Internet Engineering Task Force IETF 115, 9 Nov 2022

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: IETF115-MIMI-20221109-0930

Description

MIMI meeting session at IETF115
2022/11/09 0930

https://datatracker.ietf.org/meeting/115/proceedings/

A

Oh, you can go to the data tracker.

B

Yeah- um and it would just be nice and.

A

If you go under our meetings,.

B

I had a nice, yes,.

B

B

Mimi materials.

C

A

I'll put it back after it's a little easier to face the room tomorrow,.

D

It's kind of like yeah.

A

Yeah, okay, welcome everyone to the more instant messaging interoperability off or Mimi buff. um If that's not the room you're supposed to be in um now, you know.

A

So this is the ietf note, well that outlines the policies governing this meeting if you're not familiar with these policies. Please take a look in particular about contributions of IPR and code of conduct. We are definitely expecting to have a very pleasant and respectful meeting today. So please keep the policies in mind.

A

Next, it's Wednesday, so those who have been here are already familiar with this in terms of the tips for using medecco in in the room for those who are here in the room, please sign in to the Mimi session, either using full meet Echo with audio and video off or the medeco light icon in the data tracker. That's how we're taking attendance today. If you want to speak at any point, please join the Mike queue.

A

That's what we'll use to um to order the contributions from the mic and please use a mask if you're not actively speaking at the microphone and for remote participants um same deal, please join the queue uh and keep your audio and video off unless you're, actively speaking no masks at home.

A

Unless you want to so here's our agenda for today, uh fairly kind of standard boff agenda, we'll bash this agenda and then we'll have Rowan who's going to present the problem statement for Mimi for about 20 minutes, we'll have time for clarifying questions only um at the beginning and then we'll move into discussion of the charter and and the boss questions at the end. And if we get done in time, we can start a little bit of solution.

A

Space discussion there's been a lot of robust contributions on the list and we're happy to use some of that time to to get the solution space discussion going. If we, if we have the time left, um are there any anyone who wants to bash the agenda.

A

Okay, um just just one additional note before we move on, can we go back on this agenda um so in the context of of Mimi uh we're sort of operating with you know, new regulatory requirements, which are one of the drivers for this work, but not the only driver and I just wanted to note that this is not an unfamiliar situation in the ietf.

A

We have a long history of sort of an interaction between things that we develop and the broader regulatory environment, especially in the in the in the Telco space and Telecommunications space, with things like stir and ecrit and so on. um So this is not new for us. um It's. You know something that we've done before and we can. We can think about uh what the regulatory requirements are, but really what we're mostly focused on is developing the best solutions for the internet and its users.

A

Next, um there were a bunch of drafts that were submitted in advance of the boff. We're not going to be doing. You know individual draft presentations today, but if you want to familiarize yourself with what was submitted, um there's a list in the slide and also in the data tracker. If you want to take a look at how people are starting to approach the different topics.

A

um And this is for later, so we can kick it over to Rowan.

E

B

We're getting there so.

E

While we're waiting just out of curiosity, how many people here have read the problem statement draft.

E

F

Good all right so.

E

The way I'm gonna start um sort of organizing the problem statement, topics uh for lack of a better way of doing it, I'm starting sort of from the the highest level of the seven layer stack, not the nine letter stack, but the seven layer stack uh and moving on from there uh I'll also just sort of give a background for anyone who didn't um who didn't read the uh the buff proposal.

E

um So there's them quite a bit of motivation for why we're doing this and many of the questions that I have been asked by people who were not involved had to do with you did this many years ago. Why are you doing this again?

E

So, um okay, the chairs asked me to add one one uh slide with that which hopefully will be non-controversial, and we can move on to the rest of the problem statement.

B

Okay, there's something we will now do this.

B

How about that that work for you, yeah, okay, we'll do it.

G

That way, yeah.

E

Yeah next slide, please.

B

Yeah, it takes longer this way.

E

Okay uh yeah, so today, instant messaging is widespread. uh It's got lots of features it's indent encrypted for the most part and um the experience of trying to figure out how you, how you send an instant message to someone else for the first time is uh pretty pathetic. uh Like oh.

H

E

Signal no, what's up oh yeah wire, no yeah, and then you know you have to have several applications running on on your device and you still might not be able to communicate right away.

E

This lack of interoperability causes a very poor user experience and um so what's different from last time. Well, last time uh instant messaging was still pretty basic, so the feature experience now what's the the sort of common set of features among instant Messengers is is quite robust and uh we didn't have widespread indent encryption before and now there's a lot of external pressure, um for example from the EU digital markets act.

E

In order for us to have interoperability, so we could achieve slowly bit by bit interoperability by just letting individual vendors publish their apis without standardization. But this would this would perpetuate the status quo. We would end up with probably some pretty poor uh user experiences and lots of bugs.

E

So the theory behind Mimi is that having a minimal standardized framework and that allows for interoperability but still allows Innovation and design Decisions by individual clients. That was the goal.

E

Hearing no one screaming, let's start at the top of the stack.

E

So if you are and then encrypting you don't get to use a gateway to change the contents that are end and encrypted it's encrypt once and send and forget you have to send it, and so we have a. We have a number of different uh things that we need to be able to convey in the message format that are quite common across instant messaging systems.

E

For example, we've got both plain text and Rich text messages we have replies. Reactions mentions um editing a message deleting a message: some Services support, expiring messages, read and delivery receipts.

E

Almost everyone has links to attachments images, some videos and some recorded sounds and then finally, many have support for send the sort of initial bootstrap message for starting a either a one-on-one or a one-on-one caller or a uh a conference. An audio or video conference.

E

So um what's important here is that everyone in the group gets the same content from whoever sends content, um so we need at least one kind of common minimal set of formats, but they're likely to be many formats out there. So if there are proprietary formats, you need to be able to uh probably still send those and also send the common format, depending on their circumstances. So you need to communicate which formats are supported which are required and what is actually said.

E

E

The next layer down, we have the actual indent encryption, so we are assuming the use of the messaging layer security protocol MLS, which was developed here at ITF, and it has some properties which are Maybe not obvious to someone who just walks in the room for the first time and takes a look at how do I go and encrypt my messages.

E

So MLS describes two abstract Services, an authentication Service and a distribution service, and these in uh concept of in the context of interoperability. A distribution service is very likely to span multiple administrative domains. So the service isn't running on one server over here and then you have. You know a separate service to talk to the other thing, the the service spans all of the domains that are involved, um and it also does not specify whether a particular function needs to be accomplished in a client or in a server.

E

So the architecture is quite flexible and if you're curious about this for more detail, I encourage you to look at the MLS architecture document linked below uh it describes. What are the decisions that an implementation needs to make about how to uh how? uh How to deliver a compliant uh authentication, Service and in a compliant distribution service, authentication, Services, need to issue credentials and they need to enable a client to verify that credentials that they receive um are uh as they're presented by another client.

E

uh The distribution service is responsible for defining what is the ordering? What are the ordering rules for handshake messages and for routing the MLS messages?

E

We also need a place to store what are called key packages, which is how you, initially, um how you get the keying material to initially communicate with someone, and then there are a bunch of administrative and policy knobs.

E

uh I think you're. In yeah um we we Advanced yeah I doubled. You doubled back.

B

E

Great okay, one more layer down, so we need a way to convey the encrypted messages. The MLS messages to a server which is sort of the uh between between servers among servers um and between clients and servers, and so the um we at minimum need to be able to send these MLS messages. There may be some other features that we also want to to communicate um using the same protocol.

E

uh Traditionally, when we're talking about instant messaging people, talk about there's a server to server thing over here and a client server to server thing over there. uh For for both of these, we could leave these completely undefined, particularly in the server-to-server case.

E

It would be very desirable for us to have at least a standardized description of how to do how to solve this problem, um and that would also include not just how you send between two servers that are would then become part of the same distribution service, but also how to resolve that specific server for a specific service uh in uh from the client to server protocol perspective.

E

So traditionally you know in most instant messaging systems. This would be an implementation specific matter, but for MLS it is critically important that we enumerate what the requirements are for the MLS profile that we're using so that clients can correctly comply with that protocol.

E

All right, this one is a bit subtle. We have lots of identifiers that we use to describe different items in instant messaging, three of the most important which are used on.

E

Basically, every IM system are an identifier used to describe a user of the system, an identifier which is used to describe a client, because in many instant in most instant messaging systems, you can have multiple clients for the same user simultaneously, for example a mobile and a desktop, and then finally, we have uh what in MLS is called a group but could be called a conversation, a chat, a channel, something else, but these are all really the same concept.

E

This is the the collection of users that I'm communicating with, or the collection of clients that I'm communicating with associated with those users.

E

uh An identifier that is used internally is not always what the end user sees in a user interface. So, in a user interface you may you may see something like that looks like a phone number and in fact, when you search for a user, you may use a phone number or an email address, or a full name or you may have a service handle. The internal identifier may be different as part of the problem space.

E

We just need to make sure that internal identifiers are compatible with the protocols we use, and we should make sure as well that, because our goal is interoperability, that we're not um we're not putting a high barrier on an existing service that they have to completely change their service. In order to use to incorporate some identifier that they already use.

E

There it is suspense.

E

Now we we already are assuming that end-to-end encryption is uh is baked in as a first-class citizen. In this architecture, uh end-to-end encryption uh prevents eavesdropping, but it doesn't prevent impersonation, and one of the largest barriers to interoperability is to make um the administrator of a service.

