►
From YouTube: IETF115-RTGWG-20221109-1500
Description
RTGWG meeting session at IETF115
2022/11/09 1500
https://datatracker.ietf.org/meeting/115/proceedings/
B
B
B
Ipr
disclosures
we've
got
a
routing
working
specific
process.
We
require
you
to
disclose
APR
before
document
get
adopted
by
the
working
group.
We
require
you
to
declare
IPR
before
document
can
go
in
towards
your
plus
call.
Unless
all
authors
and
contributors
have
declared
explicit
their
IPR
document
is
not
going
to
progress.
Please
make
sure
you
do
so.
B
We
haven't
had
any
adopted
working
group
document
between
two
atfs
existing
documents:
the
young
crib
extended.
We
closed
working
group
loss
calls
and
Shepherd
right
up
has
been
uploaded,
so
we
are
waiting
for
80
to
review
document.
Bgp
Peak
commands
yet
to
be
addressed.
Atn
bgp,
there's
some
reviews
been
done.
It's
a
long
document.
We
expect
to
progress
at
some
point
and
there's
also
related.
Routers
are
probably
since
six
men
TI
LFA
Stewart.
Do
you
want
to
say
a
few
words
and
thank
you
again
for
doing
this.
C
All
right,
sir,
well
I
apologize
to
the
working
group
which
has
taken
such
a
long
time
to
get
there,
but
had
a
very
productive
meeting
with
the
author
team
before
short
earlier
this
afternoon
and
I
believe
we've
got
a
way
forward
with
the
last
remaining
issues.
So
hopefully
this
will
soon
be
with
the
isg.
B
B
Agenda
for
tomorrow's
meeting
and
we
are
going
to
have
guests
from
sitcom.
We
are
going
to
get
the
best
paper
award
presentation
and
again
busy
day
and
we
are
ready
for
the
presenter
to
come.
Please
do
take
a
look
at
Wiki.
We
are
start
to
populate
data
there
and
all
additional
information
will
be
hosted
in
Wiki.
D
E
E
E
We
have
also
added
the
security
considerations.
Also,
there
had
been
lot
of
young
doctor
comments
on
regarding
the
difference
filters
and
how
they
operate
or
connect
with
each
other.
We
have
given
an
example
in
appendix
T
and
in
the
next
slide.
I
will
be
presenting
or
including
how
they
are
correlated
and
will
be
pretty
clear
from
there
that
how
the
different
filter
correlates,
with
each
other,
to
create
classifiers
and
in
the
policy
model.
How
the
inline
filters
are
included
to
create
the
policy.
E
E
E
So
in
this
particular
example,
if
we
we
can
see
that
we
have
included
two
filters.
One
is
of
the
type
dscp
other
is
of
the
type
Source
port,
and
if
we
look
into
the
dscp
filter
there
is
a
logical
not
as
true
what
does
that
mean.
That
means
that
whatever
parameter,
which
is
defined
under
the
DHCP
filter,
it
will
be
the
knot
of
that.
So,
for
example,
in
this
particular
example,
if
the
dscp
value
is
11
to
13,
that
means
and
The
Logical
not
is
true.
E
E
Similarly,
for
the
source
Port,
we
have
multiple
range
values.
In
this
particular
example,
we
have
Source
put
range
from
10
000
to
10
300
and
17
500
to
90
800.
That
means
incoming
packet.
If
it
has
Source
put
range
inside
in
these
two
particular
ranges,
then
it
will
be
classified
to
that
particular
filter.
E
So
if
we
look
overall,
classifier
example,
which
we
have
presented
here,
that
means
an
incoming
packet
which
is
coming
has
to
match
to
all
the
filters
which
are
defined
here
and
the
source
Port
value
will
must
be
in
this
particular
range
and
for
DHCP
value.
It
will
be
the
reverse
of
the
range.
Now
there
had
been
lot
of
confusion,
a
lot
of
young
dot
comments
regarding
this
one.
E
Similarly,
this
is
policy
configuration
example,
and
in
this
particular
example,
the
policy
name
is
my
policy,
and
if
we
look
further
down
it
has
an
inline
container.
Now
that
inline
container
means
that
the
configuration
parameter
has
to
be
defined
in
line
into
the
classifier
itself.
Now,
if
we
look
into
the
various
vendor
implementations,
we
will
typically
see
that
a
classifier
has
been
defined
as
a
template
or
has
been
defined
as
inline.
Now
it
also
depend
on
customer
requirements.
E
It's
a
simple
mechanism
to
configuration
of
a
Qs
policy,
so
it
may
depend
on
a
customer
requirement
number
one
number
two
also
for
vendors.
Typically,
they
support
one
or
two
format
or
even
both.
