Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
Internet Engineering Task Force / IAB / 13 Nov 2020
Internet Engineering Task Force / IAB / 13 Nov 2020
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: COVID-19 Network Impacts Workshop, 2020-11-13

Description

Recording from Day 3 of the Internet Architecture Board's COVID-19 Network Impacts Workshop.



Day 1 Video: https://youtu.be/RTJNaE7TnGA
Day 2 Video: https://youtu.be/tleJg1_SGXM

Workshop home page: https://www.iab.org/activities/workshops/covid-19-network-impacts-workshop-2020/

A

Okay, so we are now being recorded, uh welcome back to day three, um so here's the I'll just I have two more slides and I'll come back to this to bash it. um These are the urls just as a reminder.

A

uh Yari is volunteered to help. Take some notes, um but I think you know people doing it. Collaboratively is good, so go to the pad and take notes of interesting things.

B

To be clear, I volunteered to take part of the node, so other people are doing that as well is required not optional.

A

Yeah, so more people better notes, hopefully yeah, uh there's the workshop thing and the gift repo slides for today these slides are in the git repo um and my last slide is some to do's. um So on the pad. Can you check at some point that your name and affiliation is at the top in the list of people at the top?

A

um If you go and look up the urls, if you made a submission, just check the right version, because there's some people updated some stuff, um we may or may not have gotten it all correct uh for the mic line for today. If, if and when we do need a mic line, just use the uh convention of putting in q plus or plus q, or something in in webex chat like I just did and I'll try and keep track of that. If I mock it up, then just yell at me.

A

um We notes we're done uh towards the end of today. We've also kind of looked for some feedback about the format of this workshop um yep any id. You know. How should we think about this? If we're going to have other workshops in the future and post pandemic, even um and after we'll start drafting or continue drafting the workshop report, I think that's in the git repo that murray has created a file there.

A

So you know please do read and comment to that with send me out to the list.

A

So with that, uh I just I wanted to just bash the agenda. So this is your chance to bash the agenda.

A

Annie.

A

Is everybody happy with that agenda understands what it is, I'm just looking for the slides with dscp right now, so.

A

Oh pdf.

C

Dominic's sent through a slide to you on email, a short while ago to see them. If you picked it up.

A

I have that yes, okay yeah, so I think that that'll be in, I presume, that's in you know either the second or third bullet there on security or what we forgot.

A

Okay, if that's gender, looks good, then.

D

Okay, so uh jordan, I put this together, um I'm sort of talking for a second about as an application type of guy that runs stuff over the network network. What I wish the network gave me and he's going to talk a little bit about why I might not be able to get that. um So let me just jump into this pretty quickly here.

D

um So next slide um the particularly as people have moved to doing all this web conferencing remote learning uh online, that you know we have all kinds of people working from home, obviously, and one of the real issues with that is prioritizing the packets on the uh downlink to people's homes, cable, whatever whatever the technology is for that, there's there's no way of really doing that and we end up with all of our stuff really mixed together, and I think that a big observation for me that came out of this covet thing and it had to do with with youtube and others moving their bandwidth rates down was the last thing in the world that those that the vendors of those services wanted to have happen.

D

Maybe not the last thing in the world, but one thing that they were not didn't want to have happen. Is people say I've got to go to my class. Now the other people in the house need to stop watching uh netflix or youtube or whatever. It is because my you know, my online class doesn't work while you're doing that.

D

um So it's actually was an interest to make it possible for people to still use the experience but to reduce the quality of the experience at some level um in a way that that allowed everything to work together, and they went there's a lot of discussions back and forth between various companies on this between various lawyers and how to decide how to to do that and make it work. And I it worked out, it did work out. um You know most points in time.

D

At most places you could run uh a video streaming service and a web conferencing application simultaneously. uh The the, but that would be would have been a crop load easier to do. Had there been some way to and would have worked a lot better if there was some way to prioritize data going down the downlink and, of course this has been known for many years.

D

We'd like to do this, but it's always been one of those things like this won't work, because somebody else will steal all the bandwidth of it and it will be no fair way to allocate- and I think the observation from covid that's a little bit or from this copy 19 times is a little bit different. Is that was actually wrong. Our assumptions about people's uh motivations, only the big apps matter, okay, if tons of little small apps decide seal it, it makes almost no difference.

D

It's only what the large gorillas that use significant bandwidth across people's do matters. Users at home can turn on and off apps and use them or not use them in ways that control what happens to their network and they have a desire to have something to have on their network and the various uh competing services. Whether you know youtube, webex, zoom uh netflix. All of these it's in their interest to find a way to prioritize that traffic to work together.

D

um So if there was a very simple sort of less than best effort and a sort of higher and lower priority sort of a very minimal, just sort of code point marking on the down link to the home, I think it would help a lot on that, um whether that's possible or not. I mean we'll go to the next slide in just a second here, but that's that's sort of the desired goal from an application point of view. Does that make sense or any questions about the?

D

What the desire is not the discussion of the reality of delivering that desire.

E

I think jason has a question in the.

D

Chat, ah l4s jason, I mean jason. Can you just comment on that and talk about a little bit. I mean there's no better person in the world to discuss this than you.

F

I I don't know about that, but you know I guess the question is um you know: there's been a lot of debate about the sort of last remaining code point in l4s being one of those things so like a lowly um marking that could be used by an app, and you know something that doctors networks are working on at the moment.

F

But you know this has been discussed for a while, I mean honoring. Dscp markings has always been challenging across the main borders, of course, uh but uh you know maybe just pointing out in your example here a potential use case. It would be interesting, so I did. I sort of wonder generally, you know is that the use case that l4s could fill.

D

Yeah, I think alforas would spill with no problem or I think, there's many ways to skin this cat l4s, I think, probably, would meet the needs, and I, my personal belief, is the first set of isps in the world that managed to offer a great gaming experience. That's better are just going to have this viral marketing mechanism um going for them. That's going to be insane, um but you know.

E

And so I want to jump in here uh with with, I think two things I think cullen. I think why.

D

Would go to the next slide? Why don't you do that slide.

E

Well, so so I want to talk about your your slide for just for one second, so so you mentioned just prioritizing the downstream and you didn't mention prioritizing the ups.

E

So if I have multiple different services in my home or multiple different users, there may be different tiers. Maybe I care more about you know my place, the chip, I care about my school kids school video chat, or maybe I care more about this.

E

uh You know the kids school video chat that I do uh you know my work chat, because I can go and move to. You know a cellular network or something where the you know for my one hour, audio call or something uh or something else. um So so I I think we need to remember you know the the by you know. Obviously the internet is bi-directional and there's different buffering behaviors. uh You know c c buffer bloat, that that exists in devices when they end up queuing and prioritizing packets and and that behavior.

E

So I think we need to be mindful of that.

D

Sure totally.

G

I don't.

D

Mean to over to over simplify that, but all of these apps, like all these apps, are doing gift serve code point markings across the wi-fi network and inside the home and the home wireless routers, gnats things whatever do do something with those fairly often now all the things they do are sort of wrong, but they're not so wrong. We can't sort of make it work, so that's that hasn't been our biggest pain point.

E

And- and I think the second thing is that quite often, there's not uh there's, uh there's not a diversity of provider selection available and that also poses its own challenge is that you know you may be stuck with like a dsl or docsis network option. You know, or maybe a fiber to the home versus docsis as the two solutions and you may not. It may be challenging for an end user to actually get the network service uh that they desire.

E

So so, even if you say hey, I I'm gonna switch to jason's network because it's better for gaming, jason's network isn't universally available, because maybe it's time warner, cable or something in that area or uh or sorry a charter or maybe it's you know, atlas or some other cable company. I.

D

Look so we've had many problems about. You know whether a broadband access is a duopoly or monopoly or what cartel or whatever it is, but I mean that I, this doesn't help solve any of those things but boy in the places where there are. I. I think that that problem is a separate problem which will take care of it, which does take care of itself. You know uh over time, um but right now we don't have the technology for them to compete on that level like there's. No, you know it's difficult.

D

I think today I look. I I shouldn't even say these words. I don't run with these. You go both both of you guys do, but uh it does. It seems difficult for people to compete on this network would be really awesome for gaming uh or for zoom calls uh today than than just basically yeah we offer you know. However, many megabits per second of downloading.

A

So so we have a couple questions uh um larry. I think your question was in first and then andrew.

H

Hi one of the things people have expressed an interest in is just some kind of diagnostic that they could tell whether or not the problem is their problem with their video call is that other people in the house are using up the bandwidth to play, games names or it's somewhere down link or it's not even your connection at all. It's somebody else's problem. It's really hard to diagnose these things, either on the fly or any given time I mean.

H

Maybe this is a simple tool that people can use to figure out why their bandwidth is being limited and make an informed choice about you know you go and tell everybody to turn up the video and it doesn't actually help with you at all.

D

Look it's very true, and this is a constant problem. I think all the app you know, people clone up webex and say your webex call sucks and we don't know whether it's webex was the problem or the wi-fi network was the problem or the wan link was the problem, and it's generally it's quite often one of those three. But it's really hard to tell which one of the three to blame.

H

Oh, what what kind of diagnostics or tools could you use to help people make more informed choices.

