►
From YouTube: LISP WG Interim Meeting, 2020-05-14
Description
LISP WG Interim Meeting, 2020-05-14
A
A
A
B
C
C
C
C
Before
one
of
the
main
problems
we
have
detect
is
the
madcap
map
cuts
update
these
buffers.
Several
mechanisms
to
update
the
cache.
It's
like
expiration
time,
SMR
or
public
subscribe
I
believe
that
TTL
is
not
a
good
option,
as
in
order
to
work
properly
the
TTL.
We
need
to
be
ordered
of
the
order
of
few
seconds,
which
will
implicate
a
high
rate
of
control
message.
Then
most
of
times
will
be
to
be
notified,
no
changes.
C
C
We
are
talking
on
the
update
of
mapping
in
the
earth
year,
the
diversified,
but
the
map
cache
entry
is
updated
while
processing
the
encapsulated
map
register
stand
by
VTR.
But
what
happens
if
we
want
to
stop
using
a
specific
Archaea?
We
need
to
mechanist
weren't
registered
this
RTR.
The
same
mechanism.
I
believe
the
option
would
be
to
send
allah
a
last
encapsulation
map
register
to
the
RTR
with
the
new
map.
Also
from
the
point
of
view
of
the
XX
theorem
once
detecting,
we
are
not
behind
not
the
default
cat.
C
C
Options
would
be
to
resent
a
message
to
the
appropriate
et
earth
which
implicated
that
the
earth
young
should
maintain
the
status
of
the
remote
8
years
for
its
IME,
which
I
believe
is
not
visible.
Another
option
would
be
to
date
the
mapping
with
the
usual
procedure,
but
what
happens
with
the
status
learner
by
the
RTR
I?
C
C
Follows
the
usual
procedure,
the
mapping
of
replacing
the
old
mapping
with
the
state
to
punch
the
nut
with
the
unuseful
mapping,
the
brace
connectivity?
So
if
this
is
option
is
selected
previously
to
update
the
mapping,
the
RTR
should
do
some
checks
in
order
to
know
if
the
mapping
should
be
replace
it
or
not
like
checking.
If
it's
our
address
is
still
appears
in
the
mapping.
C
C
Now
the
DEA
DEA
Hunter
birth
to
an
ipv6
address,
but,
as
we
don't
know
any
IP
week,
6
address
of
the
RTR,
we
cannot
update
its
mapping
with
the
consequent
loss
of
all
connections
previously
established
until
until
their
catch
expires.
A
possible
solution
to
fix
this
scenario
would
be
that
the
announced
that
the
announced
at
RTR
by
the,
if
reply,
also
contain
ipv6
addresses
of
the
RTR
as
the
infrared
player
can
contain
information
for
several
archers,
and
we
don't
know
which
ipv6
is
associated
with
the
RTR
we
are
using.
A
Added
can
I
ask
you
something
on
the
previous
slide
so
just
to
understand.
In
the
second
case,
you
are
asking
that
the
RTR
we
have
also
on
ipv6
connection
address,
so
that
we
can
notify
the
RTR
that
we
actually
switch
it
to
an
ipv6
connection,
but
this
doesn't
mean
that
the
traffic
goes
through.
The
RTR
is
just
that
in
this
way,
the
RTR
knows
that
we
have
ipv6
somewhere
else
and
can
send
notify
that
ax
TR
to
update
the
dev
mappings
with
an
SMR,
for
example.
Is
that
what
you
mean.
C
C
Which,
in
terrain
to
our
tier
3,
we
can
notify
our
tier
2,
but
not
our
tr1,
as
we
don't
want
a
the
catch
with
the
earth
year.
1,
the
patch
is
increase.
It
one
hop
more
from
the
earth
to
our
tier
1,
the
natural
to
the
North
er
3
breed.
Finally,
the
moon
note.
Even
this
procedure
will
only
happens
during
TTL
time.
If
we
sum
we
somehow
have
a
history
of
music
art
years,
we
can
notify
all
them
in
order
to
not
increase
the
path
length
of
the
connection.
C
C
C
This
is
an
area
we
can
combine
to
solution.
Firstly,
if
the
mobile
node
doesn't
receive
data
map
notifies
from
RTR,
these
will
meet.
There
is
not
connectivity
and
it
should
remove
it
from
the
registration
from
the
resist
with
mapping.
This
could
be
combined
it
with
the
RTR
should
check
the
status
of
an
eID
in
the
catch
before
replying
improve
to
see
him
if
the
status
is
not
active,
then
the
RTR
to
should
not
reply
to
the
proof
message.
E
C
D
C
This
is
the
two
options
that
a
means
I
told
the
meaning.
The
first
option
is
that
we
are
TR
do
so
proxy
for
once
the
SMR
to
the
to
the
remote
ideas
of
the
of
the
ad
in
the
second
option.
What
we
do
is
that
the
the
mapping
of
TR
TR,
so
now
the
RTR
is
not
doing
NAT
traversal
functionalities,
but
acts
as
an
RT
R.
So
the
traffic
is
are
encapsulated.
So
in
this
is
scenario
the
RTR
1/2
half
the
destination
airlock
to
reach
ad
a
to
go
to
our
tier
2.
C
D
D
C
D
Not
the
mobile
node,
that's
why
f
Samar's
are
not
a
good
solution,
see
what
happens
is
the
mobile
node
is
the
only
one
that
can
control
it's
translated,
our
lok
as
well
as
the
RTR
that
uses.