But
essentially,
if
you
look
into
this
example
in
this
video
example,
the
con
the
classification
parameter
defined
in
line
for
the
DSP
value,
which
is
in
the
range
of
21
to
22.
E
And
if
you
look
into
the
action,
it's
a
marking
down
action
from
2122
range
to
23
range,
to
23
value
so
and
so
for
vendors
to
implement
this.
They
may
take
this
inline
parameters
and
convert
into
their
internal
template
implementation,
or
they
can,
if
they
have
a
template,
configuration
here
instead
of
inline,
and
they
are
referring
the
classifier
as
a
template.
And
if
vendors
don't
support
that,
then
they
can
take
the
classifier
template
parameters
and
convert
into
the
inline
in
their
internal
implementation.
E
B
E
I
I
We've
got
available
comments
from
AC,
so
in
this
current
version
we
just
all
the
comments
received.
Basically,
we
remove
one
optional
subtr
V
under
some
editorial
changes.
So
that's
the
main
updates
to
this
current
version.
So
next
page,
so
we
would
like
to
have
ask
for
a
working
Math
course.
Any
comments
welcome.
Thank
you.
J
I
I
H
H
This
is
a
on
the
VPN
library
to
provide
some
protection
solution,
so
maybe
quite
more
will
give
more
his
understanding,
yeah
and
the
the
basic
idea
is
that
we
introduced
to
new
item
the
first
one
is
a
backup
seat
which
will
be
put
on
the
top
of
the
city
list,
and
the
second
item
is
a
new
flavor.
We
call
that
Panama
segment
decapsulation
liver,
which
indicated,
as
are
the
sixth
parameter
segment,
the
capital
lesion
processing.
H
H
To
the
primary
note
or
the
backup
node,
the
flavor
will
be
applied
to
some
represented,
such
as
the
and
Dot
dt4
and
Dot
DTS,
six
and
so
on.
We
just
needed
some
minus
engine
to
the
side.
The
side
to
code
of
the
Ice
Age
processing,
which
defined
the
FC
8986,
as
shown
in
this
page
sub
condition,
will
be
added
to
s02
line.
H
H
H
H
So
here
is
the
example.
We
will
ignore
that
and
compared
to
the
previous
version
is
instructor.
We
introduce
the
PSD
flavor
to
indicate
the
not
made
segment
to
remove
the
encapsulation
directly
and
we
also
changes
the
position
of
the
backup
seat
instead
of
the
bottom
of
the
seed
list.
In
this
version
we
put
it
on
the
top
of
the
zip
list.
L
L
H
L
H
I
Yeah,
so
I
just
want
to
explain
the
difference
between
the
two
equal
protections,
so
this
one.
My
answer
is
that
this
is
a
for
VPN
some
kind
of
surface
protection,
so
in
order
to
provide
this
equals
protection.
So
on
the
backup
equation,
node,
we
need
a
configure
the
backup
seat
so
that
backup
seat
sell
the
same
space
in
the
back
cover
note
right
and
then
the
behavior
of
that
state
should
be
mirror
or
stem
or
similar
to
the
seat
on
the
on
the
primary
equation.
Node.
I
So
we
don't
need
a
configuration
on
the
bicar
for
the
equation
node,
so
we
use
a
mirror
sheet
as
a
context
and
then
all
the
behavior
of
that
seed
on
the
primary
equals
node.
We
just
Barrel
to
the
context
node
of
a
primer
node,
and
then
we
use
data
table
to
forward
for
the
the
package
to
the
destinations.
So
that
means
it's,
so
it's
different
from
different
approaches.
Why
is
this
focus
on
Surface
and
why
is
for
normal
protections.
H
B
B
G
G
H
H
G
H
B
H
G
A
H
J
This
slide
talks
about
yeah.
This
slide
talks
about
penultimate
node.
Now,
when
you
say
penultimate
here
in
this
example,
the
SRH
has
A2
colon
colon
1..
So
did
you
mean
the
penultimate
endpoint,
because
that
could
be
several
hops
away
or
it
could
even
be
the
Ingress
P
when
there
is
no
SRH
right.
So
how
does
this
work?
How
does
this
egress
protection
mechanism
work
when
the
penultimate
segment
endpoint
is
several
hops
away?.
J
J
So
a
second,
so
please
see
or
work
out
how
this
works.
Second
thing
is:
how
does
okay,
let's
say
it
is
P2
and
it
detects
that
P1
node
P3
node
is
down
right
now,
P3
node
is
down.
How
does
it
know
that
that
particular
Behavior
was
an
N
dot
DT
with
PSD,
because
pe3
is
in
the
overlay,
but
P2
is
a
underlay
node.