D

Being able to talk to the access point and get privacy sensitive information about what was going, what what was happening across the the wi-fi link versus what was happening across the wan link upstream of that would be really amazingly useful, uh and I think that you know that's an area that itf could drive standards on. Is it's how to get management diagnostics, information from access points um about the apps on fl, in in about the apps on flows, I want to be very highly priced at privacy's institute.

D

I don't think you have to reveal information that the app doesn't already know you're, just revealing which side of the access point. The problem happened on.

A

uh

C

Yeah, so so a couple of points just to chime in with uh their first one, which is also, I think, popped up in in the chat, um the sort of us markets conditions are not uh the same, so the conditions in other markets are not the same as in the us, um so in other words, and I've seen this in in other for so f4 there's a low level knowledge, certainly in some of the uh apps developers, about the conditions that apply in non-us markets, which causes decisions to be made which are non-optimal in most of the world or lots of other parts of the world, certainly markets far bigger than the us.

C

So I think that can be an issue. I'm not saying that's necessarily true here, but it's certainly an issue in some discussions.

C

um It also occurs to me that to answer some of these questions um and again, I've seen these surface in other places, maybe occasionally talking to the some of the service providers, would be a good thing and I'm not suggesting by the way that column wasn't going to get there on on this or hasn't done that in the past uh I should add, and then finally, some of these problems could be solved by service providers.

C

I believe, but I would politely observe that some of the developments within the itf and direction of travel is, is to obscure a lot of this data to make it impossible for service providers to do network management to provide a good user experience, and I don't think some of the people doing the protocols fully understand the implications of what they're doing and that from an end user experience point of view. That can be really bad and, dare I say, not consistent with rfc 8890, for example.

C

um So I thought just throw those in for discussion.

A

So, actually I I'll just interject myself briefly before I go to brian I mean I don't disagree on what you're saying andrew. However, the people are encrypting protocols for good reasons, and we need to remember that too. So I think we have brian in the queue.

D

Right this is uh webex. I get to unbeat myself uh yeah, so I'm gonna get through this whole thing without saying spin bit um you're late. uh I think there's like so I I I gonna. You know what I said in the in the um the chat. Is you know a lot of environments, uh sort of like either cloud development, environments or sort of like large? You know development environments like the one that I deal with at my day.

D

Job uh give you the ability to do sort of like full, end-to-end, sampled, rpc, traces, right and they're.

D

Super super super super useful for figuring out what broke and a lot of the functionality that um we're asking for here like if we built an alternate architecture that was sort of at the rpc layer as opposed to the network layer- and you had sort of you know some sort of like distributed broker thing like some of the you know, I think some of the the work 1980s was going this direction you could actually slot rpc tracing into the internet.

D

You can't do that um a lot of the work that uh you know that is being done to obscure information uh that has been used for passive measurement in the past is not specifically targeted at obscuring the ability to trace um you know so full in the end. It's it's uh targeted at reducing the amount of unintentional radiation right, so the um uh the amount of data that you didn't actually intend to put in the wire image. That's there.

D

um I think there is a uh there is a room for research into how you can get closer to this ideal of full end to end um sort of flow disposition, tracing uh and an on-demand environment right. This would not be a thing where um the isp would say here are all of the flows, and here are all of the end-to-end characteristics of those flows. It would be more of a you know.

D

You click a button in your web browser um and it talks to all of the um devices along the path that are enabled for for doing the sort of tracing in order to create a trace file. Then you could would be in control of handing to somebody right like you need to design this in a way where um you know end user control of the metadata came first, and I think by not trying to hang that off.

D

Of of you know the way we've done this in the past, where you're unintentionally, radiating stuff, you have the ability to do better than we've done in the past. um I'm if I, if I knew how to do this in a way that would deploy be working on that right now, um but I think it'll be really really useful um uh to figure out what could be done incrementally in terms of sort of a research agenda and then invest in that.

A

Okay, so I see janna and q. We have one more slide on this topic, and times are marching as it does so janet. Do you want to go now or wait for jared to talk with his other slide and either way? Let's try and wrap this topic in the next five ten minutes.

I

um Either one you decide you're the host.

A

Okay, why don't we let jared's present- and I'm sure, you'll have a comment on that so jared? Do you have a serious.

E

I'm happy to to talk to janna at length about anything so uh yeah. So uh when colin and I were discussing this the other day, I said- hey well, here's why the isps need the dscp market.

E

The big thing is, you know, you know when I previously worked at a large service provider, we have business models, we have slas around performance, but obviously we can only control the performance on our own network.

E

um You know we can't control a third party, we can't control interconnect, points and and that's why many companies end up building their own private networks um and there's advantages for this enterprise networks. They tend to pay more money than wholesale customers, you give them higher sla and you use the limited number of dscp bits to you know generally provide like a you know, a bronze, a silver or a gold type solution.

E

uh You know for that. um You know. Customers also tend to be very sticky on these services uh and they'll actually pay to extend my network. uh You know to locations where they say. Oh well, I'm building a new office park here. You know I already have you know either this mpls service or you know, or some other service from you. You know I want to.

E

I want to extend network. So not only do I get the benefit of my network being extended by these people, I'm also tending to charge them a lot higher revenue than uh I would for just a wholesale ip connection.

E

The other thing is when it comes to the technical implementation uh on the routers, uh once you configure any sort of rate shaping on the devices generally, uh it will, uh depending on the platforms, but many of them uh by default, we'll uh stomp on all the dscp bits.

E

So you have to go in and do active configuration on all the ports on the devices and you have to classify them really well, so you understand which ones are infrastructure links which ones are customer links which ones are somewhere in between, because sometimes you have things like that, and- and you know many customers- you know, at least on the wholesale side that they really want a liability limit.

E

They may say I'm going to connect with you with a 10 gig port, so I can later come back and upgrade my contract, but I don't wanna, I don't wanna pay for more than two gigs of traffic that way they can budget uh accurately, uh and the other thing is that when it comes to these bit, you know the bit usage. You know there really is not uh you know, aside from a few of them, there's not really. You know a consistent standard and there's no incentive for inter-provider.

E

You know qs or dsp markings uh to ensure that they that uh they interoperate and- and that I think, is really you know really. The big thing is that there's not there's not a market incentive for people, in fact, there's a disincentive to say no. I want to have these people be sticky on my network, such that I can control it uh and provide that controlled experience that customers is paying a premium for.

E

So getting getting those across network boundaries very.

E

Unlikely.

E

And I uh I can call the queue if you want stephen janna.

I

um Thanks for that jared, I I I was just going to speak to something slightly different uh from earlier. um That's basically, the point I was trying to make. uh The point that I wanted to make is that we were talking about observability and being able to do these things um with with traffic going through the networks. I was going to say that at a high level, I think we need to start thinking broadly about observability and tooling differently than we have in the past.

I

I mean we have traditionally thought about tooling in particular ways with service providers with operators and there's always been contention between that and traffic in the network and brian already mentioned spin bit- and here I am mentioning it for a second time, um so you truly ruined everybody's day now, um but the the I think that the the I do think that there's a real problem here uh in terms of us being able to to to see what's happening both at the end users, in terms of what the quality of experience is for end users ultimately and what's happening in the network from from a uh from from a an application's point of view.

I

For example- and I think that I would, I would personally be more interested in talking about more explicit uh measurements on aggregates and various such things, making those kinds of things visible across isp boundaries, instead of constantly trying to do this on a per flow basis, because we don't actually that information is perhaps useful at the end points, but pretty much. Nowhere else is that information per flow information is really that useful.

I

um I I I like I said I do think that this is an important problem to solve, but I think we need to walk away and try to walk away from individual flows. We've traditionally used individual flows because I believe that's where information has been available.

I

I search providers have used individual flows because they could look into tcp there find out what very what is happening to the connection, use that as a proxy for what's happening to the aggregate and so on and so forth, and I think tooling has to move away from that towards more explicit signaling of network conditions of network quality of what's happening on the network.

A

Robin I think europe.

J

Oh, oh hello, jared, okay, okay, me.

A

Yeah here you're fine.

J

Okay, so I I my question: is the psap the isp needed the dsap, but I have this. The question is the dscp code point is enough for the isps for the purpose of the marking, the portable service.

E

I I I think the reality of things like dscp is that there's uh there's really insufficient bit space available for the levels of mappings that you might need.

K

You.

E

Might have an application that wants to say you know, I'm I'm willing to go into the junk queue and kind of be overflow um and service providers. If, if there's a standard bit space that says hey, I don't want to you know you know, I don't want my equipment to stomp on this. I want to be able to read that signal and then whether or not I act on that signal on a policy basis, you know, based upon the configuration, I I think is you know, is something that's feasible.

E

Like akamai, we have people internally, who are saying hey. I want to set dhcp on certain classes of traffic and we say well, we use some of these bits internally. I've got I've got competing people who want to use that same limited bit space.

E

I think this is something where uh you know if we are going to build a fully differentiated internet where, in the future, if we want to develop that type of an architecture where we can have application signal that have end user signal and have network signal uh these behaviors, we need a lot more bit. Space build uh to be able to do that, you know, uh and that I think, is, is really kind of. The crux of the situation is that there is such a limited space available.

J

Okay, my second one is that the because of the drcp, you also mentioned that you we must be carefully to classify the traffic to the different uh dsap, but also, I think, the proposed the challenge, uh the because your the dsap is indirectly.