E

Comfortable or you know assured that uh that someone isn't going to impersonate a user on their system or that they're not going to um that they're not going to end up with active attacks that weaken the security of their own system, uh and you know one of the one of the concerns there, of course would be spamming, for example, is a lot easier to do if you can mint a sort of an infinite number of identifiers.

E

So the sort of overall model of how you would do end-to-end identity in MLS is that you have uh for for each client in a group that you have a presenting client.

E

A presenting client needs to go and get some kind of credential from some issuing authority, and then it can include that credential in its MLS messages and any of the the clients which receive that they are now in a position to verify that credential they can verify that credential either online directly or there may be an offline mechanism that they can use to to verify the credential.

E

So this problem is just about strongly associating a client with a specific user identity and a and other clients being able to verify presented in entities.

E

We want to make sure that there isn't a huge proliferation of different ways of doing that verification we want to have one or two different ways of doing that: verification that are well defined and and something that we can take to a Bake Off.

E

Finally, this stuff is uh we're. This is one of the the areas where we assume that the actual protocol is defined elsewhere. That we're just saying use this one.

E

All right so related to the identifier problem. We have the introduction problem.

E

This is how do you get the internal identifier and how do you obtain permission to start sending messages to someone or inviting them to groups um now? The first part of this assumes that you know what the target service is. So this would be. You know, I I come to Jonathan and I say I uh Jonathan. Do you have? uh Do you have wire? No, do you have? Do you have WhatsApp? Yes, do you have signal?

E

Yes, okay, so I take the service and I take the identifier that they use and I look I Look up, Jonathan and then I get a uh usually a uh a connection request that I use to I send to him and then, if he accepts the connection request, then we can communicate.

E

uh One of the requirements here is that we preserve private, the privacy and preferences of the target.

E

The second uh interesting part here is discovery of the of the instant messaging service. How do we determine what the target's preferred service is.

E

Okay, lastly, we have.

E

Some very useful things that are listed on the current Charter as we can. We can ask to do these later. One of these is hooks to prevent spam and abuse, so this is metadata for processing um metadata that we can use to manage spam. Abuse like did was somebody asked to be blocked. Was someone reported?

E

um I will just point out that having a strong identity makes it easier to solve this problem, um and then we also have. Lastly, the problem about how you administer groups and moderate groups, and so, if you have two different systems and a system over here service, a invites, a user who is on service B.

E

uh We could imagine that without any specification, this could be entirely administered and moderated by users in the first domain, the first service without any standardized protocol action. But if you wanted to do that across protocols, then you would need uh some kind of a standardized protocol.

E

That's what I got together.

A

No I think you should stay. You don't get to sit down yet because now is the time for clarifying questions on the problem statement.

B

F

Wow I did not expect to be the first person in line here. um So uh thanks for the presentation, one question that came up is we're talking about sort of like client to server interoperability as well as server to server interoperability. Do we have like a preferred or understood preferred model for which one we want to support? First right like so, you know. I, am you know, member of service X, there's service X to service y interoper between those servers versus I, have client X and can connect to server for service y.

F

To send message to like. Is this left open? Should we am I opening the wrong can of worms too early.

E

um Let me let me just say that we're not specifying a protocol unless it's you know, there's we we're not even to that point. The next step is once we Grant a problem.

E

Once we get a working group, we talk about what are the requirements, but technically, if we're using MLS, we need the MLS clients on whatever service we're interoperating with to have sort of a cohesive uh over, uh and we need to have an intersecting set of policies and so the the clients, for example. If uh um to give you a simple example, when I remove myself from a group, I send a I send a proposal to remove myself. Someone needs to commit that proposal whose responsibility is to do that. We need to.

E

We need to have uh interoperability, that when there's a policy that okay in this particular group that's done this way, then the clients need to comply with that.

F

Okay so I think what I'm hearing is we don't know yet, but there is a a strong preference to use the MLS architecture as a basis, and that will drive some of the decisions is supposed to with respect to what gets done. First, yeah cool I don't want to do the whole present I. Don't want to do the whole discussion. That was that that was the thing that I was I needed to clarify. So I'll sit down. Okay,.

A

I

uh Hey Rowan, thanks for giving this presentation, uh definitely kind of clears up a lot of the the space that we're looking at I was hoping to clarify the introduction identifying individuals inside of these different groups by different protocols, um because I think the the initial uh urge is to go for something that we've seen in like an email client where there's some sort of identifier. Like you know, this is some user and we've got some contact system that finds these other internal identifiers at system or service of their choice. I guess the difficulty.

I

um What is the thought behind? There's we're not talking to the service to Route us to this user. We just need to identify their device individually and that message gets delivered straight to them. That you know devices identity by IP, address or where it sits in the network is going to be tough, to tease out with some sort of Authority in the middle that directs us to them and trying to solve that end to end versus centralizing. It is going to be difficult.

E

um Okay, so AJ, if I, if I understand your your concern, is that you want to make sure that um that whatever identifier is used, that it can ultimately provides enough information to route to the end to the to the end, clients.

I

Yeah, wherever that is especially even if they're, not online, which which can.

E

I

Over time, yeah.

E

And- and you know for my affiliation, the my employer is very you know is obviously implements this as this is. This is part of our our product. So that's um I'm, not at all concerned that we will have a problem doing that. Okay,.

I

It you think that will be implemented to find a user it's by their their service. That they're using for this.

E

Message exactly okay, great, it would be the services responsibility to deliver it to them later. If they're, not online,.

I

A

J

um Hi um thinking about the introduction problem, um I realized that we might be missing something from the scope here, which is giving the users the ability to basically opt-in or out of whether they are being you know linked through to other services at all, and there could be a massive dystopia if Mimi gets this wrong a bit like um gdpr cookie acceptance, pop-ups everywhere, where users they might be on Signal and say we're in the future.

J

When we're in the group chat, and then somebody wants to bring somebody on WhatsApp into that group, and everybody says how the whole reason we're on Signal is to stop Facebook getting us our data or whatever. You need to have some kind of semantics, both at the API and, frankly, the uxler to make sure that um people can control the metadata privacy within a given conversation.

J

So I basically wanted to flag up whether that was consciously being descoped or whether it had been missed, because if we don't consider it from the outset, it feels like something we could get horribly wrong.

E

Do you think you could rephrase the problem so.

J

The problem in one sentence is users should be able to select um where their conversations are getting interoperated with, so that they can maintain their own metadata footprint. And we need to support that and Mimi.

E

Okay, so if I can rephrase it it's not that the user can the user can do something that the user has a certain set of policy policies that their service uh requires about metadata and that that policy is enforced or I.

K

E

If it's not that that the user is informed.

J

Yes, so be it's on a kind of conversation by conversation basis, okay,.

E

I I think that the current text actually covers that.

K

L

A

Is that a rebel call was that a robocall I said.

L

That was the that was the DMV.

E

So yeah I think that the current text actually covers that under the um the in the introduction paragraph. There are some some text about that. But do you want to cover that when we actually look yeah.

A

If you could, between now and when we start talking about the charter, look there's a line in the charter about respect, respecting expressed user preferences about reachability and discoverability and see, if you think it captures this bit as well about kind of where the metadata is located. Okay,.

J

L

In this case, since people are, did you decide who has to join a group? You could be like I, don't like people who have you know at whatsapp.com in the back. um So I want to tell you the instruction problem just a minute and try to sharpen up I think what what the requirements are. So there's either three layers of requirements, uh things you might imagine doing right um at the very top I started.

L

The very most most powerful would be to say that um you know you could have I think what Jonathan's draft calls um calls a a service, specific identifiers. um You know um things like you know unqualified names like at Ecker and be able to figure out like which service they were on yeah or e164 numbers. You know which what spin residue um the sort of next level down, which I think you're trying to roll out of scope.

L

um The next level down is um to be able to have you know whether they're, hidden or unhidden qualified identifiers. In the same, you know like RFC 22 names, um and the idea would be so. You know it might be the case, you know so now the interfaces might be presented, as you know, as ekr at you know at wire, but like theoretically, but the point would be that um uh that, given those things is an unambiguous way to figure out what exactly? What services that that requires connecting to right for.

E

The internal identifiers.

L

Yeah, so so, if I'm giving an internal Journal identifier, the scoping parameter, this is what services on um that on what so I mean I guess so so an email like in um in an email system right um um on you know you can email names are one giant string, but you can imagine them being on this way. You imagine saying you know um you know here and then you know example.com as like as they identifier. um My point is: there's a single algorithm.

L

You follow to figure out where that server lives right and then there's like, um and then it's like a an even worse thing, which is you have to maintain a table that is not like generically lookable, it tells you what's up is over here and it goes over here and um and in fact, like you know, there's different things you have to do to connect you to them. I assume that we want the middle one, not the last one right that is, there's there's a single hour set of algorithm and community and communication protocols.

L

They do not require you to maintain a specialized table for each kind of party service.

E

So I think that, in terms of the problem statement, I don't think we need to decide that I think that's a requirements question, but you know I I think it I think that that, as if, when present, when presented specifically explicitly I, think that the The Logical conclusion will be fairly obvious for that question. I.

L

Would hope so I'm just trying to like okay, so I'm happy to defer this conversation, but I think that it is part of it. That seems part of the problem. Otherwise we don't get very far um um so I I think uh so. I think yeah all different requirements.

L

M

uh Jim Fenton um I've got a slew of questions about identifiers and I'm, not going to ask now because I think we're covering that pretty well um the thing that confused me was toward the end. You were talking about the need to understand what service a particular user uses. Are they on wire? Are they on Signal or are they on WhatsApp or what Etc?

