time
a
project
is
begun.
On
the
802
side,
we
ask
the
question:
is
this
a
thing
where
there's
coordination
needed
the
further
from
the
layer
to
layer?
Three
boundary?
You
are
the
less
likely
there'll
be
coordination,
so
if
you're
down
at
the
physical
layer,
we're
probably
not
going
to
be
talking
about
this.
If
you're
at
the
application
layer,
it's
probably
not
going
to
be
on
the
coordination
list,
but
the
closer
you
get
to
where
the
groups
rub
against
each
other.
D
That's
where,
where
we
talk,
it's
also
when
new
projects
get
started,
they're
shared
on
the
new
work
mail
list
and
we
basically
solicit
reviews
on
these
calls
as
well.
Okay,
this
Topic's
coming
up
make
sure
that
you
take
a
look
at
that
Charter.
This
documents
become
stable
and
we
think
you
have
an
interest
in
it.
Please
review
and
historically
much
of
the
collaboration
has
actually
fallen
on
individuals
who
participate
in
both
groups.
I,
don't
think!
D
That's,
unnatural
and
I
think
it's
actually
very
valuable
and
right
now
we
have
a
couple
groups
that
straddle
that
line,
like
the
detnet
group
has
some
dependencies
on
the
time-sensitive
networking
work
that
is
going
on
in
802,
and
there
are
people
who
are
participating
in
both
groups
and
making
sure
that
the
information
about
what
one
is
doing
is
Flowing
to
the
other.
Next
slide.
Please.
D
So
the
liaison
managers
we
have
several
I
provide
the
liaison
management
from
the
iitf
to
the
IEEE
standards.
Association
Dorothy
Stanley
is
who's.
Actually,
the
chair
of
802.11
was
named
as
the
liaison
from
the
full
project
802
back
to
the
ITF
and
Peter
Yee
for
the
just
the
Wi-Fi
part.
D
The
guidance
regarding
these
when
to
do
formal,
Liaisons,
as
opposed
to
just
informal
coordination
from
the
ITF
is,
is
in
BCP
103
and
there's
a
similar
policy
level
document
in
802
at
that
URL
and
there's
two
URLs.
If
you
want
to
learn
more
about
the
way
that
the
collaboration
is
done
and
the
minutes
from
those
collaboration
calls
and
so
on
next
slide,
so
protocol
parameter
out
parameter
allocation
goes
on
differently
in
the
two
groups.
D
Ayanna
has
to
do
with
the
way
that
we
would
allocate
a
parameter
and
the
IEEE
side.
They
have
the
IEEE
registration
Authority,
which
has
a
committee
that
oversees
it
called
the
rack
and
I
always
think
of
that
and
think
about
here
in
London,
the
rack,
but
anyway
the
they
have
an
oversight
group
that
does
the
the
technical
side
and
we
have
various
Iana
parameter
allocation
policies.
Whenever
it's
a
scarce
resource,
of
course,
we
require
standards
action
when
it's
a
bigger
code
space.
D
We
have
less
stringent
rules
and
there
are
some
rules
about.
There
is
an
oui,
the
top
24
bits
of
a
MAC
address
assigned
and
Diana
has
special
rules
for
if
you
need
one
of
those
how
to
get
one,
there
are
a
few
Registries
that
are
are
joint
use.
D
D
So
in
summary,
the
the
two
groups
have
a
great
working
relationship.
Informal
Communications
between
the
leaders
is
really
important,
because
then
they
know
each
other.
So
whenever
some
friction
occurs,
basically
they
know
each
other.
They
can
talk
to
each
other.
It
helps
a
lot
as
opposed
to
the
cold
call,
and
these
coordination
sessions
that
happen
three
times
a
year
really
do
help
identify
potential
areas
of
collaboration
or
friction.
D
The
point
is
to
identify
the
both
as
early
as
possible
and
when
we
do
identify
a
place
where
there
is
friction,
we
have
held
face-to-face
meetings
either
a
breakfast
session
at
an
ITF
or
a
session
at
the
an
802
meeting,
and
occasionally
we
have
meetings
in
the
same
place
in
back-to-back
weeks,
and
when
that
happens,
we
make
sure
the
leadership
gets
to
spend
a
little
bit
of
time
together
so
again
that
they
know
each
other
Juan.
E
E
We
will
have
some
discussions
at
the
interior
this
week,
so
for
people
that
are
interested
and
seeing
a
real
life
example
of
one
of
these
coordinations.
We
will
Lively
discuss
exactly
how
to
best
coordinate
this
Ayanna
registry
with
the
highee
802
registry
and
some
incoherences
that
we
are
finding
out
and
some
opportunities
to
make
it
work
better.
Okay.
So
if
anyone
is
interested
in.
D
Meter
types,
another
topic
where
there's
been
a
lot
of
collaboration
of
late
is
on
Yang
modules:
correct,
making
sure
that
when
802
develops
one
the
the
Yang
doctors
review
it
and
so
on.
So
it's
I'm
glad
it's
working,
Barry,
hearing,
Cube
foreign.
F
D
There's
been
30
some
of
them.
That's
all.
I
can
remember
so
at
roughly
quite
quite
some
years,
yeah
exactly.