How
would
it
learn
that
the
next
seed
is
now
this
flavor
and
that
it
should
do
this?
J
J
J
J
J
J
B
B
I
First
of
all,
we
thank
all
will
give
us
a
comments
and
suggestions,
so
I
suggested
we
present
this
draft
in
the
spring
group
and
the
way
I
will
also
the
initiate
the
discussions
in
six
month
mainly
needs.
So
basically,
we
focus
on
transun
node
as
a
Repel
node,
which
cannot
change
a
second
loading
header.
I
I
I
I
I
Not
to
change
the
SR
SRH
header
just
change.
The
second
left
this
one
right
now,
because
we
have
a
segment
list
so
when
one
node
fails
so
the
under
pointer,
node,
abstract
and
anywhere
so
in
private
hope,
and
then
that
node
nodes
or
this
one
failed,
not
reachable.
We
just
pop
up
that
one,
the
document
that
the
segment
left
and
then
we
go
to
the
left
next
one
right.
So
there's
a
very
simple
change:
there's
no,
no
is
not
finite.
Rfc
8200
is
simple
change.
It's
almost
the
same
as
same
routing.
I
A
I
Well,
that
one
yeah
that's
a
good
question,
so
in
fact
that's
the
after
IDP
convergence,
after
igb
conversion
conversion,
so
we
use
a
DOTA.
We
use
the
endpoint
under
Point
seats,
so
we
go
go
along
the
shorter
path
of
igp
after
IDP
convergence
right.
So
that's
the
solution.
So
the
student
have
a
loop
because
I
have
like
igb
convergence
that
it
works.
A.
I
One
stage
is
that
before
IDP
convergence,
so
before
igp
converges
and
then
the
package
will
deliver
to
the
adjacent
node
of
data
fail
node
right,
because
why
not
failed
igp
is
not
converging.
So
the
14
table
on
Evernote
still
think
that
node
is
not
failed
right.
Only
the
Json
node
node.
That's
not
failed
because
it
has
a
PFD
detection,
whatever
Fast
Direct
detections,
so
that
adjacent
node
will
do
TI,
LFA,
whatever
frr,
so
that
data
education,
node
fastfully,
detect
the
failure
of
that
guy
and
then
get
around
that
failed
note
such
as
before
igb
convergence.
I
I
L
Yeah
I
couldn't
put
my
hand
up
on
the
tool
because
the
Network's
not
working
in
here
for
me
right
now,
but
during
Duke
Cisco
Systems
I,
don't
think
that
particular
change
was
discussed
on
any
mailing
list,
because,
if
you
say
you're,
just
gonna
ignore
the
next
segment
and
decrement
segment
list
without
carrying
what
it
was
you're
just
going
to
break
it.
You
can't
do
that.
I
M
I
B
So
you,
the
update,
is
a
draft
and
you
assume
that
the
update
has
addressed
the
commands
right,
but
you
actually
didn't
get
any
confirmations
that
people
are
happy
with
new
changes
right.
So
I
would
really
advise
you
to
send
another
email
to
spring
with
the
updated
version
of
the
draft
and
explicitly
ask
whether
people
are
okay
with
it.
I
J
Again,
it's
kind
of
the
same
first
question
that
I
asked
previously.
There
seems
to
be
an
assumption
that
with
srv6
that
the
penultimate
or
the
previous
segment
endpoint
node
is
directly
connected
to
the
next
segment
endpoint
node,
so
that
it
can
detect.
You
know
a
failure
as
a
in
a
tlfa
or
a
local
thing.
J
I
I
B
I
The
difference,
so
is
the
case
whether
in
case
of
the
node
and
the
pointer,
node
Direct
Connect,
it's
just
a
fair
note.
Also
the
Enterprise
node
is
away
to
the
fair
note.
Those
are
work
because
the
independent
node
after
igp
convergence
knows
that
I
cannot
reach
the
further
node
right,
because
that
note
is
done.
I
did
be
converged
after
this,
and
the
pointer
note
notes
that
I
cannot
reach
the
third
note.
I
will
put
half
the
seat
for
that
fail
to
note
and
then
the
likes.
I
I
I
J
I
Yeah
I
think
this
idea
also
will
present
in
the
NASA
ITF.
We
have
a
picture
there
and
then
these
two
cases
that
I
present
there
are
you
know
because
that's
it
will
print
in
the
spring
and
then
after
that
prison
here
somewhere,
as
your
question
can
present
again
in
the
spring.
Whatever
the
more
comments,
that's
okay,.
B
I
B
K
K
K
In
the
IPv6,
header
also
can
be
used
to
support
the
same
key
and,
of
course,
the
zip
code
to
extension,
based
on
the
existing
format,
some
actually
tunnels,
such
as
have
their
own
headers.