M

What confuses me is that, if, um if these services are, you know become interoperable through this, why do you need to know they interoperate.

E

um So if, if I have a friend, who only has an account on mask on okay.

N

E

I need you know, I need to somehow I can't. Just you know, I I need to be able to from and I'm not using, if I'm, not using that system. I need to be able to provide some information so that I can I can start the process and start routing messages. Send my user introduction to the correct service to start the ball. The ball rolling.

M

So so maybe my confusion is that you're saying the system needs to understand that that isn't the concern of the users anymore, then is it the user or the or the system that needs to understand what services? If you.

E

So the second problem is that if you have, let's say that some something to search on like an email address or a phone number or a full name, and some other information say that you could um that you could optionally, with the user, with the target user's consent that you could use that to figure out. Here are some services that I'm on and sort of the preferred order of them like and I'm. That's I'm not trying to be specific about how you would do that. There are a lot of privacy issues, blah blah blah blah.

E

But if that system existed, you could check it. If the person you were trying to contact agreed to publish information on that system, then you could go and say: ah I know they're on Mastodon I'm, going to try this user on Mastodon.

E

uh The first problem is that if I explicitly said yeah I want to contact, uh you know Raphael on Signal with this identifier that even though I you know, even though I'm not using a signal, uh a signal client that I would be able to contact and interoperate with Raphael on signal.

M

I guess I guess my question then is: do you have to say you want to contact Rafael on Signal or do you just have? Do you just say, I want to contact.

D

M

E

So the two, the two things on that slide, the first one is I need to say Raphael and I'm contacting him on Signal. The second one is that there could be a service that I could ask what is Rapha. What services does Rafael have? What services does? What service does Raphael prefer to be contacted on.

M

Okay, I I I've just confirmed that this is a point of convention and so yeah.

O

A

I think, for the purposes of the problem statement, the problem is being stated as functionally. You have a you have a Target identifier and what you need to be able to do is bootstrap a communication with that identifier on their service and the area that needs to be explored in the design space is around. How do you do that? Is it at the user level or the system level? Does it leverage? You know some side service on the side to help you do that? Those are like questions about the solution, as opposed to the problem.

B

And Europe.

G

Ben Campbell so Rowan I apologize because I've already asked you this, but I was going to ask it in the bigger group, uh notably absent on your list of example, identifiers or telephone numbers. So.

E

No, no, the phone number was it.

G

E

Second item on the on the slide: it.

G

Was on the slide, it wasn't the identity, it wasn't. Was it in the identity draft.

E

uh It was, it was in the in the problem statement and it was in yeah on the problem statement and in the.

G

Yeah, it was in the problem statement. Okay, I completely missed that so I apologize.

G

B

Can say something about it if you want to, but you.

G

A

uh So we're going to be closing the queue for clarifying questions momentarily, so if you need to get in it, please do so now.

C

Hello hansier couple um I understood, so this is basically about interoperability. Operability driven by the digital markets act, and you know the desire to make clients inoperable.

C

So my question would be: um does it also include in a way a portability according to the gdpr article 20, because the reason I ask is I, think there's quite some overlap, for instance in the data model and so on, but there might be subtle differences as well to think about so just to illustrate it a little bit in my observation is that in many ITF protocols, for instance, like the calendaring invite rfcs in the initial design, they are much more focused on interoperability, um but you have problems later on with portability.

C

For instance, you had these invites or receipts you sent on an invite um to a certain user when you invite to an invent event, which is fine for live indoor probability. But if you later on, like 10 years later or so, move people away to another provider, you wanna put the data, but you don't want to resend those invites.

C

So you have a certain class of a problem which doesn't occur in life interoperability, but is portability relevant and I wonder if this is also supposed to be in the scope of the proposal and of the working group.

E

um So I'm just going to go out on a limb here and say I think that's an interesting problem to solve, but I don't think it's in scope and it's by my read: it's not required by the dma.

C

Yeah, but by something like gdpr, so the question would be: is it mainly dma, um driven or so.

E

That it's, whether it's required to be done in an interoperable way, okay I, don't see any regulatory requirement to do that. Interesting problem, not not currently what I'm, considering as part of this scope we got. We got a big scope right now, so.

C

A

P

Hello, this Jim um I had an elephant just wondered in through the room in my head uh presence and this proposal never talks about the presence and every single, a messaging system I've dealt with. Has a support for presence and every single messaging system. I've been involved with on the server side, has had major scaling problems because of presence.

P

So is this something that you really want to leave out of scope or is it? Is this something we need to have a deep architectural discussion about.

B

You can give your opinion.

E

You're entitled to your opinion that if you, if your opinion, is that we need to have it, that's your opinion, we could ask. What's.

B

Your own's opinion.

E

uh My opinion is that um most people ignore it now, because it wasn't implemented very well in most messaging systems.

P

Okay, I was pointed out that SMS and I and iMessage doesn't have a.

O

Presence I have.

P

Not used those for those things, so so I I think we need to need to consider this and either really totally out of scope or architect our solutions to support it.

Q

So uh in in the presentation I saw mention of end-to-end security and just encrypting.

Q

The messages is not end-to-end security, not unless you've got end-to-end security of the keys and I think it's important to make make that point, because if I exchange my contact information with Alyssa, it makes a huge difference if I've got illiter's public key in my contact book I have I can then have end-to-end security if I'm going off to wignal or whatever, and that is where the trans mapping takes place from atalissa to her public key I do not have end-to-end security, and you know that's a place where you can have a rubber hose attack or a whatever.

Q

And so that's one point. The other point is that, looking through all these presentations, it appears that there is an assumption here that what you're going to build is a series of gateways because of course, you've all got these large infrastructures, and you think that the easiest way of going from where you are to, where you want to be, is going to gate each of the 10 messaging infrastructures to each other.

Q

And we actually have a data point that tells us that's not stable, because I remember the days when smt, before SMTP dominated where I used to have to send my mail through different gateways and the reason we went from that model to us common protocol was, it was just too much to maintain and so I I understand that we're going to go and Charter with the assumption that we're going to do a gateway. But by the time we actually read out I assure you.

Q

We will all be using a common protocol because that's going to be the easiest way.

E

Okay, so um before you before, you sit down PHP the um the uh I, take it that you are in full support of the end of end-to-end identity.

E

Oh yeah, being part of the of the problem statement from your from your comments, and one thing that I didn't mention in that slide is that there is no um I've, been careful when working on that part to try to make it clear that there are a lot of people who want to have sort of a hierarchical, pki style uh way of doing that, and we need to sort of leave the door open for things like, like a you know, just like a mesh, a mesh based uh way of making these kind of assertions yeah.

Q

One caveat there: uh I want to have end-to-end public key when people use the term identity, uh that's almost as bad as web 3 for me, because you know it's one of those terms that when somebody uses it I have absolutely no idea what they mean by it, and it tends to be a weasel word that allows us to do the shuffle from you know so: I I, I I I, want to stick to my public keys because I know what that gives me in security World, whereas if somebody says identity well, now I've got a fluffy cloud and somebody can take away my strong public key based identity and stick.

Q

You know a marshmallow in place and then I don't have end-to-end security. I have end-to-end fluffy.

E

Okay, look forward to getting some yeah.

A

O

All right, uh Jonathan, Rosenberg, five, nine, so I I mostly wanted to offer clarifying response to some of the folks at the mic. I think there's a little confusion on this. uh Perhaps uh the the charter. The focus of this group I believe, is not to build a whole Suite of things that someone could go Implement a new client and build a new service around and we're going to design the new protocol for how one would build a chat system from scratch.

O

um That's that that I mean maybe that's a side effect, but that's not the objective. The problem we're trying to solve is that there are existing messaging providers that already have servers that they have and they have clients that they have with.

E

Billions of users, billions.

O

Of users and- and we may be asking them to make changes by the way, but we are starting with the assumption that that they exist and our goal is to interoperate and Federate them.

O

So fundamentally, that is a server to server protocol, with the big important exception that, because of n10 encryption and end-to-end identity that comes along for the ride, I think many most of us here, working on stuff understand that Without End identity intent encryption is Fluffy, uh so there will be consequentially pushing of see what I did there they'll be pushing of requirements uh into those systems for implementation of protocols like MLS and the associated internet, but fundamentally we're building a server to server thing here and we're specifying those interfaces in this working group.

O

That's what I wanted to be clear, we're doing so. If things, for example, like Harold, like let's worry about the scale of presence systems, scale presence system is a big deal for the people who are implementing them. We're not trying to build a specified protocol for them on how to build it. They already have something we have to decide only whether or not we want presence messages to be exchanged between these providers and that's work.

O

I believe we'll do in the working group where we Define that minimal, viable, oh message, format and whether there's a presence message or not so I think it's in that sense. It's quite a simpler problem on the wire um see what I did there uh for uh you know getting these things implemented. So that's that's my clarifying, hopefully, commentary.

A

Thank you, Colin.

D

I I, just since there's been confusion, I just wanted to clarify that my understanding uh of this with as phone numbers, definitely in scope and the desirable user experiences. If I had somebody else's phone number I'd have a chance of being able to connect and have communication with them if they wanted to um and the sort of requirements. Point of view that that was you know that that's what we were trying to get.

D

We weren't the the I thought we got way too deep in the weeds of possible implementations of ways that you could achieve that user experience about whether it required servers in the cloud or whether you had to know which service the person's on I mean a fundamental characteristics for me is I, do not want to know which service I don't want to have to know what service somebody is on to be able to connect to them. If all I know is their phone number I want to be able to connect to them.