G
Well,
coordination's
good,
but
I,
remember
the
first
Wi-Fi
security
holes
being
identified,
and
then
it
was
like
five
years
before
those
were
fixed
and
then
another
15
years
before
they
were
really
fixed
and
I'm
still
trying
to
connect
up
to
my
manage
my
Wi-Fi
devices
in
the
house
and
I'm
still
not
seeing
Solutions
out
of
Wi-Fi
world
and
I
think
that
we
should
not
be
too
deferential.
D
So
there
are
some
examples
where
we
have
done
that
after
coordination,
like
Warren,
had
the
captive
portal
Group,
which
was
intended
to
solve
a
small
piece
of
that
problem
and
and
certainly
I,
think
we
have
other
examples,
but
I
would
discourage
just
grabbing
a
space
without
talking
so
that
you
know
you're
grabbing
a
particular
piece
of
the
problem.
When
we
surprise
each
other
is
when
things
get
most
ugly.
A
Yeah.
Thank
you.
That's
a
very
good
last
sentence.
If
you
have
more
questions
about
IEEE
talk
to
Russ
or
if
you
have
questions
about
liaison
talk
to
us,
the
IB
and
we're
rushing
towards
giving
us
a
report
about
one
of
our
latest
workshops.
H
Yep,
so
we
just
held
a
workshop.
This
will
be
really
short
because
you
should
go
watch
the
Youtube
videos,
rather
than
listen
to
me,
try
and
summarize
it,
but
we
had
a
workshop
on
managing
encrypted
networks.
I
think
it
went
off
fantastically.
It
was
sort
of
three
days
long.
The
purpose
of
the
workshop
you
know
is
there
on
the
slide,
that's
sort
of
the
most
important
sentence
that
says
this
Workshop
was
to
discuss.
H
How
do
we
improve
Network
management
as
encryption
kind
of
keeps
ramping
and
ramping
up
on
the
Internet,
which
is
both
good
for
end
users,
but
it
does
make
some
things
like
traffic,
prioritization
and
other
management
techniques
difficult.
So
we
divided
the
workshop
into
three
different
two-hour
sessions.
They
were
two
hours
each
day
from
a
Monday
to
Wednesday.
The
first
one
was
you
know:
where
do
we
go?
Where
are
we
now?
How
does
the
world
exist?
What
are
the
requirements
and
passive
observations?
The
second
one
is:
where
do
we
want
to
go
right?
H
What
do
we
want?
Where
do
we
want
to
get
to
what
are
the
collaboration
principles
and
then
the
final
day
was
on?
How
do
we
get
there?
What
are
what
are
like
the
future
thinking?
How
do
we?
How
do
we
actually
make
progress
next,
so
the
result
was
an
excellent
three
days.
As
I
said,
there
was
roughly
35
participants
every
day,
roughly
I
think
it
was
a
little
bit
less
on
each
day,
but
it
rolled
a
little
bit
and
the
topics
and
presentations
included.
H
You
know
a
lot
of
things:
I
listed
sort
of
four
bullets
out
of
a
bunch
of
stuff.
There
was
a
number
of
talks
that
were
given
and
a
lot
of
discussion
and
they're
all
available
on
YouTube,
as
I
said
that'll
be
on
the
next
slide.
But
how
do
we,
you
know
manage
encrypted
traffic?
H
Sorry,
you
know:
how
do
we
do
this
in
a
data
center
kind
of
world?
There
was
actually
a
good
talk
about
how
it
actually
is
being
done
in
a
data
center
World.
What
are
the
benefits
and
motivation
for
collaboration
and
I?
Think
to
me
that's
one
of
the
biggest
takeaways.
How
can
we
get
end
users
to
actually
tell
their
isps
what
they
need
when
they're
encrypting
their
traffic
in
a
way
that's
safe
for
them?
So
that's
actually
so
there's
there's
a
bunch
of
good
proposals
for
doing
that.
H
All
right
now
you
can
go
on.
So
this
is
sort
of
the
final
list.
I
should
say.
The
one
thing
that
I
forgot
to
put
on
these
list
is
thank
you
to
the
program
committee.
So
I
will
do
that
now.
The
program
committee,
you
know
consisted
of
mattering
notable
and
amiria
kudwin,
Tommy,
Pauley,
restaurant
and
and
Chi
Wu.
So
thank
you
to
all
of
those
members
and
then
the
YouTube
recordings.
Are
there
they're
only
two
hours
each,
so
you
can
put
them
on
fast
forward.
H
If
you
want
and
you'll
learn
a
lot
from
them,
so
I
suggest
you
look
at
them.
A
A
I
I
I
Perfect,
all
right,
hey
everyone,
I'll,
just
give
a
five
minute
rundown
on
a
new
document
we
have
published.
We
haven't
discussed
it
much
on
list
yet,
but
this
is
a
early
preview
of
it
and
it's
talking
about
partitioning
as
an
emerging
architecture.
We
see
in
the
space
of
protocols
that
are
trying
to
enhance
privacy,
and
so
I've
been
working
on
this
with
miria,
as
well
as
Chris
Wood,
who
has
been
contributing
as
a
non-iab
member.
I
This
is
kind
of
core
to
what
Ojai
is
doing
for
oblivious
HTTP,
it's
one
of
the
reasons
that
motivates
mask,
which
is
doing
HTTP
based
proxies
that
can
proxy
UDP
and
IP
traffic,
it's
very
fundamental
to
PPM,
which
is
a
meeting
going
on
right
now
about
collecting
metrics
and
splitting
them
up
between
different
entities
before
rejoining
data,
and
it's
also
fundamental
to
privacy
pass,
which
is
all
about
being
able
to
authenticate
or
prove
some
property
about
a
client
using
information
and
attestation
from
a
different
path
or
a
different
entity.