J

So I think that's maybe I I wonder if some of these the director will search based on the uh destination ip address, or this can also be used.

J

Because, from my point of view I mean that dsp and marketing sometimes is not a director.

E

Yeah and and and- and I think you know, there's some opportunity to do things and- and you see some of that in uh you know, so we have some people internally, who propose the idea of using the dscp bits to essentially say I want to use the dsp bit to pick a different forwarding table on the device.

E

um As one of the you know, as one of the solution spaces versus doing you know a full segment, routing or other types of implementation which might be you know, or a label, you know or label based uh lookup to identify which forwarding table uh to use, because not all the devices that are in the path, maybe you know either label aware or uh you know we may not want to pay for the licensing or you know you know, or whatever may come into play with that.

E

You know this broadly comes down to an economic question and in most cases for the service provider, uh it is cheaper to add bandwidth than it is to uh configure dscp correctly.

D

The problem is no amount of adding bandwidth solves the basic problem that we have and that's that's the part that people I think you see that male 4s work. You see that bumper build work. I I mean the problem is not lack of bandwidth necessarily right. The problem is the the implica the how that how things are cued in that bandwidth and there are many ways to solve that cat too. I'm not saying this is the only way to skin that cap, but it's just.

A

So I guess the queue seems to be me: brian janna and then matt, and maybe we take off this topic a little and move on to the next one. On the question of observability, uh I mean I, I I think that this is certainly something worth looking at.

A

It's something that can be quite hard, so the recent thing I've been looking at in this place has been around these kind of over tracing apps, and it turns out that you could, on the one hand, say this is a great victory for privacy by design, because the the actual protocol for this covert tracing is pretty good.

A

On the other hand, you could say this is pretty because at least in one implementation on android, it's also implemented as part of google play services, which is actually not very good from a privacy point of view, because it keeps calling onto google in various ways. So it's unclear to me whether we can really tie this down at a protocol level or not. I think we could it's certainly worth thinking about how you how you would make things more sensibly observable in a privacy-friendly way.

A

I mean that's definitely worth looking at, I'm not sure how well we can kind of address that on a pair protocol basis and equally, I'm very skeptical that we could come up with a great overarching here's how here's, what I let you observe about everything I do so I I don't know if it's really an easily solvable problem at all, and that was neat so and then we had brian and jana and matt.

D

So on on the observability point I just want to, I, I just want to go to something that that jared just said that I put in the notes- and it kind of struck me right like we're talking about um you- know, research into uh sort of like distributed tracing privacy, preserving distributed tracing for network performance right, which I agree, is a very hard problem.

D

um I don't think it's an unsolvable problem, because, at least on the technical side of things we do our pc sampling, like at large scales in many um uh environments, which are not only single provider, single um uh single administrative domain, but we're talking about things that are going to be. You know, you know fiddly and twitchy, and uh uh things that are fiddling and twitching are also opportunities for um network vendors, to charge additional licensing fees and the thing that that karen said is like for the service provider.

D

Adding bandwidth is cheaper than turning the scp on right, like the sap is one bit right. We're talking about our one part returns it's six bits, but it usually gets. It is eight bits, which is why ecn doesn't work um like and if we, if we can't, like you, know, figure out how we're going to economically turn, you know six bits of signaling on more than six bits of signaling is going to be harder to deploy as well.

D

um I still think it's worth so what you said stephen about like this, not being necessarily the protocol issue. I think it. It probably isn't a protocol issue, and probably we even the ietf in this discussion, focus too much about too much on which bits do we put on and a little bit less on the? What is the the interaction model right, like so who's in control of when something gets measured and who's in control of how that data flows?

D

I think stepping back from the protocol a little bit and working on that problem might be a way to um break that particular log jam, but but keep in mind that like, if you know if we can say that adding bandwidth is cheaper than turning the sct on for a service provider, then maybe we should just invest in adding bandwidth.

A

Okay, I think I have uh janet and then matt in the queue and I'm suggesting that, after that, we move on to the next topic unless something yells about it. Yeah.

E

Yeah, I just want to comment back to to brian quick and say that I can buy like a 32 by 400 gig box for for less than 10 grand and so for adding the ban like adding the bandwidth like. If I'm going to pay a software license for mpls, it's probably going to be a cost and I'm going to pay that per device.

I

uh Janna um thanks steven, so I I I agree with what brian said. I think that this is definitely not a protocol issue in my opinion, and I think in terms of just the protocol issue, I I actually on this particular point I'll say I agree with jared's slide here. um This is, I think the the ship has sailed on using dhcp for anything, but what it's being used for, but that's my personal opinion.

I

It doesn't hold that much it's it's used extensively within with an isps, and it's used extensively for reasons that hardware does hardware, does what you want to do with the acp and you can define these code points to mean whatever you want them to mean and hardware will do it for you at line speed and that's really useful and gets used all over the place, because of that um so using it as an end-to-end signal of something is, is a very, very long shot, um but on the other hand, if we move away from the protocol itself- and we ask the question we step back and ask the questions that may have very different answers than what they did 20 30 years ago.

I

We could ask the questions of what is important to observe. What do we want to signal end to end? What do we want agree on end to end and so on, and those could be explicit and, like I said earlier, they need not be at the flow level.

I

I I think, there's a question of mechanism here, but we do need to talk about what it is that we want to communicate across the network and which entities ought to be able to see that protocol. Signaling is a separate matter, but uh I don't think we have agreement on that. First question:.

A

um

L

Find the unmute button. um I I wanted a second list in a different way. There's a there's! Another fundamental reason why bandwidth is cheaper than control I'll put boy, and that is during non-crisis time, not having a bandwidth means that you end up having to arbitrate wishing your customers can watch high-definition video.

L

If, if everybody wants to watch how different video, if you want to support that, then you have to have enough headroom or all other os problems easy for most users.

L

I would be surprised if dscp actually has much effect during non-crisis time than isps. I I don't have any data on that. Just because it's cheaper than control and crisis excuse me and then the other thing that people want to have is is controlling the last mile because of low delay, applications and the large queues being at the last mile. So it makes it makes sense there in the default sort of environment in crisis environment, it's a very different problem and that's what we hit over um situation, coveted bump and there it's.

L

um You really do need to train bandwidth and at that point we're not under using qos. In the sense we since we're not using the signaling or haven't been using the signal, we're not appropriately configured to do the right thing with it and manual traffic management telling people you have to get off now is always a fallback for the home users.

D

Okay, I'll ask just one question clarifying about what you said there. Could you say what you think is different between the sort of crisis time and the non-crisis time about about any of the apps running over the network, because I'm not saying that.

L

If it's an, if it's not a crisis time as a as a business concern for access to isps, they want all their customers to be able to support streaming videos and um whatever their economic reality is, but some large fraction of their users to support video and that that load is so much larger than everything else. The aggregate of that load is so much larger than everything else that everything sort of fits in, underneath it right it and and.

D

The I don't okay, we could talk about oblong. I do not think that's true if you, whether it's running video in a zoom call and a youtube, call at the same time, always compete with each other and they both can drive the video bandwidth beyond. Whatever bandwidth you have available, no matter what bandwidth you have available across, you know broadly available. They will both deliver services at a higher bandwidth than.

L

That but they need to arbitrate, they need to arbitrate between too similar.

D

Which they do a great job of doing of scaling such the service. So they do that. But I don't understand how that's different during covet times and non-covet times,.

L

The issue is um it's just it's the high pressure on smaller services, things like file, sharing document, sharing, email and such like that, which are perhaps more economically important web transactions for doing, purchasing, ordering and stuff like that, which um is all relatively low bandwidth and actually not latency. Sensitive um making video calls work well on your crisis does require a good big qos service.

A

Okay, I'm going to suggest we kind of move on because I suspect some of the same discussion will come up under security or anything else anyway. So um uh and so the next topic- people, I think, wanted to talk about, was kind of generic sort of security effects and I think, there's kind of two directions here.

A

One is like what kind of new threats or changes and threats did we see during the course of the pandemic, and I guess the other kind of direction is uh what kind of security tools did we have that we started using more during the pandemic and so on? I don't think I have any anybody sent me explicit, slides on this um unless dominique's one is intended for this bullet, I wasn't clear um so what I was just going to do was kirsty is kirsty on the call today I guess so or not.

A

I haven't worked um yeah, so I was just going to pop up the mail you sent if and maybe use that just to kind of kick off some discussion. If that's okay with you.

A

um I'm not is that I'm not sure. I have no idea how visible that is to people, but uh you couldn't get them out last night anyway,.

C

That's quite legible, stephen.

A

Good, okay, so quite legible or illegible.

C

Sorry, legible: oh.

A

Good, that's a nice surprise! um So why don't we let kirsty talk to that mail and maybe that will just kind of lead us into the discussion uh and dominique slides it for the next topic. That's fine! So kirsty! You want to chat about this.

G

um Yeah sure I guess this is because uh on wednesday I raised kind of the security posture that we were seeing during um the covid stuff. Really so since march, really for the ncsc, we just published our annual review and it's been a kind of year of two halves where we have the before march kind of normal business as usual, and then the post march, um where the ncsc's workbook looked very different. So some of the stuff you might be aware of, like the coded apps and all that kind of stuff.