D

So I want to make sure that from a requirements point of view, we view that as one of the things we're trying to achieve.

L

We need to make sure we get clarity on this point.

E

I suggest we look at the.

A

We wait until we get to the Charter wording there. Yeah there's been a lot of discussion of this already.

R

um So um just one point that triggered me: it was you had one slide where you mentioned, you want to prevent impersonation and because of my Daily Business.

G

R

Kind of more maybe like that that some something that's often overlooked with this aspect is that there are some use cases where impersonation is actually desirable. For example, the business use case where you have like an admin, and you want to impart, be like impersonate, a certain user um and I just wanted to raise awareness that there might be use cases out there where this is actually an important feature, but as far as I understand, usually that's more concerning long-term storage and not what you're talking about it. Just wants to double check. Basically, yeah.

E

So um I wouldn't use the term impersonation for that I would use the term delegation.

R

Oh yeah, okay, makes sense thanks.

S

Antoine hello uh I wanted to have a clarification on The View. You have an interoperability. Is it? Do you mean that you want to specify a minimal list command denominator among the different systems that Implement instant messaging? Or do you want to provide a way for external systems that don't support a specific additional feature that you have on a given system? So users from the outside world of your network can provide a way to an information that mimics this feature. So the experience in your network is consistent.

E

I'm not sure I understood the your second option, so um I'll I'll sort of give give an answer, and then you can tell me whether that answers your question at I want to be able to send an instant message to people on multiple that currently are on multiple different services and I'd. Like them to be able to reply and be able to send me, you know cat pictures and so on.

S

So, for instance, uh I will give a very stupid example from the beginning of the 2000s. If I want to whiz someone on something like messenger, sorry, you.

R

S

Have an extent.

R

E

Didn't catch the word reach you.

S

Said uh with the to have a way to shake the the window, for instance a given feature do and it's not in the minimal interability message: do you want to that? Your system uh provides an API, so external user can mimic this feature or it's.

E

So the goal is, we would Define, we would have a discussion about requirements.

C

E

So, if you want to, if, if like having Rings or knocks or or window vibrations, is a feature on some systems- and that happens to not to not make the cut in terms of the common, the common interoperable feature set that people who use whatever proprietary format they they currently use can still do that and, if I'm in a group that doesn't do that, I would not be able to do that, but I would still be able to do all of the things that are in the common feature set. Okay, that's personally my goal.

E

Okay, thank you.

A

Okay, thank you.

A

um You can now now you get to go yeah thanks, Ron, so we're gonna switch to the Charter discussion.

B

So there was some discussion just now. Let me uh get the slides a bit. There was some discussion about um whether particular requirements are present here. Think in terms of whether you want this group to decide requirements or you want it to be locked into the charter and that distinction for those of you who are not used to this process is, do you want the entire ietf on board with this before we start, or do you want this group deciding it? The former is the chartering process.

B

The latter is this group coming to requirements so make sure that the charter is clear enough for you that you think the requirements will be addressed by the group. Don't try and convince the ietf that they have to be on board with exactly what requirement you're talking about that of reasonable distinction.

B

All right, let me uh we do have slides.

K

B

B

Can you open it yeah, let me well, that's always let me get the charter up on my screen.

B

I guess: I'm sharing a screen yeah.

B

T

A

So, in the time it takes us to display the charter, people can find it themselves and re-familiarize yourself or read it for the first time, um it's linked from the slides and it's been on the mailing list.

B

It really says it's coming up here.

A

I think we should Charter the working group about the screen share being started.

H

A

I think we would have the experts in the room from medecco to help us there. We go okay.

B

Give it a second to refresh.

B

Damn Network people, okay,.

A

Now you get two more minutes of awkward silence to read the charter I'm not going to read it.

B

G

K

B

How far do I want to scroll? That's probably yeah. That's probably good.

A

Hi Ted: can you scroll one more.

A

Thanks eventually it'll upset, so we have a couple of open PR's that hit on at least one of the topics we've already discussed. So my inclination is to start with those if that's okay, but if you have comments that you feel need to be addressed before we do that, we can take them now.

U

He's thinking uh totally clarifying question, uh how do you mean take the PRS? Do you want to discuss the PRS or.

G

U

Okay, so yeah what I want to talk about isn't in any of the PRS? So if you want to do that, I suggest you close. The queue kick us all out and we start out again.

A

Okay, I'll just lock it, although well that's not gonna work, yeah, okay,.

A

V

So I'm Rafael I'm, like no okay. My question was going to be about the PRS okay.

A

One sec: why don't we go to the first one yeah, okay,.

O

B

Someone's still open yeah, it was oh really.

N

B

But this one is.

A

Yeah I thought: um oh I see: okay, no just start with the first one. The first one is really easy: okay,.

B

Oh, it is called more closed.

A

Yeah, okay, so um so this one related to the language um about how this working group will not be specifying new signaling protocols. I think there was some confusion about uh that. This term signaling protocols, uh I think when the charter was written, it was meant to imply um audio and video signaling specifically, but it was not clear in in the context of the paragraph that that that was the limitation on it.

A

So I actually made an edit already to the Charter that that was just flashed up um such that this is now clear that it's only about audio and video signaling. So if people still have concerns, we should talk about it, but I think this one has been addressed.

A

Yes, we got a thumbs up in the room. Anybody joining the queue to talk about that good, no okay, so I think that one is taken care of.

A

So the next one is around Federation and message: delivery text added by Raphael and there's been some um discussion of this one on the pr Raphael did you want to come talk about it.

V

um Yeah it started from a discussion on the list and then there was some discussion on the pr and then on the list again. So I think all the concerns have been addressed and what it looks like on that one. But if there are any questions happy to answer.

A

So um does that include the new suggestion about the text that avoid centralized control over conversations.

V

I think that was cleared on list. uh Okay, Matthew.

A

Can you come to the mic? Sorry.

J

Yep, it's clear on the discussion on the list, um but it should be back put that into the wording on the pr, because the pr is currently saying. Oh, was there a minute ago here we are the pr was saying that it specifically requires um ordering of handshake messages within groups. You are explaining that can be done in a decentralized fashion or at least shared between the participants, whereas that isn't clear here, or at least it wasn't too.

V

Yeah yeah I think there's some confusion around the terminology on that. um So what I'm referencing is the architecture document and- and that gives these two options and the pr is not specific about other one.

V

So, okay, I think the language in the pr is generic. In that sense,.

E

State, your name yeah, sorry.

J

Matthew Matthew Matrix.

B

E

uh So, at the beginning of this discussion, Pete said: do you want the ITF to discuss this, or do you want us to discuss this I think this is a clear case where the intention we've discussed in this room we've discussed among the like the main parties we agree, um but adding more text. This is going to be a red flag for the ITF. It's going to cause confusion. It I think that this will hold up triggering so I think. The original wording that Raphael proposed is fine and then incorporates what we need.

E

uh I think as soon as we add avoid centralized control over then it's going to open up a whole can of worms we're going to have a discussion at the ITF instead I think we should have a discussion about you know what are the requirements in the in the working group once the working group is formed.

A

Thanks Ron and we have Eric.

L

Yeah I want to speak to that same point. I agree with Rowan like this is. This is quite classic over specification in the charter, um and we should like the Rafael's text, looks like reasonable to me. um I made words with the disappoint later but, like the German, looks fine, um but I. Think that, like writing, this text here is going to like cause all kinds of problems and I, don't even know what it means so like, let's just start there, um so uh it's like yeah I think we shot it.

B

Are you, okay with that.

A

Matthew, are you in the queue.

J

J

um If I can insert myself do, I have to press a button, no.

B

But say your name again so that everybody knows you're talking sure.

J

Matthew Hopson for Matrix um I guess my uh I may be missing some of the Politics as to why it would become an ITF level concern um if we, uh if we discussed um the idea that the ordering needs to or does not have to be done in a centralized fashion, because at the moment it really seems to imply here that it has to be centralized.

K

J

By talking about ordering of handshake messages within groups, actually.

L

J

Okay, so the implication is that, as long as there is some kind of ordering that could be done by a vaxxa clock or it could be done in the centralized if everyone is happy, that's why.

L

Everyone employs.

J

Centralization then I'm happy yeah.

L

I I, don't think this applies Central position. If you think that if you have texts that would like my problem is, that is the is the is I mean I I generally agree with this, like I. Think the intent of this is but um but I don't know, but I don't know quite what it actually means, and so I think if you want to just avoid, if you have suggestions that make this not prescribing centralized, did you make those suggestions but I think trying to prescribe non-centralized is the problem here: okay, yeah totally.

J

A

So you're fine with Raphael's original suggestion, okay, great thanks and then we have one more.

B

N

We have an actual yeah.

A

Can you look at the um can.

N

A

Look at the the diff yeah.

F

A

So this is the topic that we were just discussing earlier with the introduction problem, and the current suggestion here is.

A

To add text, which indicates that the working group May investigate and develop a protocol to discover the target user's preferred application. So it's not. uh It's not decided that that is definitely going to happen, but it's offered as an option.

A

U

uh Totally optimism Enthusiast, um so I I really appreciate the optimism uh by which the proponents are brought forward. uh The work in general, especially given our past history here, that that's really cool and important um but I, think the introduction problem text as it stands now and even with the just disappeared, PR yeah um sorry Pete I was.

W

Really going to.