I
So
these
have
many
different
use
cases,
but
they
all
benefit
in
a
privacy
aspect
from
partitioning.
So
this
can
be
about
separating
out
client
IP
addresses
from
the
user
data.
It
can
be
separating
user
authorization
from
actual
content.
Access
like
in
privacy
pass
or
it
can
be
separating
the
client
identities
from
metrics.
I
So
partitioning
for
privacy
is
an
emerging
architecture
pattern
that
we
see.
So
we
think
it's
something
that
we
should
comment
on
and
help
explain,
because
you
know
collectively,
as
an
ITF
Community,
we
need
to
work
on
ways
to
discuss
analyze
and
evaluate
these
protocols
and
what
they
have
in
common,
because
we
don't
think
this
is
a
pattern,
that's
going
to
go
away,
but
it's
something
that
we
don't
have
a
lot
of
language.
For
already,
so
you
can
read
the
document
as
a
high
level.
I
It's
talking
about
privacy,
contexts
as
the
things
that
are
partitioned,
where
a
context
is
a
group
of
entities
that
share
us
a
common
view
of
data
and
metadata
and
So
within
a
context.
I
The
data
and
identifiers
are
all
correlatable
and
all
shared,
and
so,
in
order
to
partition
data,
you
need
to
split
contexts,
and
that
happens
either
through
encryption
or
through
literally
just
having
separate
connections
over
space
or
time,
and
those
two
building
blocks
are
what
go
into
making
all
of
those
different
protocols
that
we
mentioned
before
so,
for
example,
in
oblivious
HTTP,
you
end
up
with
various
different
contexts
of
who
can
see
what
based
on
different
encryption
boundaries.
I
This
is
just
one
of
the
examples
we
go
through
in
the
document
and
so
out
of
this
we
think
there
are
a
lot
of
interesting
observations
we
can
make
that
you
know.
First
partitioning
is
just
a
tool.
It's
a
building
block
that
we
see
it's
not
a
Panacea.
It
doesn't
mean
that
you're
private
by
default,
there's
a
lot
of
Reliance
on
non-collusion,
and
you
have
to
make
sure
that
you're
selecting
the
boundaries
of
what
is
in
your
context
and
who
is,
in
your
context,
very
carefully
to
have
a
good
effect.
I
We
talk
a
bit
about
the
impacts
on
manageability
of
data.
We
mentioned
that
it's
important
to
think
about
performance
and
also
the
fact
that
there
are
still
attacks
that
you
can
do
by
looking
at
traffic
analysis
and
other
patterns
to
understand
what
data
is
going
on.
So
this
is
only
part
of
the
puzzle.
I
So,
in
conclusion,
read
the
document
provide
input.
This
is
early,
but
we
think
it's
going
to
be
a
important
contribution
to
future
work
in
the
ITF.
Thank
you,
foreign
and
if
there
are
any
questions
right
now,
happy
to
hear
them.
I
C
Can
I,
okay
exchange
I
think
you
know
what
I'm
going
to
say,
but
yeah
I
think
that
well,
this
is
an
important
discussion,
but
then
I
mean,
depending
on
how
this
is
deployed
and
designed
on
the
economic
incentives
on
the
policies
and
so
on,
Technical
and
not
technical
parts
of
it.
This
might
actually
provoke
more
centralization
and
less
privacy
than
actually
distribute
and
create
more
privacy.
C
I
Thank
you
and
I
think
that's
exactly
the
type
of
commentary
and
discussion
that
belongs
in
this
document,
so
it
can
say
Hey
you
know
just
because
your
partitioning
data
doesn't
mean
that
it's
always
the
right
thing
to
do,
or
you
need
to
be
careful
in
how
you
do
it.
A
Okay,
perfect:
this
document
was
just
the
zero
zero
version
posted
and
if
you
want
to
provide
more
comments,
you
will
see
a
call
for
feedback
or
a
call
yeah,
that's
kind
of
how
we
call
it
differently.
It
doesn't
matter.
You
can
comment
on
the
architect
to
discuss
list.
Okay,
let's
move
on.
B
Hey
everyone
so
I'm
going
to
take
over
with
our
last
with
that
last
half
of
our
program
today.
So
it's
really
excellent.
We
are
about
five
minutes
ahead,
because
I
think
the
next
two
invited
talks,
we're
gonna,
Sparkle
out
of
discussion
and
it'd,
be
also
great.
If
our
presenters
don't
feel
too
rushed.
So
first
I'm
going
to
ask
Simone
if
you
can
come
on,
we've
got
your
your
slides.
A
K
I
requested
I.
B
F
L
Now
my
own
presentation,
that's
cool
okay.
So
let's
start
thanks
for
inviting
me
here.
I'm
Simone
I
work
at
Uni
here
what
I'm
going
to
provide?
You
is
a
bird
view
of
this
report
that
we
wrote
about
a
surgeon
censorship
in
Iran
during
the
first
weeks
of
the
Maza
amini
protests.
L
So,
let's
see,
okay,
I
can
also
progress.
Slides,
fantastic,
okay,
I
will
first
to
tell
you
what
we
are
so
your
free
software
product
who
needs
a
free
software
project.