G

But what I'm really focusing on here is the shifting attacks that we saw so what's quite difficult. I suppose, in conjunction to a lot of the stuff we've already seen where there's a lot of um graphs and nice measurements, and you can see a real uptick in traffic volumes and stuff. What we see instead is maybe not an uptick in total attacks, but a shift in the lures being used and the attacker behavior and the shift in targets.

G

So I think it's going to be quite hard to look at kind of numbers to really get across what we saw as an impact, and so the impact here is not necessarily an overall increase in um in certain things, it's just more pivot from attackers.

G

So I can describe um a bit of this, this uh email and it's just taken from our annual reviews. It's very high level, gisted stats, um but we have this takedown service where, if we see a malicious ill, then we um we can contact the service and get them to take down.

G

uh Usually the url taken down because of copyright actually from using a government logo which is quite amusing, um but they are they're taken down for various reasons, and so you can see some stats here in terms of this latest year, uh how many were taken down across the whole year. So one thousand.

F

166.

G

710 fishing urls disc, that were discovered, were taken down and, of course, these are just ones that have been discovered. So I don't know how many there are in total, um but these are the ones we discovered and were taken down. You can see what proportion were associated with uh uk government themed attacks and then there's just a nice bit that our global share reduced.

G

So that's a nice success story for us and but then, since march we have a focus on what uh the corona virus themes that began to be used, and this is kind of relating, I suppose, to my position paper a bit that, in terms of a pandemic situation like we haven't studied, I think it's an interesting question. If, in a pandemic situation, you're isolated, you might be spending a lot more time online than you would be before, and so your tolerance to fishing might decrease.

G

You might be more keen for news, you might be feeling a bit more vulnerable and you might just be a bit more susceptible in general to phishing.

G

So there's a socio-technical element to that that we haven't researched fully um but whatever, for whatever reason, coronavirus teams began to be used and you can see the split there in terms of what they were associated with um selling bogus ppa like pressing on people's fears to sell vaccines and stuff, and some were just using that as a hook to get money um quite a lot of them somewhere just to distribute malware.

G

um And so what can we say about this? So stephen? I thought you came back with a request for how this compared to last year and uh sorry- I've been uh quite busy today. So I haven't fully found this, but um I guess what I did find our annual review from the previous year, and so in the previous year we actually took down 177 000 fishing euros, which was uh roughly 23 000 a tax per group, and so what? What can you deduce from that?

G

Actually, maybe we just got worse at detecting fishing um you'd like to think year on year, we're getting better. So in theory the number of fishing urls discovered should increase. Perhaps um it's very hard to quantify that um or if it at least stays static, we can say okay, why did we have a reduction in this? It might be because um different access sectors, other than phishing and were found like there might have been a better way to gain access. One specific example is um the increase in vpn vulnerability exploitation.

G

So we saw an increase in scanning for those vulnerabilities and that you could hypothesize is because there's a more chance that a target you're interested in is using a vpn service right like if it's being more commonly used again, it's quite hard to definitively point to that and to measure it, but um we can just in a qualitative way.

G

We can say that we've seen a tax where that has been the initial foothold, whereas in other campaigns, perhaps it would be more of a phishing email, so um yeah the the numbers themselves are just kind of illustrative. I think we have a lot of experience and yeah. We've had a lot of incidents that we've managed that have dealt with cavities the theme, and so I suppose it's just kind of what what's really interesting is that pre-march.

G

Basically, there were no campaigns using this at all and then post march we saw a rapid increase in like domain registrations for coronavirus related names. Some of those are legitimate, but quite a lot we're not, and so I guess it's just kind of what we haven't really seen before. Is this sudden from zero to a lot of attacks using a certain zero.

G

So people are quite used to the tax office getting in touch saying: you've got tax rebates, but where they in terms of our four layers of phishing and prevention, and stopping that attack being successful, like educating users, is only one of those layers and that layer might have been less effective, and so I guess one of my open questions that I think got posted around is like, given that, given that users might be less effective in efficient layer defense do we have to do something on the other three layers, and this relates kind of to the ncsc.

G

Launching the vulnerability and suspicious email reporting service so that you are able to kind of increase, yeah increase that layer of defense, but it's just it's just a question: that's still quite a manual intervention, so um I guess that's kind of all. I have to say about that email um I can send some follow-up stats, but, like I said I feel like comparing absolute numbers is not is not telling the full story, because there is a narrative in terms of her incidents.

G

um There are some advisories that describe this as well, but like for various incidents, the uh initial attack factor is different. The lure used is different. Even the target set is different, so we're seeing sectors that haven't been targeted before now being targeted because um what they have in a pandemic situation is perceived to be more valuable.

G

So yeah, that's kind of all. For me. Thanks steven, sir, the opportunity.

A

Yeah, I guess, uh and thanks for kind of having a look back at last year's numbers and yeah, I think you're right, you can't they're not as easily comparable as kind of iterates from year to year. um I I think one thing I take away from this is this probably in terms of measuring security and so on.

A

There's there's work to be done in figuring out what things to measure and how to do, because I mean you see the kind of annual reporting from like the likes of yourselves or from some security vendors that produce these interesting reports every year, but they're they're, yeah they're not commensurate with each other they're, not even necessarily commensurate from year to year um with the same kind of source. So I think there's there's probably some. How do we measure interesting security? Things work to be done.

A

The second thing I I was wondering about- and I don't know the answer here- either- is all everybody going working from home, presumably does create some new kind of it changes the kind of risk in in various ways, um some obvious ways. It might create more risk or more likelihood of an attack succeeding, and I think he called it a couple of those.

A

It might also have the opposite impact too, because we may have been moving from a place where a lot of people were doing like a little bit of work at home or using the using some really unmanaged, five-year-old laptop, that's still running about an operating system, and then they moved to actually having a little bit of help from their sysadmins or being given a a laptop to bring home, which I think happened in a lot of cases and that might actually have improved security for them and decreased decreased risk. But we don't know so yeah.

A

I guess my main thing on this topic is that it would be great to to figure out how to measure things a bit better, uh because I I'm not sure I've seen good discussion of of the effect of the pandemic now, maybe also that it might happen. Maybe there's a whole bunch of papers going to be at ndss next next january february, whatever, and then it will have been done.

A

But I haven't seen it so far, at least, and I think I have maria in the queue- and I don't know if anybody else wants to be in the queue. But if you do type plus q in the webex chat. Where are you.

M

Yeah hi um thanks for sharing this data, that's actually interesting. um I do have a question more on your other mail, a little bit um because um you said that we should think about protocol work to to address vulnerabilities in in the remote infrastructure, remote working infrastructure, but um this is kind of it's still very a little bit high level for me, because the remote infrastructure is not like the one infrastructure, everybody use it right. It's like different components.

M

It's conferencing tools, it's vpns and so on um so I'm I know. I think I don't have a good understanding if there's anything special about this infrastructure that we didn't consider yet or it's just like a bunch of applications that we've been talking about, um and then the other point is also that I think a lot of the problems we've seen and including the one about zoom, for example, that you mentioned as an example, is really people not applying our protocols correctly or not like developing an application in a secure way.

M

Even so, I think, like certain security standards are well known, so it's really an educational problem rather than a protocol problem um and say like currently we're discussing this at a very high level. We need to do something because there obviously is a problem, but it's not clear who should be doing it at which layer and and you know what exactly so. We need a much deeper dive in there or do we have further sorts of insights.

G

Can I come back on um your point and also stephen before um so yeah, so the question I'm asking, is I mean it's? Not it's not presupposing anything can be done actually like. We might take an honest look at this and say actually we've done everything we could do from the protocol side of things and yeah the solutions fly elsewhere and the question it's a question to be asked like what could be done.

G

So I guess, like phishing, is a very uh easy example where we we know we have four layers and helping users in educating them is only one of those layers right, and so we can do what we can do in that layer um and we've done a lot of um technical research on what lands best there, but the other layers in terms of like making it harder for attackers to reach your users from in the first place like. Is there something that can be done there?

G

um Is it just encouraging uptake of existing protocols that are already out there? I think it's just a question and it's not presupposing anything can be done right. It's just like a question for me when we think about the network impact um yeah, so I mean for infrastructure you're right like it's a range of stuff.

G

I think for me, I'm specifically thinking about people using new technologies and not knowing how well that's being done like not having a good appreciation and that's partly because of a shift in user demographic like people were spending more time online, but also people who would barely spend any time online before we're now spending a lot more time online, because that was their main way of getting groceries delivered.

G

That was a way of keeping in touch with their families and so, from a citizen point of view, that's kind of our focus and that's that's what we're thinking about um and then you have obviously from an enterprise point of view. uh Like stephen said people being given a laptop and told to go home and for some uh companies that may have improved their security posture, um but I think where we have seen, incidents has been obviously where that hasn't worked well and so a poor roll out of infrastructure or a rushed.

G

I mean in fairness. It's not! It's not poor, it's just time constrained and it's difficult when you have a large fleet to manage um where we've seen that been done, poorly or outdated. um Yes, software being used and so vulnerabilities exist that are being exploited. That's the kind of stuff we talk about.

G

I guess it is unfortunate because for security, unless you're in the industry- um and there are some people on this call- I think who are kind of experts in this field and- and you are actually managing incidents- then we're not going to make exact details of an exact attack public, it's very difficult to anonymize it, and obviously we care about the privacy of people and organizations and reputational risks and stuff.