U

Refer to that, so uh even without it, the way it's currently written uh needs a complete rewrite, not a small change, because the way it's currently written, it's a completely separable problem right. You could you could gen up a working group that had as its goal solving the introduction problem across these services without a goal of uh creating interoperability among them um and I. Think that's not what you actually want. I think what you're trying to say is for the systems which have signed up to interoperate by implementing whatever Mimi comes up with.

U

We will have a mechanism to allow introduction to occur and the way it's written now sounds a lot broader than I. Think um the minimal viable product would be here so I suggest that this text actually get hacked a good bit more than the pr that's in there now to say.

U

Mimi will consider developing a protocol to allow conformant services to provide a mechanism to introduce their subscribers across other conformant services. So I think that what we're trying to do here is actually much less ocean boiling than this sounds like and I think for a charter to get through the rest of the process. We have to make it clear that we're only boiling the parts of the ocean that have deliberately dug the canals we specify.

B

So Rowan it may be about to answer the question I'm going to ask here, but introduction and Discovery seem like very different kinds of things are: are: do you see them Ted as it intertwined connected the same or are they two very different things.

U

Can I say that that's a problem for the working group because I'd like to say that if you don't mind.

B

How Okay Rowan, how about you, go, take a shot.

E

Ted, how would you feel about the working group May investigate and develop a protocol for use with Mimi to discover the target users preferred applications in which that Target should be reached.

U

So I I think for use with Mimi is less restrictive than what I proposed and I would preserve something even more restrictive than that. But if the working group wants, if the, if the charter discussion leads to your text, I will not fall upon a sword.

E

Okay, because uh again.

A

Don't leave come back finish finish, your thought s.

E

I was just going to say that the if we add those four words or whatever, um then that becomes a requirements question for the working group, where I would certainly support you in saying no we're not going to use this protocol generically.

U

I'm sorry I just missed the last three words of your utterance. If you wouldn't mind saying them again,.

E

It becomes a requirements, question that I, you know where I for one would help you in the working group say: no, we don't it's not a requirement to make this work outside of Mimi.

U

uh I, okay, I I think we're we're close to convergence there, which is good news. Wait, don't leave.

A

Because sorry people stand around at microphones, sorry Ted I thought you were also. You were because what Rowan just spoke about is more to this additional sentence that he was adding, but I thought you were. um You were concerned about this, the prior sentence as well, where we say we're going to specify a solution to the introduction problem that needs to be narrowed. According to you, correct, yes,.

U

And I think that he was saying that the narrowing would occur in the working group um by the discussion of ensuring that the requirements were focused only on Mimi compliant services.

U

Okay, yeah, okay, then uh I think I have an action item to uh raise an issue and a propose. A PR, yes, um but I I hope that the general question of how we ensure that this does not become the ocean boiling question of solving the introduction problem for people who haven't signed up for Mimi is leaves the charter one way or the other. Whether you take my PR or somebody else,.

A

Got it? Thank you, Eric.

L

So I don't want to worry too much of Charter checks at this exact moment and try to scope out the problem. Space is that for a second, as Pete says it seems to me there are two problems. One problem is give an identifier and the service it is on arranging to connect a to B um and we can go in induction. If we want, we can call it.

L

You know, introduction if we want I, don't care and then separately as Pete says, there's a discovery problem which is give it an identifier that is not qualified by service determining which Services it might or not be on and um I believe, there's consensus that the first problem needs to be solved or the whole thing falls apart and I believe that there is the center or the second problem needs to be solved, um so I see Jonathan nodding, so I think I've accurately characterized.

L

This um um I personally would like to solve the second problem, but I can live with text which makes that odd working position.

L

um So um so, if I guess, what I would say is without looking like in pertaining this priority not exist. If people do people agree with that framing because if they agree with that framing I think we can extract text to all make that happen.

D

Colin College, uh so so I I think Ecker as usual's got exactly the right. Framing and I want to focus just in on the Discovery part, which is I want to make sure that it is an option for the working group to decide if they can solve that or not.

D

They may find it's an impossible, Problem Solver they may they may solve it, um but I do not want to continue to insert these words in there that it's a new protocol that we'd have to do to do this because I think the best Solutions don't involve a protocol at all, um and so I I would rather not keep embedding Rowan's solution into the charter text on this right. So because I'm not I, don't like that.

D

Sorry I just want to discuss the problem to be solved. I don't want to. It does not need any discussion of How It's solved right.

A

I see okay thanks Phil, so.

Q

A general question a point throughout the chart. uh At some points, the term identity is used and the other other points we have user identifier. They both appear to be meaning. The same thing I'd like to propose that we use user identifier throughout and Nick's identity, which is uh you're looking in in the terms that it is being used. It is certainly being used to me as a user identifier- and you know my Twitter handle is not my identity.

Q

Yeah yeah, it was you've, got a good one, uh nor is my public key their identifiers. uh The other thing is, if take I was going to wait a bit. uh If you look at the bits that we uh say are out of scope, the last one, the Oracle to do the user lookup.

Q

That appears. That statement appears to be saying we're not going to be doing what we're talking about doing here.

Q

A

Know this is well, so it's quite possible that in well. Obviously, this is just suggested as an edit to the Charter, and the previous version did not contain this and therefore it is ruled out of scope in the base text. Yeah.

Q

So I you know, I I would like to just remove that Oracle line talking about the Oracle, because you know that is something that you're gonna need.

A

But so on the identity, Point um I think people should should respond, because my understanding was that actually we do mean two different things when we say identifier and identity and the identity is the cryptographic identity and the identifier is, is you know whatever we're using on a particular service? So if people have opinions about that, please respond Matthew.

J

um On the pr list, um I think you're missing one there's number seven, which I submitted earlier um based on the earlier question. If you can refresh.

F

B

J

And this GitHub is having some kind of consistency meltdown, which is a trivial one, just suggesting that we explicitly put that data method of data permissions and Skype yeah that one the 22 minutes ago.

A

Which one number oh well, it was opened during the.

P

A

All right, um but can we can.

I

We finish I would.

A

Like to finish on number four, so are we finished on number four? Does anyone have anything else to say on number? Four: are you in the queue? Yes, you are in the Q next I.

X

Am but I was doing this intentionally trying to beat the end of the number four discussion. It is kind of a broader point about this passage, but not about the specific PR, so I mean when I read. This I still think there's a bit of tension in the way the charter is structured, which I'm sure we'll resolve this is I think this is a simple one between that that last sentence that Express user preferences about discoverability and reachability must be respected insofar as I suspect.

X

A lot of messaging systems have properties that preclude, in certain cases, discoverability and reachability as a feature that we're not expressly preferences of the user, but are part of the reason why the users use the surface.

X

So, in other words this is this is I'm talking entirely about you, know social media style messaging systems where you curate very carefully the set of people that you're supposed to be in contact with this interacts a lot with both the introduction problem and with the question of um the degree to which, like spam mitigation, is actually in scope of this or not so, I guess my the only question. I had about this and I wanted to do this because we have this BR open.

X

Does it have to be Express user preferences or is it properties of the systems.

B

The the text says, to paraphrase any preference that is expressed, must be respected. Now.

X

I, read Express user preferences to mean I had to say intentionally, I don't want to be discovered, and we have to respect that and of course we should respect that, but I I guess I am hypothesizing. There are actually a lot of properties of common systems that have an introduction problem that users don't have to press a button to say that. But the reason why they're on the service is because it has that property. So it's not like I expressed it. It's not an Express user preference. It is an innate preference.

B

But I guess what I'm saying is the the sentence. That's in the charter here is the inverse of that. It's saying if the user does express it, that must be respected it for anything, that's not expressed, it doesn't say.

X

Anything later the charter says, like everything, that's concerned with Spam and abuse, we're kicking down the can we may do it, but a lot of it is out of scope. It's metadata analysis now in fact think the main way those systems mitigate spam is through things, users don't express his preferences. So that's why I was asking if that we could maybe tweak that, but this I don't want to take the entire working group's time on this. If this is a complicated one, no.

A

I I think this is a good point. We have to figure out how to capture that, um because I don't think it's sort of like it's both expressed and implied yeah, uh but that's not a great anyway I.

X

Just wanted to stick this in because this was up and I I know. We've got other things to discuss, but okay, okay, Express.

O

And implied sounds great to me: Alyssa.

A

Okay, maybe we can try that okay, thank.

R

A

K

uh Hi Peter Castleman um on the identity, uh point I, think there's a difference between an identifier of an individual in the system. Some kind of handle a number but there's also other identity, attributes that we're gonna have to deal with things like display names or display.

W

K

Organizations um there's other aspects of identity that we will want to convey so I think it's it's useful to maybe distinguish but I, don't think you can sort of copy and replace or just just talk about the identifier, uh there's gonna be other identity considerations as well.

A

Thank you, Rowan.

E

um I was just going to say, um I think we have some specific texts that it seems like people are, are happy with and different for different problems with this PR, which I'm happy to to write and I would have already uploaded to GitHub uh as a change to this PR, but I can't get to GitHub right now.

A

Okay, well, Ted also has an action to work on this, so.

L

um So, as it happens, I can't get to GitHub and I just filed peer number 10, which I think tries to enact what I mentioned earlier and I hope. People will be happy with I'm, not suggesting necessarily people accept that now. But you take a look.

L

It also has an implied to the separate.

A

B

Y

I just have a bit of a clarifying question here, so I'm kind of following and getting up to speed. There was a question from Eric to say: is Discovery in or out and I'm listening to the discussion about identifiers and identity and I kind of think they're. The same question: if we say identity is me, but I have identifiers in different systems.