We
started
in
2012
and
what
we
do
basically
is
to
provide
people
with
tools
that
they
can
install
on
their
phones
or
or
on
their
desktops
or
command
line
tools
with
which
it
can
run
tasks
from
the
address
from
their
own
tools
from
their
own
computers
to
measure
censorship.
L
And
then
those
data
is
submitted
to
us
and
we
publish
it
and
since
2012
we
covered
more
than
200
countries
and
published
more
than
a
billion
measurements
and
yeah.
L
The
the
way
in
which
many
users
interacts
with
the
tool
is
that
it's
a
mobile,
app
or
a
desktop
where
you
can
choose
categories
of
tasks
to
run
so,
for
example,
in
this
presentation,
I'm
going
to
show
you
results
from
the
websites
kind
of
tasks
where
there
is
a
set
fuels
that
we
choose
and
that
we
basically
we
track
four
when
the
task
is
running,
but
we
also
passed
instant
messaging
apps
by
tracking
services
that
are
relevant
to
them.
L
So
those
are
the
two
most
important
group
of
tasks
that
we
we
are
going
to
discuss
then,
like
what
happens,
is
that
users
runs
the
uniprobe
tool
and
then
submit
measurements
to
our
backend,
which
is
the
gray
thing
in
there
and
then,
eventually,
we
have
an
API
to
access
the
measurements
and
the
there
is
a
website
called
Lumi
Explorer,
which
allows
to
see
individual
measurements
or
to
group
measurements
together,
produce
charts,
Etc,
and
that
creates
value
for
researchers,
including
us
and
users
that
want
to
explore.
All
of
that.
L
In
particular,
we
have
this
tool
called
math
measurement,
aggregation
toolkit,
which
is
allows
anyone
to
produce
charts
and
those
charts.
Basically,
are
the
charts
that
I'm
going
to
use
that
we
used
in
the
original
reports,
so
that's
the
tool
and
and
yeah
you
can
basically
reproduce
the
charts
that
I'm
going
to
show
for
yourself
using
this
tool
so
now
that
I
have
set
the
stage.
Let's
so,
let's
enter
into
the
report
itself.
L
Slash
reports
on
our
website
is
the
directory,
where
we
publish
all
our
reports,
the
specific
one
that
I'm
going
to
tell
you
the
high
level
results
of.
Is
this
one
on
like
on
Iran
after
the
a
few
weeks
after
the
beginning
of
the
protest,
we
actually
finished
it
on
the
25th
of
September,
and
so,
let's
before
before,
I
I
show
you
some
of
our
results.
L
Let's
say
that,
as
you
probably
already
know,
there
was
lots
of
censorship
in
Iran
before
and
there
were
a
few,
a
few
services
that
were
available
and
the
I
like
the
tldr
of
this
report
is
that
the
situation
became
worst
quite
worst,
but
but
still
it's
important
to
remember.
The
starting
point
was
not
good
at
all.
L
So,
let's,
for
example,
start
to
to
see
one
of
the
charts
that
we
included
into
the
report.
This
is
about
DNS
over
https
and
there
are
rows
in
this
chart.
Each
row
is
a
service
that
you
can
use
to
Doh,
and
then
each
bar
is
a
the.
The
height
of
each
bar
is
the
number
of
measurements
we
collected
in
a
single
day
in
Iran,
and
then
there
are
those
colors,
it's
a
stat
plot.
L
So
basically
the
the
amount
of
a
color
that
you
see
is
the
percentage
of
that
color
on
that
day.
Okay,
green
is
obvious,
so
nothing
to
say
here
then
we
have
these
two
colors
that
are
red
and
yellow
and
red
is
confirmed.
L
What
this
means
is
that
there
are
signatures
with
and
other
people
doing,
research
on
this
field
as
collected
over
time
that
you
can
find,
for
example,
in
HTTP
bodies
or
in
the
DNS
replies
that
are
a
clear
indication
of
censorship,
and
when
we
see
those
signatures,
the
measurement
is
flagged,
as
confirmed
now
in
the
case
of
Iran,
where
all
like
Iran
is
many.
Many
are
private.
Ip
addresses
inside
the
country,
and
there
are
a
few
of
them
a
few
of
these
bobans
that
are
well
known
to
be
associated
with
censoring.
L
So
when,
when
we
in
this
specific
case,
when
we
found
those
backgrounds,
we
said
rad,
okay,
this
measurement
really
direct
attempt
of
sensory,
then
yellow,
is
mostly
unexpected
network
errors.
So
cases
that
you
will
see
in
Iran
are
most
often
you
perform
at
the
last
hand,
track.
But
you
plan
out
during
the
entry-
and
there
is
some
filtering
that
depends
on
the
client
to
know
or
the
endpoints
that
that
will
use
what
cause
the
handshake
to
time
out
or
in
other
case
that
is
frequent
in
Iran.
L
Is
that
utcp
or
not,
but
your
time
out,
because
the
connect
never
terminate?
So
those
are
the
yellow
cases
that
we
see
here
like
without
going
too
much
in
that,
but
just
to
say
that
we
know
by
inspecting
them
as
Romans
that
what
we
had
was
a
superimposition
of
anomalies
and
confirmed.
So,
for
example,
you
see
that
there
that
there
are
these
three
services
that
were
already
filling
with
anomalies
and
those
anomalies
were
mostly
telecentrics.