G

So, um but what we can say is that you know, as a group of incidents of the collection that we manage, we have seen increases that we ascribe due to the shift into homeworking and the rising vpns and the rising um like these kind of vulnerability, uh like sorry, rising users who are being more vulnerable, who are spending longer online and have more access to these kind of security scams than perhaps previously and so yeah.

G

The open question really is just we've done so far: a manual intervention, the suspicious email reporting service, like could other stuff be done, and that's really. That is just the question, not presupposing the answer in any way.

A

Okay, I think the queue has lecture.

N

um Let me just make a few simple points. The first one is: how do we view this cubic? Okay right? Is this just a network connectivity challenge? Then we measure ourselves whether we succeeded or not solving this one problem at this time I think a different view of the cuvette it's actually.

N

This is kind of an amplifier right amplified or exposed um more widely. There are already existing problems in the internet.

N

I think security is one such area because kovat amplified the law of the internet in the society. Forced many people who previously didn't depend on the internet to do their business, but now they do so, let's not think about. Oh, we handle the bandwidth well, so we succeeded in keyword I mentioned. I think I added into the etherpad notes that handling the backbone internet or whatever anything beyond last mile. That's where we spend the years of years, so we know how to handle those stuff.

N

It is the connectivity to the residency area, that's where not much attention has been paid and we fall short in tools in understanding any solutions, but I want to go back about the security. Sorry for thinking so long, education for security has been there for. As long as I can remember, the question we need to ask ourselves is how effective it has been.

N

If one can learn from the past, you can project in the future how effective it can be. The uh the another thing is about the ietf that uh will been spending so much efforts on security.

N

There's a a number of um working groups developed the solutions you know, dns cycles is the first one I got involved a bit. Then there is a bgp security, then there's a d game and there's other things. My pro memory cannot remember much. The question is how much effort have we put in and how effective they have been. This relates to yet another question: um how do we handle security?

N

It's a security by layers and each layer will do their own thing. Independent from others is a security by applications.

N

Every application take care of themselves, I'm not suggesting solution, one way or the other, but I think, whichever way the ib believes, let's write it down and see if the community agrees and open that discussion, I just so far haven't seen any clear documentation. What is our kind of basic approach to address the security challenges?

N

I can be pessimistic. I rarely do, but I don't think security is getting better. I think getting way worse compared to even just 10 years ago, despite all our effort and.

A

What is it so? So I'm not clear what you mean there. Can you give me an example of of what's worse now than 10 years ago, because I I don't know.

N

I would just say: essay is a very simple thing. It has, I think, the threat of ddos getting bigger. Look at the the the magnitude they grow a lot faster than actually the bandwidth, the general bandwidth growth in terms of percentage in terms of skill in 2010.

N

We didn't have any skill of ddos, like the mariah attack, had.

E

Sorry yeah.

N

And in terms of in terms of uh the fake news today, I don't remember, we had anything similar back 10 years. You might think this is way beyond the ietf coverage. Yes, but the hosts, I mean it's a security, piecemeal solution. We take care of our own piece or there's something much bigger picture. We have to take the overall view, the so I'll just end up here. I think that.

N

How we handle security, I think we need to take a broader view, then just develop a specific solution like dkm and focus on that one. If I'm saying they came by the example, there's an all the security solution. So far to me, it's a piecemeal, I'm done.

A

Okay, I think we had dkg and yari in.

O

The queue uh hi there uh so jersey. I wanted to thank you for calling out the the range of different kinds of security issues that um and and uh reliability issues that come up um with your messages that you sent to the list with kobit, and it occurs to me from um thinking about what you've written that we're really in a scenario that is sort of like the september that never ended right like when the on the web, you know suddenly became something that the general public used.

O

There was this huge influx of new users, um and there were a lot of a lot of things that had worked for folks, who were comfortable sort of um digitally before it became obvious that they were sort of falling apart, and I think maybe one of the things that you're pointing to um is.

O

That uh is that, as as we had a sudden influx of people who didn't who weren't used to living online, who suddenly became used to living online, those folks became vulnerable to all the things that, um maybe I don't know, digital natives were more used to working around or or you know, protecting us as bogus talking about fishing or spam.

K

Whatever.

O

um You know a huge part of that has nothing to do with protocols. It has to do with user interface and user expectations and how we manage and set those things and.

K

I know that the.

O

Ietf doesn't do stuff at that layer, but we do things that that provide inputs to those layers um that could provide guidance that, um like how pre be done without saying you know, you have to show this many pixels of warning or whatever, um but I but I, but it seems to me like what what you're talking about is that we really need to do more to think about um what kinds of indicators we pre.

O

Our tools can present to users so that they can help to distinguish between, say, a phishing attack and a regular email from their boss.

O

So anyway, just it seems to me like there's a there's, a question about not only user interface research but protocol level research about what indicators do we think um the user interface people need to be able to expose effectively um or or how to make them actionable. I mean you know I would be interested in seeing that kind of work done. I think we have a responsibility at the ietf to think more about those questions than we had in the past.

A

Okay, I think we have yari and then janna in the queue, and we probably also want to take a break shortly. So let's aim to take a break and, like I say before, 10 past the hour and take five minutes and then come back. So let's go ahead for now.

B

Yeah, just very briefly, I think, uh first of all, like we're, I guess, discussing an area which is not necessarily exactly on the scope of of this workshop, but there are obviously lots of problems in that and security as a broad category is, is maybe the worst of those problems, and we need to address that, and- uh and you know, lots of work is ongoing to to make improvements there and maybe more work should happen.

B

I believe at least that more work should happen, um but I, I guess just commenting quickly on on what you were saying. I I think there's uh we could have a debate about, like you know, is the situation not better or worse. We've made also a lot of improvements and situations in some ways better, but there's also, we can probably also everybody on this call can agree that there are huge problems left and- uh and we should uh do something about those I think where we might actually disagree.

B

A little bit uh is, is how we go about that. So I I actually do believe what you said about those holistic approaches. We should look at the thing as a whole.

B

um I do not, however, believe that, like there's, like you, know one tool or one solution that solves uh these different diseases because they're it's it's like a very different problem to protect communications, for instance, uh compared to protecting data or being worried about the you know, influence of some parties who have more access to more data than some some others do.

B

um So I think um we'll probably have uh many different things and- and there are ongoing efforts to deal with some of those, and we should have uh more efforts targeted towards this, but I you know, if you look at some of the some proposals, for you know, let's fix this internet security problem.

B

You often find that uh they are. You know, even if they claim that this is like the holistic approach, they actually turn out to be a very narrow solution. In fact, they often have also some some major problems in their design. So, let's not jump to too easily. Those uh sort of simple ones have also fixed all these answers. That's all.

A

I want to say janna and then maybe let's take that break when we get to 10 past or when john is done.

I

I'm stopping everybody from going to the bathroom. That's not a good place. To be sorry um I'll. My uh I'll make a quick comment at a high level. I think that uh leisure's point is definitely something that you can it resonates with with many of us. I think that security cannot be piecemeal, that we have to do a high level. We have to do a consolidated solution. It has to be a one piece, not piecemeal.

I

At the same time we are. We are. We have two other issues which always always, in my mind, dominate some of these conversations.

I

One of them is incentive and control we might have incentive, but we don't have control um each one of us here, controls small pieces, unfortunately, which is partly why you end up with this piece means solution, because a person is deploying something ends up wanting to deploy something that they can secure uh and and position like the iab or the ietf are places where we can have these conversations and other vendors come together, but we still have to incentivize each one of those entities to deploy such a thing.

I

So that's at the simplest level encrypting at the protocol has so much tension between operators and endpoints. It's hard to imagine uh doing much more than that, because practically there are limitations to how this this this unfortunately unfolds.

I

I'd say that uh on the second side, I'd say also that there's this part of the blame here lies unfortunately with eulesia for building an internet that is fundamentally insecure. I mean we have we.

I

We don't have these these uh uh basic hooks that that we would now if we were to build a network now we would not build it uh with with uh with, without some nominal notion of uh security, hooks and things like that, but um the network is what it is and- and um I think, as a result, bringing something piecemeal is is what we end up having as a result of that um and and finally one last point on on. Yes, it would be amazing to be able to include so when you're building something piecemeal.

I

You are trying to define the attack very precisely and try to protect against very precise attacks that you can cover you can limit against, and you you build for those attacks now, if you think of fake news as an attack, it walks into another territory which again the protocol developers and others have shied away from which is values, values and uh trying to arbitrate what is uh good and what is not uh I'd love to have a conversation, but I just feel like this is not a conversation that I've successfully had in in in technical communities, um and I also feel that if we can't it'd be interesting for me to see if we can't solve this with humans in the loop, how we might solve this with just machines.

I

um It's a tough problem. I don't know how we would go about solving it.

N

Well! Jump in.

N

If we don't solve it, the who's gonna sell it or we just let it grow, but people should take a break.

A

Okay, so let's uh let's take that break so are people able to find that or you need ten, I'm gonna assume five in a little bit works right.

P

No, what's.

I

Up.

H

Oh.

H

hmm

A

Okay, so it's quarter past now and I guess we run for another 45 minutes and we want to try and do that so I put in some, we have these topics left.