Y

Does that open the question of how does Eric speak to me and discover which identifier to use which will get to me out of the many identifiers I? Have that identify my identity too many idents in that sentence? I apologize and should it therefore be pushed out of scope of discoveries out of scope or absolutely addressed within the charter if we are doing discovery, that's my open question.

A

So there's obvious dependencies depending on, like which cell in The Matrix we end up in here, um so the charter needs to ultimately be internally consistent. That's for sure, um if that's kind of your point.

B

I I think the the answer to what's in the charter is it should what I'm hearing is? It should allow this group to take on the discoverability question, but not require it. The that the group will decide once up and running whether they're taking on discoverability and examine that problem, see if they can address it.

B

A

Z

On hello, I'm, David um I had a quick thing on the deferring, and this might not be the correct time for it this and if it's not the correct time for it, please tell me, but deferring the whole spam and abuse problem till later. Yeah.

A

Why don't we? Why don't we just try to close up on Discovery versus introduction and then come to it I'm sure people want to talk about that. So are others in the queue to continue discussing, Discovery and introduction. Yes, you are Eric you're next.

L

I I think just briefly um the am but we're gonna. We will in fact need to like clarify, because internology is great about, like King material versus versus um versus, like names um versus like real names. um Jonathan rosenberg's draft was a quite a nice job actually of trying to technical taxonomy of the various things so I think like that's something we can do offline. We can make a pass through and like use either terminology from there somewhere else.

L

That tries to try to cut those apart right and I certainly agree with php's point, but like the public, keys and and and names identifiers are all different things, but I think I think that's something we can actually do offline because I, don't there's actually disagreement about it. I think it's like the writing needs some.

F

Q

Felt this might be a point where looking back to the EU thing might actually help us in that. What is the EU asking us to do? They're not asking us to provide a mechanism that allows me to sit at my keyboard and find Pete Resnick.

Q

What they're asking us to do is to have a mechanism that, if I'm already in contact with Pete, they want me to have a mechanism that allows Pete to send an identifier to me that I can input into a chat client that allows me to talk to Pete, even though we're using different service providers.

Q

Now that is a discovery problem, but it is a much more narrowly constrained, Discovery problem than the broad one that we've been expanding it out to and in ITF terms. That is something that, for me comes back to Uris, because the whole idea of Uris is a uniform identifier space that you can map any form of identifier onto so. You can cut and paste them between people.

Q

So that's the sort of thing that I would suggest. We we look at.

B

So I would say that because half of that sounded like a requirements, discussion and half of it sounded like a potential Charter item, discussion and I I. Guess I'd: ask you to hammer out or or bang on the uh Charter text to see if it would allow for the group to come to that conclusion. Does.

Q

That make sense: yeah, okay, okay, yeah I, I, I I thought that you're going to come back and say well, I, don't want to talk to you! No yeah.

B

Would have been a good answer, Mallory.

AA

Mallory noodles Center for democracy and Technology might comment is similar to php's, in that this is not the interoperable identity buff.

AA

This is, um should really really narrowly be scoped, both Charter and requirements, to make sure that identity is in service of the messaging and now I understand, because I was a real proponent of keeping discoverability in this um on the list previously and now I understand why people didn't want it, because I think it gets us to this point where we are building um interoperability or interoperable identity, which would be a total disaster and I. Don't think we want that.

AA

So, um if there's a way we can both in the charter and requirements every time Identity or identifiers are mentioned, making sure that it's within the service of the messaging piece.

A

Sounds good I'm gonna close the queue for this topic in a minute. So if you have anything else to say on this topic, please join the queue.

J

Matthew um I just want to go back to the metadata residency thing on pr7, if just to make sure it doesn't get dropped off the charts or at least give us a few minutes for people to say whether it's the appropriate thing to add. In.

A

Yes, we will come, we.

J

Will come okay, yeah, yeah.

D

A

Just like trying to close off this one yeah.

G

P

Had a lot of strum just to the words application and service are used in this Charter in a way that sometimes seems to make them mean the same thing and sometimes make them seem different. Both terms are undefined I think we should use only one term for one thing and Define them carefully.

P

Probably, since this seems to be focusing on a gatewaying problem, we should use service throughout.

A

Thanks good good point: Rowan are you in the queue still.

B

Rowan, did you like.

A

Are you in the queue are you done.

E

uh I just wanted to say regarding the um PR number 10 I am very happy with this text and I want happy to happily. If people are happy with this I'm happy to remove PR number four and close up. Do we want to take a hum or something on this or.

A

So I think Ted was had uh maybe needs to look at it based on his earlier comment, um unless you've done that already and you feel comfortable but yeah.

U

uh I, don't think we do it I put in a PR uh that claimed it didn't, have a merge conflict. Oh maybe it's because I didn't face on yours, yeah, okay, so we need to rebase, but I think that they're uh there's there there shouldn't be a major problem in resolving that conceptually.

M

U

So there there may be a rebase problem there, but as I was doing it while trying to listen to the conversation and yeah.

A

Yeah, it's a little hard to multitask, so I think I think we're in a good place. With with this uh item, we can kind of resolve the final differences uh immediately after the buff and um take it that way. I, don't think we need to decide on specific words at the moment, give people a little time to look at the PRS, so I'm going to unlock the queue and I think we should come to PR number seven here and then we'll come back around to spam and anything else. People want to talk about.

N

We can remove him there, we go yeah. Let's.

L

Show you, the C7, there's seven.

B

Well, as soon as the screen refreshes.

L

So I I commented this I think this is over specification in the charter. Like I, understand the motivation but like this is like this. This is like one in many requirements, so I might think what might be desirable, um but it's not like actually that core to what's actually happening here and I think that it should not be the Turner I mean like if.

F

L

Gonna, like add, every property that, like would be good to the Charter, we're gonna be here for everyone.

A

V

um Yeah I think I agree with that in the sense that metadata has not been introduced as a term so far, and this is oddly specific, uh while also introducing uh metadata so yeah I agree with, like I said. If you want to talk about metadata, we would have to do something more comprehensive, but there is no PR for that.

A

O

Jonathan Rosenberg I think the express and implied preferences language that we already have in the charter gives the working group the room to sort out the details on these things and is sufficient, so I agree I I, don't think this is needed in the charter. I think it's a fabulous discussion for the working group.

A

Anyone else wanna Express an opinion.

K

A

Okay, so it sounds like if we add implied people are comfortable. Oh, we have Brendan, okay,.

AB

uh Brendan Warren I think that the data residency is an incredibly important problem and the metadata residency I'd prefer to have it in there.

A

AA

Mallory noodle CDT um I wanted to put on Mike something that Nick Doty said in the chat, which is really smart to just remove the word, express and just say, user preferences rather than adding implied. But this is not exactly about this I tend to agree with others that we don't need to introduce the metadata if it's not mentioned anywhere else in the charter, but because Ecker and others brought up just that word again. I.

A

AA

Offer that alternative.

A

So can I, can you stay for a minute um so.

A

You don't think that user preferences implies uh expression.

AA

um No actually I think that user preferences, so so, if we so back to the conversation before I didn't come on, Mike then because I felt others were um handling rather well, but my reaction to it was you actually um need to ask now so that the implied piece I think means that we're not okay with it being implied anymore. We actually do need to um confront and make visible these implied preferences somehow now, and so what are the? What are the implied?

AA

What are user preferences that are now implied that must be expressed and shift this so that interoperability works and user I? Don't think it's okay to work based on implied user preferences, because um we don't know what they are and there's no way for users to feed back then. So that's a problem that has to be solved in the context of this working group. It doesn't have to be in the charter. So if you remove Express, you just talk about user preferences, it's something we have to address in the working group.

AA

We can figure out how to make implied user preferences more expressed user preferences and then deal with the express user preferences and respecting those. If that makes sense,.

A

AC

Yeah, getting back to the data residency working I think that maybe data metallurgism is a bit too specific, but I've been in favor of keeping a reference to something a little more generic like data processing, meaning that when you introduce the the join the Federation, then you you I mean you must keep the principle that it's the user. That decides where the data can or cannot go, which is the basic principle of the European privacy laws anyway.

AC

So the point is that that there should be a way for user to say: I want my data to go there or not to really go there or just all throughout them.

A

Thank you, John.

X

Yeah I think we might need to take this user preferences thing to the list, because I think this is a lot thornier because again, I I. Think, especially because this is a paragraph about the introduction problem, the introduction problem.

X

You know it has been conditioned for us all by the way that social media networks operate and the way that people curate lists of friends and things that are similar to that that are properties of the system that are fundamental underlying design choices that you, users, don't have a say in right and like the fact that people like these properties of these systems and can choose ones that have an open front door or like anybody can message you the way.

X

Anyone if you have a telephone number can like hit you with a telephone number, there's nothing you can do about it. Social media has has fundamentally altered this Dynamic and to put this as a way that well, you know we need to like confront users to get them to like Express, that that is what they actually want.

X

I think is unrealistic and it is really orthogonal to the problem. We're trying to solve so can we maybe punt this one, because this needs more discussion so.

B

John before you disappear is your suggestion that we get rid of the sentence in the charter and have the working group so Charter discuss how to do it or you want the list to discuss more. What to put in the charter about.

X

This I I fear it is getting the list to discuss more about to put in Charter about this, because I think there is an unfortunate interaction between solving the introduction problem, putting spam out of scope and having the statement about. Nonetheless, we want, to you know, respect user preferences right and I believe those user preferences are cassette in every way. That makes the introduction problem a problem at all like there is no introduction problem for telephone numbers. You got a telephone number. Anybody can call it right.