If
these
tunnels
need
to
support
new
features
over
the
ip6
they
will,
they
will
face
the
challenge
of
the
choice
between
reducing
the
IP
resistance,
IPv6
information
for
this
in
future,
based
on
the
IPv6
extension
header
and
Define,
a
new
extension
based
on
their
own
header.
K
So
they
have
two
problems.
The
first
is:
if
the
tonal
header
extended,
it
will
be
returning
with
the
execution
IPv6
in
Evolution,
for
the
new
feature
is
on
the
ipv63
header
and
the
second
is
for
some
existing
funnels
as
a
tune
to
have
their
own
other,
so
they
have
to
use
the
IPv6
in
calculation
for
these
new
features
based
on
IPv6
header,
so
extensions
need
to
be
redefined
in
the
IPv6
extension
header.
As
a
result,
the
extension
May
differ
from
that
of
the
IP
tunnels,
which
have
their
own
header.
Okay.
Next.
K
So
we
Define,
we
defined
a
new
tunnels
called
the
generalized
IPv6
tonal,
and
the
tunnel
is
defined
to
use
the
IPv6
header
and
rb6
extension
handle
to
sort
both
acquisition
applications
function
and
the
new
features
under
the
cavaliation
completely.
The
party
has
the
following
format:
okay,
with
any
V6
header
and
ipv16
extensions.
K
K
The
function
of
the
UDP
is
replaced
by
the
flow
label
of
the
IPv6
header
in
the
grp6
tunnel
to
ensure
capability.
The
value
of
the
flow
level
cap
calculated
for
the
powers
of
zmp
should
be
the
same
as
that
of
the
source
Port
of
UDP
until
the
definition
of
the
main
option
is
defined,
and
this
includes
the
big
Baseline
had
the
information
and
the
option
must
only
encapsulate
in
the
destination
option.
Header.
K
It's
a
p
function
is
complex,
complex
and
the
vasopodium
performance.
Intro
pay
level
is
used
for
the
example
at
the
bottom
of
the
legal
stance.
So
we
information
how
to
be
passed
for
the
purpose
of
the
SMP
and
that's
so
when
you
use
the
grp6
tunnel
for
an
foreign
we
can
have
the
volume
the
first
is.
Social
address
can
be
used
to
form
a
source
identification
and
the
next
is
the
IPv6.
Network
header
can
increase
the
payload
time
and
third
is
the
IPv6
flow
labels?
K
K
Okay,
so
we
have
two
type
of
Ms
idea,
and
here
is
the
faster
and
faster.
We
have
two
actions
one
is
to
pop
and
one
swap
it
would
pop
up
with
just
the
shift.
The
the
picture
open
that
underfo
the
tab.
Two
I'm
here
see
them
and
we
use
the
IPv6
using
Hydra
and
so
use
the
Lego
stack.
Also,
we
Define
the
procedure.
It
depends
to
home
house
multiple
labels
in
composition,
the
phone
this
is
also
the
same
as
and
the
type
2
is
used
as
a
segment
as
a
June
header.
K
After
all,
the
label
in
pollution
in
the
IPv6
definition
address
are
housing,
so
maybe
it's
the
first
label
interpolation
in
the
second
indicates
SL
of
the
IH
will
be
processed.
Something
else
so
also
have
some
control
plan
consideration.
The
first
is
exiting
I'm.
Health
control
plan
doesn't
need
to
be
changed,
so
I'm
has
a
label
on
the
control
plan
can
still
be
destroyed
for
IPv6
I.
Believe
four
and
R2
next.
K
Okay,
so
let's
use
some
requirements
of
the
grpv6
terminal
and
Suppose.
There
had
two
problems:
the
con,
firstly,
is
the
country,
many
new
features,
I
imagine
and
the
cost
between
interpolation
over
the
IPv6
and
has
defined,
and
the
second
is
in
the
process
of
deployment
of
this
new
future,
because
Network
demands
have
different
capabilities
of
Apex
detention,
header,
so
the
following
issue:
maybe
okay?
Maybe
you
can
you
can
check
this
okay?
K
So
we
have
some
some
new
comments.
The
first
is
the
way
to
advertise
the
community
and
maybe
the
two
different
ways.
One
is
use
the
RDP
sphere
and
the
next
is
use
the
controller
so
PCS
and
the
next
time
young
may
be
used
and
the
interest
we
mean.
So
the
paths
can,
of
course
most
to
me.
So
we
we
this
time
we
can
use
a
TPU
to
support
this.
K
N
N
N
L
B
Yeah,
so
there's
a
set
of
requirements
and
usually
requirements
are
there
because
someone
requires
them
I'm
yet
to
hear
from
NVR
people.