A

I put in some rough timings about 10 minutes, each five minutes to try and wrap up with some actions, five minutes to take feedback and that's not a huge amount of time, but uh we don't have much more in that.

A

So uh I think we have one slide on this topic here from dominique, um which I guess I'll pop up any other and then so again we want to do this pretty quickly. um This slide has some nice kind of juicy topics that would uh ease up all of the 45 minutes, so yeah.

Q

Sorry about that stephen, um but there's been discussion on consolidation on um really good too um yeah, so uh andrew and I put in sort of a a paper. That's a bit left field and we just wanted to kind of stir up some discussion, um and actually one thing I did want to say is one of the positive effects I think of coved, um because we were talking about both security and positive effects has been connectivity, more people getting online.

Q

So um that's been really cool to see uh yeah, so the internet's been resilient and we had some great presentations and uh what's gonna happen in the future.

Q

um We uh listed a couple trends which um we can discuss further, but just basically trends around the protocol development that that, um obviously, as someone said in the chat that kind of limits, the the ability to to look at data and traffic, but also kind of siphons that data towards um endpoints a bit more um but also I threw in uh digital sovereignty, um you know and and nationalistic internets, like internets or networks um that are very much becoming sort of just you know within each country um and that's a trend, that's social and political.

Q

As much as um anything else. um We gave an example on vpns, um one of the interesting things and andrew can talk about it really quickly is looking at. We talked a lot about vpn use and and the positive effects of it as well, but again there's it's also a chokepoint um and all of this sort of discussion that we're having, um and I think that yaris kicked off a couple years ago on consolidation on the different layers of the internet, but also um politics as well politically as well.

Q

So a couple of suggestions about what to do. Obviously, security and privacy needs to be insured and to stephen's point earlier. He was saying you know it's not bad, and and obviously there needs to be a privacy aspect to it as well, but just being um a little more aware of sort of how consolidation is sort of becoming a bigger issue involving more stakeholders.

Q

I volunteer myself to do some security, more security research, but also in this area as well thinking more critically um and much more in depth in this paper on um consolidation. So that's my quick presentation was that quick enough.

A

That was nice and quick. Yes, thank you, um okay, so I guess I guess what we want to do. Is you know what do we forget or or what might we want to revisit? um We obviously talked a lot about observability and so on.

A

um The question here is: what did we forget.

A

And it looks pretty.

A

Horrible.

A

So what topics did we not cover that would have been covered? What topics that were mentioned briefly, that are kind of maybe not outstanding? The huge in the notes would need to be more covered.

A

And if the answer is nothing, then that's pretty good. Andrew.

C

Hi, steve yeah, it seemed rude to leave it with nothing. um So our one one which we touched on briefly uh but maybe didn't dwell on, is um you you rightly flag that you know that there are some positive benefits from end to end encryption, um I'd question whether privacy is one of them. I think people conflate privacy and encryption uh wrongly, but anyway, that's a different subject.

C

What I think is maybe not being given a great deal of thought. So far is the negative effects of encryption and, for example, since kirsty was talking about some of the security cyber security issues, the more signals you hide the easier it is for malware to flourish, um and certainly the the paper that dominic referred to just now. I think our contention would be if covid happened in five years time.

C

Given current trends, I personally would question whether the internet will be anything like as resilient as it has been now.

C

So I think the negative effects of uh some of the current sort of trends and developments from the ietf need to be considered in the light of um how they might impair resilience uh over the long term, because I'm quite worried about that.

A

Sure I I I honestly don't understand if how that can be considered to be something that's been forgotten, given the huge amounts of discussion we've had about it in the last number of years. um Well, we haven't really.

C

Discussed uh we've touched on the encryption, but we haven't discussed the unintended negative effects of it in the context of resilience. I don't think that we did really discuss that in the last two and a bit sessions two and a half sessions.

A

Okay, so I think we have yary jared and that's thecube for now.

B

Yeah, so um I was actually gonna. Maybe talk about um two forgotten things, and, and one is maybe what uh andrew just mentioned uh from a slightly different angle, so I think resilience in general. We haven't really talked so much about like I I'd, be interested in understanding, like uh infrastructure resilience and and so, and maybe that's related to what andrew was talking about or maybe not, but I you know, I don't think we need to go to the encryption debate uh right now. um It may also be related to dominic's point about consolidation.

B

um So that's one thing that I think we we perhaps should have export more in depth. At least I remember mostly the cp discussion right now um and, uh and the other thing is that we always think of, like you know, repeats of the same situation when we think about problems. So another pandemic exactly like this, but I don't think that's realistic. I think we should expect that there'd be something unexpected. That's um you know a different event.

B

uh You know part of a continent sinks down- or I hope not, but or maybe a security attack or some some type that does attack um or something else.

R

And I I.

B

Think it would be important to to try and not not put us. You know too much focused on like this particular thing. Are we gonna respond to you know the the uh webex versus other traffic uh prioritization issue, and um but the real problem that we might have five years from now is potentially quite different. So, let's think about that.

A

uh I think we have jared's.

E

Yeah yeah yeah I'll just jump in here and say I I think actually the pandemic has shown us something very important, which is that the internet actually worked really well in the situation uh in in a collaborative multi-stakeholder environment. You know insert other marketing terms here. uh Everybody seemed to work really well together.

E

During these times the service providers upgraded links, uh application, uh people went and turned you know turned the dials to uh you know, make more bandwidth available, and because we had this global network available, many people were able to continue to to function continue to work. So you know there was not as much of a you know. There was a definitely a global economic impact, but it wasn't as bad as it would have been if we did not have these collaboration tools, these technologies and things available.

E

So I I want us to not lose sight of that that you know, despite all of the horrible things that we that we've lived through this year, there's really some amazing outcomes from this. In that you know, my children are doing school, virtually that's working, not as ideal as I would I as a parent would like, but it is working um and yeah we. We still have these issues with.

E

You know the tug between encryption and privacy, and you know, and and you know and all that- and you know app- you know the application uniformity that you know that seems to be coming out of the ietf. But I think when we're talking about the the impact, if we didn't have this network, how how much worse off would we have been, and- and that is something that I think we should at least think about for a moment.

A

So I think brian is next in the queue and then a few more people are trying to catch up with that.

D

Right, so um I want to rip off what jared said. um uh Everything jared said: yeah in sre we uh generally when we look at sort of like a big event like an outage or something that was in near miss. We, we um write a post-mortem in that post-mortem. We have three sections: uh what went poorly, what went well and where we got lucky and I've thought a lot about like so uh you know the fact that the multi collaborative multi-stakeholder environment worked well.

D

I I'm I've thought a lot about whether that's a what worked well and where we got lucky, and I think it's a little bit of both. I think that the fact that it's a network of networks, like the very underlying architecture that there's not sort of like a um I mean think for a moment.

D

If we were in a situation in the united states- or I could say you were in a situation in the united states, where um capacity upgrades needed to be done by uh directly by the national telecommunications infrastructure authority um like where that was a federal response. Given the rest of the federal response to this pandemic, I think having a multi-stakeholder multi-operator network um was superior to that to that to that architecture.

D

On the consolidation point, though, I think that's where we got lucky right like so um like jared said you know the you know, everyone was working very hard together. That was, it was.

D

um I know uh we were working very hard um and you know we're all you know our incentives are aligned right, like we all want our services to work well, so we have to do our part of that service working well, but in a um a more consolidated environment it would only take one of the hyperscalers having done poorly right like so something having gone wrong in one of the application uh areas to have had a a seriously negative impact um so uh like the the decentralization of it and the multi-state charisma, but I think was was a definite win, but I think that that it was a little riskier than it needed to be because of the consolidation aspect of.

A

This, I think we have a building cue. We don't have that much time, I'm going to suggest that we basically lump in all these three topics uh all at once, but if you want to talk to any of them jump in the queue now um and then in, let's say another 10 minutes: yari has a couple of wrap-up slides for the whole thing and then I'd like to kind of just have some kind of feedback on the event format as well. So let's keep some time for that. So we can half hour left.

A

Let's take 10 minutes, uh try and take 10 minutes more for this topic, where the cue is kirsty, larry, colin maria janna, oliver.

G

Thank you steven. I hear the need to be brief and that works for me. um So I just want to talk about like stuff. We miss, I think where.

G

However, we write us and whatever we collate, we should just be really clear on what we mean when we say the internet worked well like it's certainly true that people could stay connected, and it's certainly true that, like we manage capacity well- and you know, but just um as I've already alluded to different users have different needs and um it working well like for me that would have been not a single scam like we could have taken them all down immediately right.

G

So there are gaps to me from a curious point of view, and I think it's just the stakeholders we have on. The call are, you know like brightly ics and judgment bases and stuff, but I think we should just be kind of clear on what we mean by that um from the security point of view.

G

At least we've had a good discussion today and I think that's been very valuable that that has been a a key topic in in the workshop, um as well as the resilience and the traffic volume and management of that so yeah. Thank you being brief.

A

Thanks brandon welcome so larry.

H

Check out the same point: the internet worked well for the people who had access to it efficient access for them to get their work done then, but it's good to get their own work done and then for everyone else. It worked terribly.

H

So that's all I wanted to say.