X

It's the systems where you can't you don't have a front door like that that are designed to prevent that.

X

That necessitate an introduction problem, and it is, it is the one of the reasons those are successful is because of the implications of that for spam and abuse and suggesting that, like this needs to be Express, user preferences is where this came from, and that's why I was like okay, express it or implied, because it is implied by voting with your feet when you go to a social network messaging system that you do not want to have an open front door.

A

So yeah I'm, gonna, I'm gonna, contradict myself from 20 minutes ago. um Maybe uh do you not envision, given the fact that all of the closed systems offer controls that that's where this came from in the first place right, if you're, all of a sudden, going to open up a closed system to people from other non-closed systems? Who can reach you um that, if you, if you are already in a position where you're controlling who can reach you, that better extend to this much larger interoperable system right?

A

So do you not Envision that the the services that already offer such controls will not augment those controls with hey now, people from signal can reach. You are you okay with that, like that, and that's why I think I mean Mallory's point is perhaps that whatever's implicit today will have to become explicit, because the users who signed up for these services that that's, why they're there in the first place is because they have those controls. So why would these like?

A

We can't make these services offer those controls, but like don't you anticipate that they will come to exist anyway? It.

X

Is the former point that we can't force these systems to to make users make this choice right and to put it explicitly to them as a choice like if I, if I thought Facebook was, it was going to give me a button? I could push that said. I'm an open front door like anybody can say I, don't require anything for anybody to see anything right, I mean.

X

Maybe public posting is like that or you know, maybe there are systems for like DMS and Twitter or where you can like set that and receive DMS from from anyone. Those are examples of ways that that could be made explicit. My point is: if the default of these things and the way that the the the reason they have been successful is communication systems is because they do not their default out of the box. Behavior is to prevent users from having these.

X

You know like uh uh uh that that open front door I don't want to suggest. We now need to force any system that is going to be compliant with Mimi. To make people make that explicit. Express user preference like identify before they can participate in the system.

X

Does this again, we need to take this list obviously, but, like I expressed an implied user preferences work for me, removing this and just having user preferences does not does not work for me, I think the same way.

A

Okay, thanks: um okay, go ahead: Mark yeah.

T

Just a quick question from a complete messaging newbie, uh just the language must be respected. There just strikes me as a bit odd. You know. Are we really saying that we're going to put a must in the specification that you must behave in this way when it's effectively untestable I mean that seems like it's something that would be uh uh uh regulated by by legal forces, but I'm not sure it's really about technical interoperably. Do we really mean must be respected, or is it must be able to be expressed?

T

A

I think there's ways to design some of the protocol, mechanics that are envisioned here. That.

A

That you could only do so without violating people's preferences or that like would demand violation of people's preferences. So it's sort of trying to put a gate on that, but I agree with you like. Yes, there's a lot of this. That cannot be enforced in whatever it is that we're going to specify I.

T

Think that probably depends on the nature of the specific preferences in some cases and that's why especially the the data residency one really to me brings that out is like how are you going to enforce that in the protocol? You know um yeah, okay, thanks.

Q

Okay, this might be unpopular, but basically we've got the completely wrong language here. This is not the introduction problem. This is the access control problem that front door. That John was talking about. Yes, he's got that completely right, yeah. Every message that I receive over an instant message channel is access controlled, because you can't talk to me on Signal, unless I've already decided to accept Communications from me.

Q

The only thing that you can send without uh prior authorization is a request for authorization.

Q

So really what we've got here is an authorization problem and you have to have a mechanism that allows somebody to set up an authorization in the first place and you have to have an access control system so that people can say I do not want J random fascist. Sending information into my messaging box is an access, control problem and so I, you know, I, don't think we can really word Smith.

Q

This I think we've got to go back and cast it in those terms, because once you do that the whole bit about Express user preferences, no, no they're, not preferences, they're, Access, Control policy and the user has to be in control of that. And that goes to the heart of what um AOL and signal and so on are saying when they want uh anti-spam built in. They want to protect those existing access controls.

Q

B

Thanks um so what I'm hearing right now and just in case people, don't need to get to the mic? What I'm hearing right now is this PR doesn't address the problem, that's being expressed here, and this really does need to go back to the list, and this paragraph needs to be reviewed and and figure out what text we want to express what people are talking about here.

B

um If you want to express your agreement or disagreement with that, that would be helpful.

A

Yeah I'm going to close the cue on this so get in the queue. If you have anything else to say, Jonathan.

O

Yeah Jonathan, Rosenberg, um I I think almost all of this is stuff that should happen in the working group and not in the charter. I I'm, not a fan of protocol engineering via indirection in the charter. Everyone who has all these strong opinions on identity and preferences and implied versus explicit. Can we just do this in the working group because, instead of like asking for delaying of another, you know three months to make a working group.

O

Just let's get a working group and have this debate and I say that, because I think a lot of this discussion is losing sight of what the objective of this is. We are not here to design the messaging system in world of messaging. We wish we had. That is not the charter of this group. There are existing providers and they sell the products and they have the policies and they make the decisions they've already made, and it's not our job to tell them to do something else.

O

Our job is to provide a way for them to interoperate, and we need to solve the just the protocol mechanisms necessary to facilitate that interoperability. That's what we're here to do so I would love to sort of conclude on the charter text and I'm pretty much happy with whatever, because we're going to have it all over again in the working group and we do no benefit to ourselves by delaying it and the dma has a deadline in case people didn't know this.

O

So if we want anything to actually be used, another round of Charter negotiation helps nobody.

A

So I guess just looking at the time, because we do need to get to the buff questions. um If anybody disagrees with what Jonathan just said in terms of like needing to continue hashing this out um outside of the charter context, then please come to the mic to.

U

uh Ted Hardy scope, Enthusiast, also buff, question enthusiasts: I'll try and be very fast, I I think that um the way Jonathan just described this is actually a bigger task than we actually have because he talked about it as service interoperability across uh all of the conforming services, but I think some of what's going on here, that's problematic for us to understand is actually goes back to the formulation that Brian had at the very beginning.

U

You can think about this as every time you have one of these chats or channels or conversations you're, building an overlay that overlay has multiple Services as underlying providers for that chat or conversation or Channel, and that overlay may have its own defaults, which are not inherited from any one of those and I.

U

Think part of the thing that the working group has to Define is how, when you're building one of these overlaid conversations or channels Etc you get that um inheritance, and there are a variety of ways of doing it, that the working group has to design and the charter isn't um required to design. But I think it's really important that we keep in our brains that we are not trying to solve the problem of service interoperability.

U

Broadly, it's per overlay. We have to solve it and that's a much more constrained problem and that's good because trying to solve it and the full interoperability of all the different aspects of these different Services is not going to meet the dma deadlines and it's not going to be a solvable problem with the enthusiasm. But if we conceptualize this that way, I think we can understand these buff questions in a much more useful.

U

Hey can I get this done and I'm much happier saying yes to those buff questions than what I think Jonathan didn't actually mean to say.

A

Okay, I mean and I think there think the rod appreciation for that um that we're trying to be more narrow in scope, and maybe we need to refine it a little bit to get there.

D

My only ask I was going to say is just given the timing of everything I wish that we could resolve right now, some texts that we could put into the charter that sort of hit this, because everyone seems to be saying roughly the same thing. This should be left to the working group.

A

Thank you yeah, so I yeah I think we'll we'll continue iterating on this um a little bit on the sideline of the meeting, but I think we need to get on to the boff questions. I'm.

J

Quite happy for this to drop Matthew from Matrix. um It's not going to be blocking the working group. I was just trying to get it on the table. So if we don't want to put it on the table very happy to close the pr and I've said so on it.

A

Great thank you. I think that would be helpful thanks.

A

Okay, I I know we didn't get to every single Charter aspect that people wanted to discuss, um but obviously we're going to keep iterating on some of these points on the list and if there's one that you really wanted to raise and we didn't get to discuss it, please file an issue or a PR or raise it on the list and um obviously we're going to be continuing to refine the charter after this meeting.

A

So um we have time to do that, but we are going to move on to the boff questions we're going to be asking to help. So the point of these questions, for those who are new to this process is to help inform our responsible area director, who is helpfully standing now at the front of the room, Marie and the rest of the iesg, as they um think about whether this working group should be chartered and put the charter out for Community review.

A

So the first question is: does anyone think the problem statement that we discussed earlier in that Rowan presented is unclear or poorly scoped? If you think it's unclear or poorly scoped, please come to the microphone David.

Z

Yes, I'm David uh I think there's one issue around scoping and this is slightly related to the Charter. Apologies for that, but I think it is somewhat problematic that the problem statement explicitly places a lot of this permanent abuse questions. Semi out of scope, um I'm I'm, worried about the impact that's gonna have on the Solutions.

Z

We eventually are going to end up with and and the kind of environment that that is going to create because we might accidentally dig a very big hole in terms of either a toxic environment or a outright from a security standpoint, dangerous environment.

A

Thank you, please get in the queue. If you have opinions about that, Jim.

M

uh The uh the the chart, the draft Charter that's uh seems to talk about the motivation being strictly about user experience, whereas Bruins draft talks about the dma, and so, if we're needing to satisfy and I've heard a lot of talk about mentions of the dma here.

M

If we're needing to satisfy a particular regulatory requirement or that's a goal of this of this working group, I think it should be mentioned in the charter, because, uh right now it just seems to be about the uh about user experience, and our experience has been that user experience is not sufficient to get something deployed.