They
are
unhappy
with
the
transports
layer
used
for
loud
sharing
or
load
balancing
it's.
You
know
there
are
billions
of
endpoints
during
the
summer
ip6
today
and
they're
using
UDP,
so
the
cost
of
implementation.
What
you're
proposing
is
enormous
and
benefits
are
absolutely
clear.
Whole
use
of
flow
level
for
load
sharing,
is,
you
know,
toxic
topic,
so
in
general,
I
mean
I
understand
what
you're
trying
to
do.
B
A
B
O
The
long
road
to
the
mic,
AC
land
of
Cisco,
Systems
I,
think
this
is
interesting-
that
you've
taken
like
a
green
field
and
mapped
all
these
existing
end
caps
to
IPv6
around
hampers,
and
it
was
a
nice
it's
a
nice
exercise.
It
would
be
a
nice
like
research
paper,
but
given
how
long
all
these
things
have
evolved
and
been
deployed
and
where
they
are,
it's
something
I
mean
it'll,
never
see
the
light
of
day.
I
can
tell
you
that
right
now,
so
you're
just
spending
a
lot
of
time,
especially
with
the
scope.
O
You
know
it
might
be.
If,
if
you
hadn't
I'm,
not
saying
you
do,
but
if
you
had
an
end
cap
that
tried
to
replace
those
that
would
be
one
rather
than
mapping
every
one
of
them
and
you
still
have
all
the
different
cases,
because
you
really
haven't
gotten
rid
of
you
know
you
haven't,
got
rid
of
genev
or
mpls
or
anything
else.
You
just
mapped
them
and
it's
you
know
like
I,
said
well,
it's
kind
of
nice
to
do
a
green
field.
It's
not
it's
just
never
going
to
happen.
K
B
B
A
D
So
this
is
kind
of
just
an
evolution
that
we've
had
it's
probably
too
experimental
and
forward-thinking
for
IDR,
Sue
and
insiders.
So
we're
just
going
to
start
here
and
see
and
see
where
it
goes,
and
we
probably
could
have
changed.
We
could
probably
could
have
called
it
append
only
ledgers
for
bgp,
but
blockchain's,
much
more
provocative
and
gets
people
upset.
So
we're
going
to
just
go
for
this.
D
D
So
just
want
to
make
sure
that
everybody's
clear
as
possible
on
ways
that
something
like
a
blockchain
could
be
used
for
a
routing
protocol
like
bgp,
although
it
could
be
used
for
probably
any
writing
protocol,
so
a
DCS,
a
distributed
consensus
system
that
uses
something
like
blockchain,
it
doesn't
have
to
be
blockchain
again,
but
a
lot
of
us
are
getting
more
familiar
with
that
could
be
used
out
of
bands.
Something
like
rpki
does
for
bgp
to
to
supplement
existing
bgp
management,
but
perhaps
by
using
smart
contracts.
D
So
smart
contracts
are
if
then,
programs
that
are
stored
on
blockchains
to
run
when
predetermined
conditions
are
met
so
like.
If
Bob
signs
a
document
and
that's
sent
to
the
blockchain,
then
the
smart
contract
would
initiate
payment
or
a
transfer
of
a
particular
asset,
so
automate
automates
those
those
agreements.
D
It
could
be
something
as
simple
as
using
blockchain
to
securely
store,
config
files
or
row,
as
maybe
the
irrs
could
use
blockchain
to
store
these
and
before
they
distribute
the
the
row
as
and
we
we
dealt
with
that
in
in
the
draft
as
well.
Tools
do
exist
to
do
this
today,
but
a
blockchain
does
have
potential
advantages
in
that
it's
transparent,
it's
immutable,
it's
secure,
it
could
be
used
globally
or
within
the
domain.
So
that's
kind
of
cutting
the
chase
that
just
kind
of
gives
you
overview.
D
So
there's
as
I
mentioned
a
variety
proposals
that
have
been
happening
for
those
of
you
that
may
just
despise
talking
about
blockchain
and
the
ITF,
it
is
starting
to
infiltrate
the
IHF.
There
are
some
potential
working
groups,
one
involving
a
secure
asset
transfer
between
blockchains
being
able
to
provide
interoperability
between
blockchains.
D
So
there
are
proposals
happening,
we've
received,
as
I
said,
questions
about
how
DLT
in
networking
could
be
handled,
and
so
we've
we've
been
discussing
that
in
some
other
forums
we
did
hold
a
side
meeting
to
discuss
this
a
couple
High
tips
ago.
This
ITF
there
was
a
networking
in
metaverse
side
meeting
and
blockchain
and
metaverse
work
hand
in
hand.