R

Yeah, um so just on a couple of points um I mean on the the issue of unintended effects of better security. um I mean I agree that the the issues of security have been discussed uh massively, um but um certainly anything other than encrypt. All the things gets pushed back and could be strong push back in the itf and that's fine, um but there are perhaps nuanced reasons to not quite encrypt everything um which are getting lost and we have quite a one-sided debate there um in terms of uh general resilience.

R

uh We spend a lot of time when we're talking about improving the internet architecture discussing performance and we spend a lot of time discussing alternative architectures which improve performance for certain types of applications or improve quality of service for certain types of applications.

R

We don't.

K

Really.

R

Discuss internet architecture in terms of how it affects resilience of the network, uh and I I worry that we're getting increasingly complicated, uh increasingly performance architectures, which are getting so close to using all the the capacity all the features that we we have nothing left for resilience and robustness at the end. uh um We maybe need to focus more on that and more on um what happens when things are not working. Well, when we're evolving the network, thanks.

A

So much maria janna oliver, actually I'm not resilient. It's interesting that we, the iab, tried to create a mailing list for that topic around it a year ago, and there was a bunch of initial discussion and then nobody wanted to do anything and it just kind of wasted away, and so I think the queue is myriad jana and oliver.

M

So uh one point: we didn't talk a lot a lot about, and maybe we don't have the right people is the the economical impacts or changes um that.

K

We've.

M

Seen and the question if they might stay so, for example, we've seen that operators are suddenly able to roll out um bandwidth very quickly. Are they able to roll out equally much bandwidth in the near future, and why did it go so quickly? What were the the problems here, but also about measurement data? um Usually they are actually economical points. Why measurement data are not shared. So is that something that might change in future um or not?

M

So I think there are a lot of things we've been talking about, which are actually not technical points but um points where economical decision was made, and the question is: does it change in.

A

Future yeah.

I

Steven um I want to up level just a bit. um This is a I'm gonna, be I'm I'm gonna. Try to be brief. I promise steven um the this is the I want to make a point that that you know usually doesn't uh we'll just make the point. um There is one of the things that we that I would like to uh talk about here. Just briefly is is the unintended unintended consequences that we've seen for having the internet in society during this time?

I

I'm up leveling it I'm not talking about just you know, unintended consequences in particular fields or particular areas of network uh of the network and so on, but just generally in society, and I think, there's some some points on the chat that are being made about this. So one example is, as jared said. I completely agree that we should be grateful for the things that the network has made possible.

I

I'm I'm very deeply aware of that, and I think about that all the time this is uh the the problem, however, is is, for example, schools have continued to go on as uh things moved online. However, having you know dealing with uh two teenage children who are now going to school right now online, that is a completely disastrous and sucky experience, and it's actually in in some ways made it worse for some students and has has been worked amazingly well for some others.

I

This is true across the board in meetings now, when I go in one of the first things for the past six months, I've started my meetings with this. How is everybody doing, and some people are actually falling off the cliff, despite the fact that you're you're supposed to continue working as though things are normal, the curriculum at school is continuing as though things are normal. It's going at the same pace, but so we're producing something here. That is quite different. We have to be cognizant of that. There are some unintended consequences.

I

Things are continuing as though they are normal, where maybe putting the breaks hard might actually be the right answer, I'm not saying that's what should be done. I'm just saying that there is something here to think about carefully.

I

Just because we have the facade of school hope happening doesn't mean that school is actually happening or meaningful. Education is actually happening so and on a broader scale. We know that the pandemic has deepened the not just the digital divide, but existing inequalities on inequities in society in in so many ways, and to the extent that technology amplifies intent. I believe that all technology, all it does, is amplifies intent. um I do want us to think about what the internet has done for society during this time.

I

What intent has it amplified and what divides it has amplified? This is uh not just about technical architecture, but about what we want to build for society. Broadly speaking, and um what do we want to amplify? What did we end up amplifying.

A

Yeah, actually I mean, I think one interesting thing I noticed is that I think a lot of the time. The contention that our students suffer from is not related to the network, but devices and rooms and houses um is the real kind of choice. Point for a bunch of people as well. So uh so I think sorry.

I

And I was just very briefly: gonna say that my my point here was so much was much more about education itself right and if you think that teaching is, if you, if we believe that the value here of education is, is dumping, information down into a student then sure we managed it. But that's what I'm talking about as values like we are facilitating some things, but I don't think we are clear about exactly what it is that we should be facilitating and if we are facilitating the things that we want to be.

I

This is really a question about values, about intent and that's a much higher level conversation. We are building a. We are building technology, which is amplifying intent, whether we want to or whether we like it or not, but I think as engineers we try to walk away from intent and simply say: well, all I'm doing is building this security piece or this bandwidth piece or whatever it is. But we are the ones building this technology. We are the ones who are amplifying these that we are implementing.

A

Okay,.

P

So um I'm just thinking like about what are the lessons learned from the three sessions that we had and like going back to bringing like what you started earlier, bringing structure into what did we actually discuss? What did we actually learn from that to my perspective, so there is always like two sides of a coin that these discussions fall into, so um we can take on on one side of the coin. We have the success story that in general, the internet worked very well so right now we are having this meeting here virtual.

P

It's all working we have webcams on. It does a great job so- and this is what we have seen in in some of the talks, then on the other side of the coin, we have a lot of punctual issues, so isolated issues and, for example, oh there was uh congestion at this peering link. Oh, there was an edge cluster, an edge cache cluster of a cdn that got overloaded. Oh, there was like um a certain set of students, didn't have access to like proper bandwidth to consume study material for um their their their online courses.

P

So that's a lot of isolated issues. We have a lot of understanding about these ones, so we saw a lot of data points on this one, and then we have the general perspective on yeah the internet as such, didn't broke down. There's of course, some stuff that we didn't understand quite well from um the perspectives that we have taken so far. So on the general perspective, um we have this interesting discussion about the digital divide, so we saw some data points on the dsl access capacities and how this uh correlates to income regions.

P

This was very interesting, but you know this is clearly something like how the digital divide was being boosted by this whole situation. This is something that we probably don't have like. It's a general aspect that we don't have um a good understanding of on the isolated side, so the other side of the coin.

P

We had lots of discussions about um how we can map all of these isolated issues. Congestion here, um overloaded links there other things how to map this into, like the general perspective, how to create like an abstract and and an abstract view, and that so I think that this is something that we are missing. We can play the same game on what brian said.

P

Did we get lucky, or did we not get lucky so on one side of the coin, I would argue that we didn't get lucky or it wasn't just pure luck, because, like a lot of the changes that we have seen so that you know all the well-equipped isps manage to quickly provision bandwidth and that we, for example, have robots in the meet me rooms of peering facilities and ixps, and so on that you know don't suffer from lockdowns and can still like establish cross connects, that's not like that's like very proper engineering and that helped us a lot.

P

On the other hand, I would say so: that's the other side of the coin. We probably got lucky. You know that these these these traffic changes didn't got to an extreme, so over provisioning um and you know, shifts in the peak times. um They probably saved us quite a lot. So this could have been like way worse, and I would say that on this side we got lucky.

A

Okay, so I think we have uh yarry has like about four slides, um so yeah and we have 20 minutes. So I I suspect, yeah. These four slides could take up uh 20 minutes plus 20 hours, but I.

B

I I would only like to speak for like two or three minutes, um but um can I share instead of you, because I have updates.

A

Oh yeah, okay, sure you can do. I have to do something.

B

I think I'll just press.

A

I share hit, stop sharing. uh I do want to try and get feedback on the form workshop, which itself is an experiment we'll.

B

See an ice cream.

D

Yeah not sharing yet or we're not seeing you sharing.

A

Maybe I can oh, he already has the bubble. I'm.

B

Just I think, maybe that's the problem that you were.

M

You have the sharing bubble, but you're not sharing it.

B

Okay, um well, let's go with steven's uh version, though yeah.

M

It's coming it's coming there. We are.

B

Okay, uh can you hear me? Okay?

B

Yes, um so I I just want to go through this real quick. It's not the summary of the workshop. It's uh my personal summary and and sort of I guess this. This is the uh oliver's uh two sides of the coin. First, so on one hand we had like a reasonably good situation. The internet really worked well.

B

I think we can say that um we also have lots of wonderful data by you all and, of course, others in the world about what actually happened and, as has been reported, there were lots of people and organizations that were very motivated to make sure that stuff actually works and everybody gets gets the thing, and I I think we can also say that the internet actually is is well suited for adapting to these new situations for various reasons.

B

So that's all good, um but the other side of the coin is switch.

B

So the other side of the coin is that um you know. Even if we have some measurements, we can't actually observe everything. It's it's very limited. We can't be basically looking at packets instead of like uh well we're measuring packets and the real measurement, I guess, is like. Did this kit graduate from school as planned? What uh so so, there's a lot of sort of room for for doing more, maybe and trying to understand what the effects of this are.

B

We also have limited means to control traffic like, even if I wanted to you know, have high priority for this verse or something else I couldn't. um We have limited ways for networks and apps to collaborate.

B

We had one type of situation. We could of course argue that in a different situation, the results could differ.

B

We also have this situation that the internet is now far more important for all of us than it was before. uh We also have you know just talked about this digital divide and other societal effects. um So clearly, there's room for making things better. So just because it worked well doesn't mean that we were free to not do anything.

B

We have to make it better, um but of course, there's also like this all these other improvements then, and we, I think we entered some of that discussion today- that um you know security and so forth that we already knew that that we have a huge problem here here and there and uh we need to deal with that uh pandemic or not.