A

Thanks yeah, we left it out of the charter because it's an unconventional thing to do in ITF Charters, that is in the it's like in the buff request, description um but I, think, and there are some backup slides in this deck that you can peruse at your own Leisure. That explains some of the dma requirements, um but I think in general. We try not to be have that as the basis. It is.

A

It's obviously a motivator, um but if you, if you look at that- and you think that it has an impact on the problem statement- scope that would be useful, um I think it's actually stated at a very high level what the requirements are on. The Gatekeepers under the dma, so I think everything we've talked about today is potentially within. Within that scope, Victoria.

AC

A

AC

Actually wanted to say the two things that have been said, but yeah just briefly. The the I also think that it's important that, yes, we Define the minimal requirements, but they meet at least the.

W

AC

That are posed by regulatory requirements around the world, otherwise the work the work is useless. I'm fine, with not stating this in the chat, if we don't feel like I mean at the ITF, but it must be a clear agreement between the people in the room and the other one is about spam.

AC

I think that there's a real risk that we I mean if we don't address the problem at least start discussing how it could impact we end up with something which will fail, because people will try to deploy it and then it will be immediately used to spam, everyone else and and the main players in the field. We say we don't interoperate, because this is just opening up too much spam and abuse and abuse, not.

W

AC

Also, harassment and all these kinds of abuses, so I I think we should, if possible, at least uh put it as a second I mean this later goal, maybe, but not through it out completely.

A

Thank you, Eric.

L

So I don't think we should say anything about dma in the charter. um I understand it's motivating for why this work was more successful but I, don't think we I think trying to be like we're, not like the consultancy for like the for the EU, so um our jobs recently that's good and that does does will serve those requirements, but I've read I've, read the requirements and they're really quite vague, so um so I. Don't really think.

L

There's much fear that, like that, like uh that that will fail to hit those um if we do a proper job, otherwise I'm also sensitive to this point. John Peterson is another people raised about spam and abuse, um I, I'm really torn um I, don't think as much I think. Maybe maybe like there's a question between um you know. We are not going to solve spament abuse um ever, but um even here, especially because those are like very platform, specific ways of handling it.

L

What we need to do um you know and if you think, of the email situation, you know we didn't try to solve family abuse and email either we tried to get the plot. The applications of platform is the ability to handle themselves, and so I think you know if we were able to like come up with a a consistent. um You know set of functionality which would enable platforms to handle sound abuse. We should do that.

L

um I I not feel comfortable. I understand the situation well enough to be able to do that at the moment. um I wonder if there's a way to sort of finesse this a little bit the charter interest like I, mean having room for like in the same ways we made room for a discovery thing make room for make room for protocol support for that. If we then need it um like I, say: I I feel like that's like not entirely adequate, but it's the best. I know how to do so. There we are.

B

And just to point out not that it is a crystal clear distinction, but this question is about the general problem statement. The specifics of the charter is another question, but I agree there they're.

L

Tied together, my answer to this question is no I think it is fine. Okay, thank you.

A

I'm going to close the queue on this question: go ahead: Matthew I'm.

W

Matthew Wilde, um so I I completely sympathize with the um the point about not wanting to make the whole uh working group about the dma I. Think that's very sensible, um but I also worry that if we don't uh recognize that as a goal at all and I think it is implied as a goal, because we keep talking about it, um we run the risk of possibly defining solutions that are not acceptable to The Gatekeepers, for example, and go uh too far in one direction.

W

For example, the spam and abuse is, is obviously a big concern to any big player, and it is one of the reasons that they don't just interoperate with anyone.

W

And if we neglect to address that kind kind of thing, then I worry that we'll end up doing all this interoperability work and no one will end up actually adopting it and yeah we've had you know, we've been through this in the past, and a lot of the reason that um you know say, for example, xmpp um is no longer implemented, is not necessarily because of the technical reasons, but a lot of the you know.

W

um Business and operations that go along with operating a massive service, and- and so we need to be, you know we need to recognize those things.

A

E

Rowan, uh so from my perspective, spam is specifically mentioned in the problem statement and in the charter. It's listed as that that there's some text about you know basically, let's get the ball rolling and then what we can go and do this we can go and do this a little bit later. So that's my understanding is that the problem statement does include doing spam metadata uh and that there is a mention of it specifically in the charter.

E

A

O

Yeah Jonathan Rosenberg, so I think the probability that spam is not considered in the discussion is exactly zero, um it's sort of like. Should we worry about security? How about like backwards? Compatibility extensibility like, of course we're all going to do those things too. Do they need to be in the charter, every single one of them I, don't think so.

O

um I think everyone who's working on this understands the risks and the challenges without a doubt to me. I think it's fine as it is we're going to work on those things. I think the main point is this: group's Charter is not to specifically design protocols whose primary functions are spam abuse. Where- and this is why I think what ecker's saying is right- we're building a messaging interop system which has many design considerations, all of which do not need to be enumerated in the charter, which is obviously inclusive of Trying to minimize spam.

A

X

Yeah and I I do think the problem statement is I. Think it's pretty clear to most folks here and I think the way it's been articulated is fine. I mean on on the spam thing again. I raise this just to make sure that the way that the charter text is going to capture that aspect of the problem statement actually encompassed the way that some of these messaging systems behave right and I think we all here know how those missing systems behave. We've events that we can work this out in the working group.

X

A

You so we have four minutes left and we have four questions left.

A

um So we're going to move on unless you have objections to that. Okay. Does anyone think the ietf is not an appropriate venue for solving the problems we've talked about today?

A

Oh sorry, yeah I'm just going to leave the cue locked, so nobody can object.

A

Going once going twice good: okay, does anyone object to forming a working group with the proposed Charter module of changes discussed today? Obviously we have. We have more refinements that we need to discuss on introduction and Discovery Express user preferences, potentially spam um data residency and metadata, but we've had robust discussion. I have confidence that we will. uh You know, reach some some agreements on those bits of text so modulo. All of that happening.

A

Does anybody object to forming a working group with approximately the charter scope that we've been discussing.

A

Are you in the queue okay? Thank.

L

You go ahead. Fine, fine, um uh uh no idea object, but I I think I I. You know I think it's cool to ask some of these questions. The negative I think here will be guys to have some affirmative show of support.

A

You want to take us to come or.

L

Something yeah I mean I support this, but I just think like to be helpful to the 80s is uniform to show support that this is good work, not just no complaint Brian.

A

A

um Well, we can take a hum so um I'll do it off the cuff here. So so there's going to be two questions. Oh do we need to use the poll because it's remote.

B

Yeah- and this is why I like asking the negative questions, but what.

D

About, let's just take a show of support in the room you can take a hum. Yes,.

B

So so we'll get support in the room and, if you're in the chat uh part of our remote participants, please plus one. This um do folks in the positive version of this question modulo, the change is discussed today. Think that forming or working with approximately proposed Charter is a good thing and.

B

Several plus ones, so we had heard no objection when we asked the question and we got lots of plus ones and hums in the room when we asked the positive question, that seems like a uh a good show of support. Okay, yes,.

B

Okay, we're taking names.

B

Okay and I'm I'm, literally uh going to ask for people remote to please put their names in uh just so I want you, if you're remote or if you're, in the room and you're on the chat.

B

um If you are willing to review documents, please type the word review if you are willing to serve as an author or an editor, please type. The word author editor. If you are willing to chair, please type that word but I will ask in the room for uh uh arms to be thrown in the air as necessary.

B

um Do we have folks willing to review documents? Okay, so a good three quarters of the room raised their hand, I I'm, that I wasn't too worried about. um Are there folks who are willing to uh author documents or edit documents?

B

Okay, so I I, don't know that I know all the faces here. um I know: uh okay, do we wanna? uh Can the uh yeah is that a sufficient yeah hold those hands up? Please we are going to. We are going to blow up the portions of the photo and uh yes, unless you're wearing red line. Okay, thank you!

B

Oh yeah, red lanyard people um yeah! So here's the third one are there folks who are willing to share or co-chair this, and so we've got experienced people we've got inexperienced people um and we certainly would be happy to take both. So if you are even if you feel like I, don't know about sharing, if you think with an experienced person, you'd be willing to do that as a co-chair.

B

um Please shove your hand in the air and we're gonna. Do it in the room? Well, you can talk to Murray, but do we have at least a few people who are willing to do at least one we've got some some hands that are sort of wanting to not be in the air too long. But okay is that a and.

O

I heard Richard Barnes just volunteered.

N

If you're curious about it, I don't know what it entails yet come talk to me. Maybe I can talk you into it.

B

All right um so did Ecker and Richard want to say something about this buff question.

H

M

H

M

The Rosenberg is not volunteering, oh man.

D

That was a deep fake on the mic. There.

B

All right and then the next thing is um and again for folks who are in the chat room you can indicate um are who is planning on implementing the output of this? Currently sorry?

B

Well, right, um okay, so there's half a dozen people. Murray are you noting who those people are yeah? Okay,.

B

B

And that was, and the rest is our backup slides. um So we are at time, uh I I, think this Murray. uh uh Do you have any final comments, a successful buff all right. Thank you. All I think we're on a good path.

A

We're gonna have like an hour.

B

No I think that's fine, go down.

J

Government s complications.

J

H

D

Thank you, yeah yeah,.

H

F

Did feel I did feel a little yes, I mean well. I didn't feel a little bad. That I asked the semi-scope question that seemed to kind of go into a moment.

H

F

But yeah no, no.

D

I'm I'm actually going to spend some time in this world.

H

I

H

And I mean at the moment: yes.

U

Q

I I I I I I thought that asking for hands for chairs was interesting. I I really.