So
you
can
know
who
owns
what
in
some
sort
of
a
metaverse.
D
This
is
just
an
informational
draft.
It's
not
an
endorsement
and
we're
not
again
asking
for
anything,
except
for
advice
as
to
whether
this
is
something
that
we
should
be
working
on
in
this
working
group
or
elsewhere,
and
it
ends
it
asks
the
question:
is
it
possible
to
use
a
distributed
consensus
system
like
blockchain
to
manage
bgp?
And
the
answer
is
yes,
whether
it's
a
good
idea
or
not.
That's
another
question
next
slide.
D
So,
just
let
me
just
fly
through
these,
these
ones,
real,
quick!
If
you
don't,
if
you're
not
familiar
with
the
LTS
just
then
you
just
kind
of
get
it
on
your
own,
but
cryptocurrencies
and
DLCs,
they
don't
care
much
about
the
underlying
provider
Network.
They
just
assume
that
it
works.
They
have
their
own
peer-to-peer
networking.
D
You
know
with
a
pool
of
Transport
layer
connections
and
they've
done
a
pretty
good
job
of
securing
their
application
next
slide
there.
This
is
what
basically,
their
view
of
it
is
is
that
they
have
this
peer-to-peer
network
with
many
nodes.
Sometimes
it's
millions
of
nodes
in
the
case
of
the
global
blockchain
that
are
very
verifying
transactions
and
executing
smart
contracts
and
things,
and
it
just
runs
over
this
IP
network
next
slide.
D
This
is
the
architecture
that,
within
the
IEEE
anyway,
that
we've
kind
of
been
using
in
most
of
the
the
groups
where
you
have
your
session
layer,
whether
transactions
and
blocks
are
being
created
above
that
is
a
consensus
layer
where
you're
either
either
using
proof
of
work
or
proof
of
stake
to
create
these
blocks
and
the
transactions
that
are
in
these
blocks
and
then
the
contract,
layer
and
application
protocol
layer
in
the
application
layer.
Next
slide.
D
On
my
flight
over
here,
I,
listen
to
a
podcast,
which
I
think
is
one
of
the
best
podcasts
out
there.
My
only
argument
is
that
they
should
have
more
of
them,
but
it's
Leslie
daigle's
consequences,
and
this
last
one
that
they
had,
which
was
on
cyber
criminal
gangs.
At
the
end
of
it
they
start
talking
about
using
blockchain,
and
so
my
ears
picked
up
about
how
Maybe
you
know.
Criminals
have
their
own
ecosystem.
D
It'll
make
the
bad
guys
expend
more
effort
than
perhaps
intelligence
gained,
and
the
whole
idea
of
blockchain
is
to
make
it
publicly
visible,
and
perhaps
we
can
use
that
to
our
advantage
looks
like
you
could
use
regular
database
like
a
SQL
or
nosql
database
to
do
these
kind
of
things.
But
these
are
some
of
the
potential
drawbacks
that
they
are
controlled
by
administrator.
They
are
a
client
server
in
nature
that
malicious
actors
can
more
easily
alter
the
data
than
you
could
on
a
blockchain
administrator
decides,
which
date
is
accessible
and
visible.
D
D
There's
a
lot
of
opportunities
outside
of
using
for
bgp,
including
trusting
capture
packet
datas.
If
you're
capturing
data
from
your
network,
you
can
maybe
store
that
on
a
blockchain,
because
you
may
trust
that
more
and
a
variety
of
other
opportunities
as
well.
Dino
has
worked
on
this
with
regards
to
lisp.
He
worked
with
the
Nexus
community
and
he
used
the
lisp
to
help
DLT
applications
Define
the
best
nodes.
D
Okay,
I'm
gonna
skip
this
one
go
to
the
very
last
one.
So
how
about
just
look
at
that
last
that
diagram
right
there
and
I'll
stand
on
this.
It's
a
kind
of
very
similar
to
rpki.
You
could
have
bgp
clients
that
are
also
utilizing
a
distributed
consensus
system
which
may
have
a
bgp
block
table
in
there,
including
smart
contracts
that
they
look
to
before
they
act
on
certain
things.
It's
kind
of
similar
to
using
rpki.
It
could
be
replacement
for
rppi
or
an
addendum
to
it.
M
I'm
putter,
so
a
fundamental
aspect
of
blockchains
is
that
you
have
proof
of
work
in
some
form,
which
can
be
proof
of
CPU
usage,
proof
of
storage,
proof
of
stake
the
way
or
the
actually
only
way
I
can
see
this
being
useful
is,
if
you
have
proof
of
network
ownership,
of
something
where
that
something
could
be
addresses
or
an
ASM.