L
Now
on
the
21st-
and
this
is
basically
the
pattern,
so
we
can
see
the
same
pattern
across
other
kind
of
services,
so
WhatsApp
was
working
before,
and
this
is
notable
because
a
signal,
for
example,
was
tampered
with
in
Iran
before
and
also
telegram
was
and
WhatsApp
installed
was
working
and
there
we
have
a
bunch
of
services
that
are
relevant
to
WhatsApp
and
they
on
the
21st
again
turned
yellow
starting
and
anomalies.
L
The
same
happened
for
Instagram,
which
was
one
of
the
few
social
networks
that
was
still
working
in
the
country
and
again
on
the
21st,
those
many
services
that
are
useful
to
Instagram.
They
became
basically
anomalies,
so
mostly
tls-centric
timing
out
so
about
stores
the
stores
like
for
book
apple
and
Google's
Play
Store.
What
happened
is
that
I?
L
It
started
not
working
a
few
days
later
and
what
what
happened
is
that
they,
the
censorship,
was
mainly
targeting
the
services
that
are
useful
to
install
applications,
but
the
rest
was
working
so,
for
example,
your
foreign
for
the
App
Store
after
a
certain
hour
of
the
20.
Second,
all
tasks
start
failing
and
providing
these
confirmed
results
and
the
same
happened
for
the
Play
Store,
where
play.google
app
is.com
seems
to
be
very
important
for
installing
new
applications
and
yeah.
The
rest
was
mostly
working
but
yeah.
L
So
to
summarize,
on
top
of
an
already
a
big
like
censorship
condition,
people
from
Iran
started
not
being
able
to
use
DNS
server
https,
which
reduced
their
opportunities
to
that
good
IP
addresses
and
then
the
instant
messaging
tool
that
was
working
started,
having
issues
and
then
social
networks
such
as
LinkedIn
and
Instagram
were
not
working
anymore
and
stores
from
which
you
can
install
tools
like
siphon
or
Lantern
or
Thor
to
circumvent
circumvention.
They
were
not
working
anymore,
so,
basically
yeah.
This
is
what
we
observed
at
the
beginning
of
the
process.
B
Thanks
a
lot
simana,
so
we're
going
to
wait
until
the
end
of
our
invited
talks
are
finished
for
questions
and
so
we'll
go
ahead
and
invite
Masa
up.
So
Masa
works
at
the
Article
19,
which
is
I
just
for
disclosure
purposes,
I
used
to
work
there
as
well,
she's,
also
a
senior
researcher
in
the
Mina
region
at
at
the
University
of
Oxford
as
a
PhD
candidate.
So
we're
really
excited
to
have
her
come
up
to
talk
more
about
what
activists
are
seeing
on
the
ground.
B
As
you
know,
folks
are
actually
dealing
with
these
shutdowns
and
we
also
have
her
slide.
So
we're
going
to
give
you
we've.
Given
you
a
little
bit
of
a
more
technical
view
of
what
the
shutdowns
are
looking
like,
and
this
is
just
more
of
the
the
real
human
side
of
things
as
well
and
so
I'll
yeah.
Let
Masa
go
ahead.
B
B
M
Sure
hi
everyone.
A
M
Yeah,
like
Mallory,
said
I
work
at
Article,
19
I'm,
a
senior
researcher
focusing
on
the
Mina
region
and
for
the
past
seven
weeks,
I
guess
our
teams
working
on
Iran
have
been
full
on
working
on
this
issue.
M
M
So
the
last
time
we
saw
something
on
this
scale
was
back
during
November
of
2019
in
Iran.
Of
course,
protests
have
been
continuous,
they
I
mean
even
before
this
round.
There
were
protests
in
different
provinces
over
different
issues.
M
Like
you
know,
water
crises,
food
crises
and
things
like
that
and
every
time
there
are
internet
disruptions
and
there
is
some
sort
of
restrictions
on
access
online,
so
the
largest
scale
of
shutdowns
we
saw
was
during
November
2019
and
so
for
a
period
of
over
a
week,
the
entire
country
kind
of
essentially
went
offline
from
the
international
internet.
There
was
access
to
you,
know,
National
internet
services,
and
so
you
know
some
of
you
might
have
heard
of
November
2019
in
terms
of
what
they
did.
M
Clearly,
the
digital
repression
was
accompanied
by
you
know:
offline
severe
brutality.
The
difficulty
in
documenting
how
many
people
were
killed
in
the
darkness
of
the
shutdowns
has
been
obviously
has
meant
that
we
don't
know
the
exact
figures.
Amnesty
International
has
verified
something
around
300
people
who
have
died,
but
estimates
say
they're
actually
closer
to
1500.
People
were
killed
by
authorities
while
protesting-
and
you
know,
there's
been
a
lot
of
research
by
Article,
19
and
Amnesty
International.
M
To
show
that
you
know
these
crimes
against
life
were
largely
facilitated
by
internet
shutdown.
So
these
technical
discussions
have
very
real
impact
on
you
know
just
the
right
to
life
and
the
right
to
protest
in
Iran,
so
at
Article
19
we
did
really
in-depth
research
to
kind
of
look
at
the
anatomy
of
what
happened
during
2019..
M
Even
though
there
was
a
kind
of
international
shutdown,
there
wasn't
kind
of
an
off
switch
and
so
there's
a
map
behind
me
of
what
the
internet
looked
like
in
2019.