B

um They also wrote this uh to-do list in kind of in two categories like this. What can we do to understand the uh the internet state better, uh better, like distribute your measurement information better?

B

Even you know talking about it in in the society.

B

So you know this is what the internet is doing and it's how it's helping- and this is where we need to improve and so on, and then continuing expanding the coverage of the things that we measure and then also measuring these additional things like experience and the other category is system improvements or ecosystem improvements, and um so it's not just about technical stuff that, like I think, particular, always wants to write an rfc.

B

But um but you know, a lot of this is also like you know: how did the people in the different uh operators talk to each other? Were they able to find each other and so on? That may not be an rfc or technical thing, but it could be a thing that we need to improve, or maybe not maybe it's already perfect, and everybody knows everybody nanook anyway.

B

So what's the problem, um the other side of this is that, like this education, implementation, improvements, security practices, there's a lot of stuff, that's outside standards and may need some work, but then, on the step like technical standards and technology level, we talk about network app collaboration, perhaps at this aggregate level. That was was being mentioned by jana.

B

um Note that I didn't discuss like this dhcp bits or prioritization, because that seemed like almost not not possible. um We've talked about resilience. uh We talked about the potential effects of centralization or consolidation. How that may impact things we? We talked about ddos defense.

B

um That was part of the reason that I said earlier that we should look at other things than this current pandemic, because we could have a situation where we're actually being bombarded by by some network attacks, and um that could also be a bad situation. So maybe that that should be part of our toolkit, and you know we're not as good with that as as we map should be, um and then obviously we will need to have resource reservations and full control by the authorities, because otherwise nothing will work correctly, and this is a joke.

B

We didn't get that um anyway, so that that was my piece and hold on stop talking now. Maybe even stop sharing. Unless people have questions on.

B

This.

A

So I think I'm sharing my screen now does that does that become visible to people? Yes, great? Okay, uh so we have we're around like the last ten minutes. So um I guess we'll take two things together.

A

If people have stuff that hasn't been mentioned already, that might or actions that are pretty concrete, um we can list a couple of those and, if there's any feedback on the format, because again I I think that's useful, because it's the first time we've done this kind of thing so input, please and again just join the queue if it turns into needing a queue and if you're the first one just start to start talking.

E

Well uh jared here, I I just wanted to comment briefly. I I think this. This worked out reasonably well uh for a format, especially having it distributed over three days. I think helped make it. uh You know a lot easier to to pay attention.

E

uh I'm also wondering out loud as some as I'm reading news of further lockdowns.

E

Whether or not you know this, maybe is something we revisit in a few months as well, but I I think the format worked relatively well and I'm very happy with the participation that we had.

A

Christy and then andrew and brian, so christy.

G

Yeah, thank you and just on the format. I thought it was uh good to have it over three days to have short sessions, um appreciated the break in the middle as well. I think um it would have been helpful to have slides and a bit more notice of time. um I don't know how everyone else found scheduling this quite quite quickly, but uh it was. It was difficult, um it's good to have it near its as well, where my brain is like in that sort of space, um but yeah. Thank you for running it.

G

I know it's difficult to collate and bring.

K

People.

G

Together when they're all distributed working, but no I thought overall, it was. It was good just a few things for improvement. Thank you.

C

And put following on on the positivity first, I completely agree with everything because he just said um pretty much. I particularly agree actually doing it over three days with with a day's gap in between was useful for reflection and so something that that was especially uh helpful.

C

um I'm also uh extremely relieved that jason has remained positive um because he's confirmed that in the chat. So I think that's an amazing achievement that should be noted um and then finally, on on the other column, on on the actions, I I think is just worth posing. The question: is the direction of travel of resilience of the internet uh going up or down my personal contention?

C

Is it's going down, but I think that that's something which needs paying attention to and I don't know if there's any way, any metric that could be constructed to to measure that over time. But I think it will be a good thing to try.

A

Brian.

D

Yeah, so I'm a gigantic fan of this format as well, especially with the days off in between. Although I I would like to hear feedback on the format from somebody in uh pst, so utc minus seven, um because I suspect that waking up that early in the morning three days in a row is just for three days, not in a row like sort of just messes up your whole sleep schedule.

D

I also notice that we don't have any australians on the call, as I um as I see so maybe there's like some selection bias on how awesome uh this particular time was um with respect to resilience going up and down. I think we could have an entire other workshop on that uh plus one two.

D

I forget who it was uh uh jared. I think on revisiting this. You know we're going back on a lockdown or we're going back into we're. Gonna have a winter revisiting this in the spring and seeing how the internet did. I think revisiting later I'd like to spend a little bit less time on the the infrastructure unless the infrastructure just like happens to blow up, um which I don't think it will um and a little bit more time on jonah's questions right like so.

D

The internet is good at amplifying the things the internet is good at amplifying, and we've done a really good job of making sure we can keep doing that, um and I think that sort of next you know by the next time we go through one of these experiences we'll have more information, or at least anecdotes about.

D

What's um uh you know what it's good at? What it's bad at or more information anecdotes about sort of what the societal impacts are and I'd like to dig into those a little bit more might need a slightly different guest list. But um please put me on it.

A

Okay, the queue is currently empty. um I guess I have another question: is you know if which I typed in the chat? If, if the iab or somebody's organizing a workshop like this in future after we can all travel again, what bits of this format should we try keep, or should we just go right back to all traveling to switzerland and having cheese and funny ways.

K

Ben I actually cued myself before you asked that question, but I think I can address that a bit too.

K

I like the three-day format, and the thing I particularly like about the three-day format, is that it gives people time to think about what was said one day before you come back for another day and if we were doing it in person, the three-day format might be harder with that extra time uh and if there was some way to preserve that, you know the ability to go back and conjugate and maybe have side conversations and then come back to the subject the next day.

K

I think it would be good. um I put myself in the cube actually to say that I like the three-day format, but I want to have a push a counter opinion about doing it right before the itf, and this may just be me.

K

But what I've got happening this week is several different activities, they're all trying to get a lot of work in because they all know I'm not available next week and it's not so much that they contend for specific time or time slots, but they're happening across different time zones.

K

So you know I've got this being moderately early morning, other things that are late night, then suddenly it's going to be kind of like next week, where there's no period where one can get a full night of sleep in and that was exaggerated by the you know being right before the atf. But I understand other people like to do all their itf thinking kind of in a in a period of time together and it helps them. So it worked both ways.

A

uh Murya, I think, unless I miss somebody in which case.

M

Apologies um yeah. I agree. I think that the big value of this three-day format was that we actually had some time in the meantime to chat and discuss and so on. So maybe we can go for some hybrid format. We have some online discussion first and then maybe meet in person for dinner or whatever I don't know it's. It's also missing a little bit the side, conversations and the coping products um about uh actions or conclusions.

M

So I'm I um I think I even say I read the papers and and these kind of things I think I learned a lot about um really understanding the situation a little bit better and how things happen, what work well and so on. I'm not sure I got a lot of actions out of that, and maybe I have to review the minutes we've been taking, but maybe the main point really about this workshop is just to document what we've learned. So we get like a common understanding.

M

What happened or we can can just you know, have a increase, our understanding about how the internet.

M

Works.

J

Robin okay, this romy, uh in fact I'm okay with the format of this. The workshop, though this is a little harder, because this is a little late, but it is also very exciting to discuss it with everyone.

J

But you know this regarding these actions and conclusions, I think, from my own point of view, I think in this process. I I I have one. This point I think is important is the automation, because you know that, because we talked about some time there's the uh the experience of the user is not good in the in the process of the code with the knight team. But I want to know this, how our the application and the network respond to this the to this uh to this, and uh how long will it take?

J

Because this is also an important performance of our network under the application, but but but it seems that we always talk about the internet. Capacity is okay, but from my point of view, maybe the automation of the network adjustment user can also be taken into account.

J

That's my.

J

Point.

A

Okay, so I've tried to capture that robin that we can correct it later if I further wrong, which I might have done- uh okay, we're kind of at three minutes to the hour. um I basically I I guess I just like to say thanks to everybody, for turning up for the really interesting discussions uh I will know we will try to uh copy the all the text from the pad without deleting it first um that'll be good um and produce a workshop report.

A

um That'll, be, I guess, done on the in the gate. Repo maria, I think, has created a template or a draft initial draft, um and I think that's it unless anybody else from the program committee wants to also say thanks for turning up or something similar.

M

Maybe note on the on the report, so I already um also created some sections for the measurement part, so if those people who presented want to actually put some sentences there, that would be very welcome. Otherwise, other input is also welcome, of course, and with that also thank you for my site. I really enjoyed it. Thank you for everybody engaging so nicely providing slides kind of last minute, like.

A

Okay thanks and we're finishing right on time, so I hope to actually see all you guys sometimes soonish over food and beverages.

A

Although I also like this format, it's much better to actually meet really face-to-face, but hopefully we'll do that in the not too distant, and I think with that, let's kind of you know close proceedings and go to the bar whatever your nearest bar is.

A

Thank you.

A

Thank you. Stephen thanks.

E

Thanks thanks, if you're the last one somebody.

A

But I will okay. Maybe you told me to copy that I'll. Try.

M

You can stop the.

M

Recording.