Are
you
actively
looking
into
making
that
the
base
of
the
blockchain,
or
is
that?
Are
you
still
too
early
for
this
or.
P
Jeff
has
hi
to
Eric
here:
user
bgp,
a
protocol
advice
says,
is
very
slow
to
start
with,
and
blockchain
is
not
noted
to
be
fast.
True,
so
for
your
use
cases
having
this
as
part
of
the
protocol,
control
loops
is
probably
not
a
great
thing.
You
know,
I
would
suggest
just
simply
taking
those
use
cases
throwing
them
into
the
fire,
and
you
know
stay
warm
by
that
fair.
D
P
But
bgp
also
is
about
policy
and
policies
about
money
so
places
where
you
know
policy
can
actually,
you
know,
take
things
as
input
to
know
whether
it's
you
know,
people
agreeing
to
you
know
announce
this
route
after
you've
paid
your
bill
and
your
bills
registered
in
a
blockchain.
You
know
something
like
that.
That's
a
reasonable
thing.
People
wanting
to
actually
have
their
address
delegation
contracts,
no
move
through
a
blockchain.
Those
way
of
saying
that
they're
transferring
addresses
so
people
like
Heron
and
ripe
at
other
places,
obviously
have
their
own
systems.
P
Maybe
they're
good
targets
for
you
to
have
this
conversation,
but
mostly
look
at
this
as
use
cases
not
as
a
transfer
of
centralized
things
that
have
to
go
through
some
sort
of
delegated
infrastructure.
Pki
makes
sense
for
a
lot
of
what
pgp
does
for
the
things
that
are
more
provided
to
provider
type
relationships.
That's
not
a
bad
thing.
Thanks.
F
Be
quick,
okay,
I'll
be
very
quick,
so
I'm
just
going
to
respond
to
your
point.
He
didn't
say
he
was
going
to
use
bgp
and
have
the
rib
B
in
blockchain,
because
thank
you
for
not
doing
that
because
it
is,
but
it
could
be
used
for
administrative
things
and
I
was
going
to
ask.
The
same
question
is
if
this
would
could
be
a
good
thing
to
prove
ownership
of
address
prefix
that
have
been
allocated
by
the
Registries.
That
would
have
some
really
good
use
yeah.
Thank
you
all
right.
B
B
Q
G
Q
So
there
we
there
were
two
events
where
we
presented
sign.
There
was
a
side
meeting
about
sign
where
we
gave
introduction,
and
we
asked
you
for
input,
suggestions
about
design,
ietf
strategy
and
I
was
also
a
sign
presentation,
a
very
high
level
overview
of
the
routing
area
open
meeting,
and
then
we
got
a
lot
of
feedback.
We
realized
there
is
also
interest,
but
people
told
us
sign
is
really
a
very
big
system
and
the
ietf
is
not
really
good
at
the
existence
but
more
at
small
components.
Q
So
that's
we
got
the
advice
to
try
to
break
sign
down
in
smaller
junks
and
that's
what
we
started
to
do
or
try
to
do
next
slide,
please.
So
what
did
we
do
so
far?
We
have
written
and
published
three
internet
rest.
One
is
a
sign
overview
drafts
here
we
try
to
explain,
sign
a
bit
more
in
detail
and
also
a
bit
more
per
core
components
than
the
sine
component.
Q
As
a
base
for
discussion,
we
chose
penergy
because
we
do
not
have
a
home
yet
at
ietf
and
the
Passover
Network
and
research
group
seemed
for
us
the
most
close,
but
we
also
want
to
share
our
work
with
you
with
the
rooting
Area
Community.
So
that's
also
why
I'm
here
next
slide
and
now
I
want
to
very
shortly
give
you
an
idea
what
these
three
address
are
about.
This
sign
overview
draft
discusses
the
motivations
behind
the
design
architecture.
Q
It
gives
a
high
level
overview
of
the
fundamental
components
and
it
concludes
with
an
old
view
of
current
sign
deployments,
because
it
is
not
only
a
salary
but
really
already
in
use
here
is
the
link
to
the
draft.
If
you
want
to
read
it
for
yourself
next
slide,
so
very
short
sign
in
a
nutshell:
a
sign
is
based
a
part
based
interdomain
Network
architecture,
The
Three,
core
components
are
the
control,
pane
PPI,
which
is
working
on
responsible
for
authentication
and
which
builds
the
base
for
the
unique
sign
trust
model.