In
terms
of
how
isps
were
organized
so
basically,
what
we
see
is
there
wasn't
necessarily
A
centralization
in
how
the
internet
was
shut
off,
but
there
has
been
a
centralization
in
terms
of
how
isps
are
organized
and
so
most
civilian
connections.
If
you
can
see
up
there
in
the
blue,
originate
from
the
Telecommunications
infrastructure
company
of
Iran.
M
And
so
there
is,
you
know,
a
communication
regulatory
Authority
that
tells
the
various
isps,
what
kind
of
restrictions
they
have
to
place
on
their
users,
and
so
you
know
the
level
of
shutdowns
occurred
really
at
the
ISP
levels.
In
that
way,
and
so
you
know,
our
research
did
indicate
that,
despite
you
know
the
centralization
and
governance,
there
hasn't
necessarily
been
a
centralization,
an
infrastructure.
After
2019
there
were
continued
growth
in
you
know,
internet
exchange
points
facilitating
more
connections
to
the
international
internet.
M
So,
despite
the
fact
that
you
know
there
has
been
a
lot
of
talk
about
how
Iran
is
trying
to
nationalize
its
internet
or
move
towards
a
kind
of
North
Korean
national
internet
infrastructure,
it
is
still
you
know,
investing
in
international
connections.
So
that's
interesting.
So
this
brings
me
to
what's
happening
now
next
slide,
so
there
were
a
lot
of
lessons
learned
from
2019
in
terms
of
what
these
shutdowns
did
for
the
Iranian
economy.
M
Clearly,
there
were
billions
of
dollars
lost
to
the
Iranian
economy
in
2019
when
there
was
a
week
week-long
shut
down
from
the
international
internet,
and
so
like
every
kind
of
protest
crisis
that
has
occurred
in
this
country.
M
There
has
been
a
period
of
very
deep
thought
and
development
by
authorities
in
terms
of
Lessons,
Learned
and
2019
was
one
of
these
periods,
and
so
one
of
the
reflections
was
how
to
make
digital
repression,
essentially
more
efficient
and
less
costly
for
the
government,
and
one
of
the
means
that
really
was
developed
was
the
policies
and
Technical
underpinnings
of
this
particular
bill.
M
That's
called
the
user
protection
bill
or
in
Persian
it's
called
parisianet
and,
of
course,
the
user
protection
bill
is
not
necessarily
to
protect
Iranian
users,
it's
more
to
protect
Iranian
authorities
and
really
leave
Iranian
users
vulnerable,
and
so
there
are
a
number
of
different.
You
know
Draconian
articles
within
this
bill.
M
This
bill
is
so
unpopular
that
even
really
conservative
Hardline
elements
in
Iran
like
Iran's,
you
know
student
besiege
forces
have
you
know,
protested
this
bill,
and
you
know
student
besiege
are
some
of
the
most
Hardline
authoritarian
groups
in
Iran
and
so
there's
deep
unpopularity
about
the
bill,
because
it's
going
to
severely
hurt
the
economy.
M
That,
essentially
gives
you
know:
white
lists
for
internet
access
as
opposed
to
You
Know
The
Blacklist
that
currently
exists,
and
so
how
does
the
government
go
about
technically
disabling
access
to
vpns
and
so
at
Article
19?
We
had
been
trying
to
understand
how
this
is
happening,
and
so,
as
far
back
as
October
2021,
we
started
seeing
evidence
of
you
know
a
very
sophisticated
development
of
this
kind
of
technology.
So
during
October
2021
there
wasn't
necessarily
any
protests
in
Iran.
M
You
know,
a
specific
focus
on
tampering
and
disconnecting
VPN
protocols,
and
so
there's
actually
you
know
a
testimony
from
a
network
engineer.
We
spoke
to
where
he
was
saying
that
basically,
the
health
of
the
network
was
severely
deteriorating
at
that
point,
as
they
were
testing
these
different
forms
of
what
seemed
like
the
packet
inspection
against
the
circumvention
methods.
M
So
it
did
seem
like
they
were
really
working
on
this
effort.
If
you
go
to
the
next
slide-
and
of
course
this
now
brings
us
to
right
now
so
since
September
16,
when
Masa
or
Gina
amini
died
after
being
in
custody
with
the
morality
police,
we
immediately
saw
protests.
They
started
at
her
Hospital
in
Tehran
on
the
16th
and
they
spread
to
be
National.
M
Internet
access
is
mostly
facilitated
through
mobile
internet
data,
and
so
it's
very
significant
and
protests
typically
surge
around
4
P.M
between
4,
P.M
and
1am,
and
so
the
major.
If
you
go
to
the
next
slide,
some
of
the
major
mobile
carriers
in
Iran
up
here,
we
have
Iran
cell
reitel
and
Hamra
Ava.
These
are
the
most
used
mobile
carriers
in
Iran,
and
you
can
see
by
this
period
of
time.
M
During
these
protests
we
have
clear
moments
where
you
know:
there's
mobile
curfews-
and
you
know
after
the
mobile
curfews,
and
we
can
see
a
surge
in
Mobile
use
next
slide,
and
so
another
thing
we've
been
seeing.
Although
we
haven't
been
seeing
National
shutdowns
we've
been
seeing,
you
know
select
days
where
internet
is
shut
down
in
specific
regions
where
there's
the
highest
protest
brutality.
This
is
a
snippet
from
one
day
from
October
8th
to
the
9th
in
the
province
of
Kurdistan.
Masa
amini
was
from
Kurdistan.
M
M
So
like
I
mentioned
I,
think
the
biggest
and
most
concerning
aspect
we're
seeing
is
how
they
are
attacking
circumvention
technology.
At
the
moment,
and
of
course
this
is
really
important
because
you
know
within
the
first
few
days
of
the
protests
most
remaining
and
most
popular
foreign
internet
services
were
blocked.
So
Instagram
was
the
most
used
social
media
in
Iran.
It
was
blocked
within
a
few
days
of
the
protests.
M
Whatsapp
was
blocked
within
the
first
few
days
of
the
protest
and
slowly
most
as
our
colleagues
at
Uni
said,
most
foreign
services
or
really
any
kind
of
Foreign
Service
were
communication
or
coordination
could
occur,
has
been
blocked,
and
so
this
also
is
part
of
the
overall
plans
that
were
in
place
for
the
bill,
and
not
only
did
they
do
this,
but
they
blocked
the
App
Store
so
when
they
blocked
app
stores
like
Google,
Play,
Store
and
Apple
App
Store.
This
means
that
when
you
know
the
existing
vpns
are
disabled,
it's
very
hard.
M
There's
a
new
hurdle
in
getting
new
functional
and
secure
vpns
Iran
is
well
known
for
having
you
know,
National
vpns
that
are
well
known
to
be
operated
by
authorities
who
monitor-
or
you
know,
pick
up
data
from
the
vpns
that
they
make
themselves
so
secure.
Vpns
is
a
major
issue
and
we
have
noted
that
there's
a
large
majority
of
Iranians
are
using
kind
of
national
vpns
where
the
security
is
very
shady,
and
so,
like
I
mentioned
and
like
our
uni
colleagues
also
alluded
to.
M
There
has
been
different
kind
of
evidences
of
what
they're
doing
to
make
circumvention
really
difficult.
So
you
know
we're
guessing,
there's
very
sophisticated.
The
packet
inspection
we've
also
seen
increased
blocking
of
encrypted
DNS,
and
you
know
complete
blocking
of
HTTP
3
and
quick
traffic
I'm,
not
a
particularly
you
know,
technical
person
into
the
fine-graining
of
this,
but
I'm
sure.
A
lot
of
people
in
this
room
are
aware
of
this,
so
these
are
some
of
the
things
that
we've
been
seeing
next
slide.
M
So
this
essentially
brings
us
to
what
can
be
done.
I
mean
you
might
have
been
following
the
most
I
guess
headline
grabbing
a
solution
to
what's
been
happening
in
Iran,
which
is
you
know,
Elon
Musk,
saying
he's
going
to
send
starlink
to
Iran.
This,
you
know
seems
like
you
know,
a
a
perfect
solution.
I
guess
an
ideal,
but
it
is
a
little
bit
unclear
how
the
security
and
safety
of
that
would
work
in
terms
of
how
you
know,
Uplink
connections
for
satellite
internet
would
be
detected
and
would
lead
to.
M
You
know
severe
offline
repression
of
anyone
with
starlink
in
Iran.
What
I
do
think
the
focus
should
be
is
on
circumvention
technology.
So
how
do
we
develop
tools
to
address
what
Iran
is
doing?
M
You
know
there's
been
Mallory
was
noting
she
was
reading
a
report
about
how
there's
been
you
know,
Imports
of
this
kind
of
Technology
from
China
to
really
Advance
what
they're
doing
to
attacks
or
convention
tools,
and
so
how
should
we
be
helping
Iranians
kind
of
join
this
battle
against
very
sophisticated
attacks,
sophisticated
anti-censorship
attacks
and
so
there's
I
think
a
lot
of
different
things
that
can
be
done.
M
One
of
the
things
that
we
have
been
looking
at
is
the
opportunities
that
have
been
been
made
available
with
a
particular
law
in
the
United
States,
which
is
Tech.
Sanctions
have
been
loosened
at
the
start
of
this
protest,
so
the
U.S
treasury,
basically
added
cloud
computing
and
Cloud
platforms
to
technologies
that
can
legally
now
be
made
available
to
Iran.
So
things
like
gcp,
Google,
Cloud
platforms
are
at
the
moment,
blocked
in
Iran
from
the
Google
side
and,
of
course,
things
like
gcp
can
easily.
M
You
know
because
of
the
change
in
regulation.
It
could
legally
be
available
in
Iran.
Technically
gcp
can
be
now
legally
made
available
in
Iran,
but
Google
has
been
slow
to
make
this
change.
M
M
Some
of
you
might
know
in
2018
domain
fronting
was
closed
down,
there's
a
wide
array
of
reasons,
I
guess
for
why
this
was
closed
down,
but
at
the
time
there
was
a
push
to
work
with
these
companies
so
that
they
would
basically
stop
complying
with
the
sanctions
that
blocked
their
services
in
Iran
and
make
domain
fun
domain
fronting
functional,
most
famously
signal
use
the
Google
app
engine
for
its
circumvention
strategy,
but
of
course
that
was
disbanded
when
domain
fronting
was
disabled
by
all
three
companies,
and
so
these
are
some
of
the
recommendations
that
we
have
I'm
sure
a
group
full
of
Engineers
and
technologists
would
have
more
recommendations
and
I
hope.
M
All
your
expertise
can
help
join
this
battle
for
internet
freedom
in
Iran.