Q
Q
There
is
an
internet
exchange,
Point
C6,
which
offers
signed
peerings,
and
we
also
there
are
also
customers
working
with
sign,
especially
the
Swiss
financial
institutions,
the
secure
stress,
Financial
Network,
where
the
Swiss
National
Bank,
and
also
this
risk
clearing
Institute
and
the
big
bigger
space
banks
are
working
together,
sharing
their
data
based
on
sign,
also
education
government,
as
well
as
a
healthcare
Network,
then
also
research
networks
having
a
connect
based
on
sign,
and
we
have
the
sign
lab.
This
is
more
like
a
research
test
bet
where
we
can
try
out
new
features.
Q
So
design
component
analysis
is
really
analyzing.
This
core
components
from
a
functionality
perspective.
It
describes
how
that
depends,
and
it
interacts
with
each
other
outputs
properties
provided,
and
it
tries
to
answer
the
questions.
What
are
the
main
components
of
cyan?
Can
they
be
used
independently
and
that
what
existing
Protocols
are
used?
Reuse
extended
or
maybe
why
are
they
not
used?
And
it
briefly
touches
on
the
maturity
level
of
components
and
extensions?
If
you
are
interested
in
this
draft
here
is
the
link?
Okay
very
shortly.
Now
the
this
dependency
graph.
Q
On
top,
we
have
this
control
plane,
public
key
infrastructure,
which
is
responsible
for
the
authentication.
This
gets
us
input,
bootstrapping
information,
among
others,
some
kind
of
trustful
contracts
and
lose
time
sync
and
as
the
outputs
it
it
delivers
a
sign
trust
model
which
I
will
shortly
describe
later
and
authenticated
control
messages.
This
is
the
input
for
the
control
plane
for
the
routing
part
and
then
as
an
outcome.
You
have
this
authenticated
path
segments
which
the
data
plane
uses
to
construct.
Q
These
paths
which
it
puts
in
the
past
header
and
the
the
outcome,
then
in
the
end,
is
secure
into
domain.
Multi-Pass
communication
next
slide.
Please
so,
and
then
our
next
draft
is
more
like
really
a
specification
of
this
control
pen,
PK
I
visit,
which
we
think
is
the
most
independent
part
core
component
of
sign.
It
presents
the
trust,
concept
and
design
of
this
control
plane
pki.
It
provides
a
short
overview
of
the
certificates,
keys
and
the
roles
involved.
Q
It
gives
also
detailed
specifications
of
these
building
blocks
and
it
concludes
with
several
considerations
about
deploying
it
here.
I
can
link
to
the
craft.
Can
you
please
send
a
comment
so
in
here
is
this
trust
model
very
shortly?
It
is
based
on
isolation,
domains
isds.
This
consists
of
a
logical
grouping
of
an
automa
systems
that
share
a
uniform
trust
environment
like,
for
instance,
a
common
jurisdiction.
Q
Each
isolation
domain
is
administered
by
several
core
as
they
compile
the
ISD
core,
and
this
ISD
core
negotiates
this
trust
policy
or
contract,
which
we
call
the
trust,
root,
configuration
so
and
then
the
certification
authorities
in
an
ISD
that
can
only
create
certificates
for
the
autonomous
systems
in
their
own
isolation
domain.
So
you
see
also
the
picture.
These
are
three
isolation
domains.
They
have
the
core
core
ISD
course,
and
each
isolation
domain
has
also
his
own
trust
food
Constructor
configuration
with
the
next
one
please
so
that
was
in
a
very
short,
fast
tempo.
Q
What
we
have
done
so
far
that
we
are
doing
now
is
to
address
the
received
feedback,
and
we
still
welcome
very
much
reviews
and
commands
from
you
based
on
this
feedback.
We
want
to
improve
the
existing
draft
because
they
are
really
the
very
first
versions
of
these
drafts
and
there
is
a
lot
of
room
for
improvements.
Q
Then
we
also
want
to
write
specifications
for
the
other,
two
core
components,
the
control
plane
and
the
data
plane
and
in
the
meantime,
we
keep
coming
to
the
iatf,
share
our
progress
and
source
with
you
and
we
try
to
build
up
yes,
support
and
a
community
and
yeah.
That
was
that
was
it.
Thank
you
for
your
attention
and
if
there
are
questions
or
any
feedback,
please
welcome.
B
Thank
you
for
being
here
and
sharing
what's
going
on
with
sun,
so
I
believe
you
need
to
focus
on
those
things.
One
is
service
specification,
because
if
someone
else
is
interested
in
building
systems
that
can
interrupt
with
your
system,
you
need
to
clear
specify
what
you
are
doing.
An
idea
from
the
right
place
to
do
so.
Number
two
is
potentially
interworking
between
common
internet
run
by
bgps
and
and
immigration
scenarios.
Tunneling
scenarios
how
you
authenticate
non-san
demand
software
yeah
and
thank
you.
Okay,.