Thank
you.
B
So
we
do
have
a
bit
of
time
if
folks
want
to
get
in
the
queue
and
share
all
of
your
ideas
for
how
to
do
for
convention
better
or
other
comments
or
questions
you
might
have.
G
G
We
have
to
think
in
terms
of
two
buckets
in
that
anything
we
do
is
going
to
be
subject
to
counter
circumvention,
and
you
know
there
was
the
old
thing
of
one
war,
one
rifle,
and
so
as
soon
as
we
had
tour
and
the
original
democracy
protests
after
the
stolen
election
Iran,
you
know
they
basically
worked
out
how
to
get
through
tour,
and
then
we
saw
the
attacks
on.
Did
you
notar
and
my
company
at
the
time
Komodo
that
came
out
of
that?
G
G
However,
the
cryptographic
technology
there
we
can
provide
you
with
some
building
blocks
that
should
help
go
through
the
then
the
stagnography
can
operate
on
and
you
know,
Quicks
won't
start
on
that.
I've
got
a
slightly
more
hard-boiled
traffic
analysis
resistant
approach.
G
We
can
maybe
go
further,
but
that
might
be
how
we
can
kind
of
like
do
a
standards
component.
That
is
reusable,
but
there's
always
going
to
have
to
be
some
tactical
development.
On
the
stagnographic
front.
N
Hi
I,
just
I,
think
just
mentioned
just
tour
wasn't
explicitly
mentioned
in
these
slides
here,
but
it
seems
traditionally
being
a
place
where
tour
is
used
and
it's
still
used
like
right
now.
I
mean
if
you
look
in
the
on
the
Tour
website.
There
are.
There
is
this
sort
of
a
fair
number
of
users
who
are
still
using?
There
are
certain
kind
of
connection
technique,
transports
that
have
been
blocked,
but
not
all
of
them
have
like
Snowflake
and
OBS
V4
and
all
that
are
possible.
O
First,
those
were
two
great
talks.
Thank
you
for
inviting
them,
and
thank
you
for
coming
and
talking
to
us
so
Philip
said
some
interesting
things
and
I.
Think
sort
of
there
is
a
role
for
the
iitf
here,
but
it's
already
irtf
here,
but
it's
not
necessarily
like
standardizing
anything
right,
but
there
are
people
that
that
are
sort
of
looking
at
machine
generating
circumvention
techniques.
O
I
think
we
might
have
even
given
them
an
applied
networking
research
price
a
while
ago,
but
so
those
things
were
basically
try
to
learn
about
weaknesses
in
this
in
in
the
inspection
and
blocking
Technologies
by
creatively
using
our
protocols
and-
and
you
know,
basically
playing
with
the
headers
playing
with
a
packet
traces
to
to
confuse
those
boxes
right
and
it's
an
arms
race.
B
Talk
a
little
bit
about
what
I've
seen
also
to
point
people
to
a
draft
that
is
in
the
Privacy
research
group
on
censorship
techniques.
So
that
was
also
noted
over
the
course
of
its
development,
maybe
seven
years,
that
it
changes
all
the
time.
B
But
it's
useful
to
write
it
down.
It's
useful
to
talk
about
it.
I
think
that
we
do
have
examples
of
work
that
ietf
does
on
maybe
standardizing
Frameworks
within
which
people
work,
I,
don't
know
a
lot
about
Yang,
but
I
get
the
idea
that
that's
kind
of
what
it's
about
and
I
would
say
that
the
work
that
the
community
has
done
so
so
sort
of
the
Civil
Society
Community,
the
folks
that
are
really
trying
to
keep
the
internet
on
for
everybody
all
over
the
world
they're
definitely
two
strong
camps.
B
There
are
those
that
measure
the
censorship
like
uni
and
Simona
and
others,
and
then
there
are
the
folks
that
are
building
tools
or
tool
Bridges
or
things
like
that
to
actually
respond
to
exactly
the
thing
that
you've
all
identified,
which
is
that
it's
a
moving
Target
and
what
some
of
those
things
are
called.
It's
a
general
bucket.
B
It
doesn't
necessarily
mean
any
one
specific
tools:
plugable
transports
where
you
have
things
like
you
know:
tour,
maybe
doesn't
work,
but
something
like
snowflake
is
sitting
on
top
of
tour
to
help
people
get
on
it
better
and
then
once
you're
on
the
network,
then
it's
harder
to
be
it's
harder
for
your
traffic
to
to
be
seen,
and
things
like
that,
so
that
work
happens,
I
think
it
would
be
great
actually
to
have
it
happen
in
the
ietf
OR
to
figure
out
how
to
bring
that
Community
here
more
often,
so
that
they
can
get
the
critical
feedback
from
you
all
who
are
simultaneously
developing
whole
protocols
like
quick
but
then
also
might
be
swept
up
in
this
problem
where
just
the
protocol
itself
is
getting
blocked.
B
Something
I
think
is
fairly.
A
new
trend
in
censorship
is
to
just
block
Things
based
on
protocol.
That's
new!
We
don't
want
that
to
happen.
So
how
can
we?
How
can
we
also
mitigate
that
issue
so
yeah
anyway,
thanks
so
much
masa
for
coming
thanks?
Everyone
for
your
feedback
and
attendance
and
I
think
we're
closing
out
the
IAB
meeting
for
this
session.
Thanks.