So
it
needs
to
register
that
information
in
the
mapping
system
and
the
mapping
system
is
the
only
one
who
can
notify
all
the
ITRs
that
use
that
mapping
and
so
pub/sub
is
the
best.
Pub/Sub
is
the
best
solution
for
this.
I'm.
D
B
D
Other
ones
can't
work
because
unless
you
and
the
other
ones
can
work,
if
you
set
the
TTL
s
down
real
low,
it's
the
typical
what
we
hear
has
nothing
to
do
with
NAT
traversal.
In
the
sense
it
has
to
do
with
notifying
encapsulator
x'
when
mappings
changed
it
doesn't
matter
what
the
contents
of
the
mapping
is.
If
they're
translated
our
logo,
our
logs
or
our
Tiaras,
that
are
in
the
mapping,
these
are
mapping
changes
that
have
to
be
notified
to
encapsulator
x',
that's
the
general
problem
and
we
have
some
Albert.
F
Albert
so
I
read
that
so
we
didn't
consider
poop
soup,
because
it's
not
it
was
not
deployed
on
the
infrastructure
where
we
tested
it,
and
this
is
based
on
the
experience
of
testing.
Our
least
mobile
node
with
not
of
the
world
seems
the
least,
but
that
isn't
support
above
snap,
the
only
choices
we
had
on
that
time.
I
agree
that
the
debate
on
whether
to
use
pops
up
and
I
would
like
to
have
also
this
debate
on
the
list
wire
guard
presentation,
because
we
support
mobility
without
pops
up
or
SMR.
E
Okay
from
where
I
sit
it
sounded
like
some
of
the
concern
here
was:
there
was
a
need
to
improve
the
net
procedures,
but
there
was
concern
about
the
status
of
the
SMR
work.
It
seems
to
me
not
the
SMR,
the
pub/sub
work.
It
seems
to
me
that
if
we
need
to
publish
a
revision
to
the
network-
and
it
sounds
like
we
do-
there
are
some
corner
cases
and
don't
work
in
the
current
description.
It
is
perfectly
reasonable
if
we
think
it
is
the
best
answer
for
that.
E
Revision
to
point
at
pub/sub
is
the
way
to
solve
some
of
these
problems
up
to
you
guys
whether
that
is
indeed
the
right
answer,
but
I
don't
want
anybody,
thinking
that
the
status
of
the
work
is
a
reason
why
we
can't
point
at
that.
We
got
enough
coupled
stuff,
we're
gonna
clear
anyway,
coupling
an
improvement
to
the
net
to
a
mechanism
to
improve
than
that
is
perfectly
reasonable.
F
A
Such
a
way,
the
solution
is
simpler
and
because,
if
any
way
we
move
to
observe-
and
that
will
be
up
not
reversal-
we
observe-
then
we
have
something
that
we
will
never
use
with
SMR
or
other
stuff.
So
I
think
the
work
will
be
much
more
streamlined.
If
we
go
for
observe
now,
I
understood
all
that
why
we
are
here
and
while
you
you
explore
different
solution
because
implementation
experience,
but
maybe
we
should
go.
F
G
Quick
remark
so,
even
though
I
agree
that
pops
up
is
the
way
to
go,
we
need
to
put
on
the
table
and
I
think
that
this
can
work
better
with
SML.
If
we
allow
the
RTS
then
SML
to
the
remote
next
year,
so
that
in
the
diagram
that
you
have
here
at
tier,
2
or
tier
3
received,
they
say
my
friend
mo
L
note
and
then
on
their
own
they
forward
tomorrow.
They
recreate
that
a
smart
towards
the
remotest
years
that
they
know
on
their
map
caches
all
right.
So
does
thus
another
option.
You.
E
H
E
But
to
clarify
it
is
perfectly
reasonable
in
the
document
to
write
a
document
that
says
the
right
answer
is
pub/sub
if
you're
not
doing
pub/sub,
because
you
believe
you
can't
do
that,
you
should
be
using
SMR
this
way
with
to
at
least
improve
your
coverage.
But
there
has
these
drawbacks.
If
we
can
say
these
kinds
of
things
and
documenting
the
problems
we
found
is
a
good
thing.
E
D
D
D
D
If
the
mobile
node
advertises
RTR
one
in
our
tier
2
in
XP,
our
chooses
one,
it
also
can
Arlo
probe
fail
one
of
the
paths
and
choose
another
one,
but
if,
but
if
it,
our
look,
probes
and
both
those
paths
are,
are
reachable.
Yes,
it
could
choose
an
RTR
that
can't
reach
the
mobile
node,
so
I
just
want
to
clarify
the
mobile
node
cannot
reach
an
RTR.
It
should
exclude
it
from
the
mapping.
Was
that
the
point
you're
trying
to
make
ok?
Thank
you.
A
C
B
Question:
it's
not
probably
a
good
idea
to
answer
to
a
question
with
a
question,
but
what
is
the
suggestion
of
the
chasers
right,
so
I?
Think
I,
understood
from
this
conversation
is
focus
on
the
make.
I
think
you
think
is
more
most
promising.
That
is
pub/sub,
but
you
know
document
also
that
a
solution
can
be
improved
if
you´d
in
case
you
don't
have
observed
by
using
SMR
a
document.
Why,
in
in
the
document?
A
A
You
should
have
a
look
to
order.
Rfc's
speak
about
not
reversal
for
all
the
protocols
and
technology.
Why
I
said
that?
Because
in
the
ETF
there
are
documents
that
say
there
are
different
types
of
not
and
when
you
have
different
types
of
that
you
can
traverse
them
in
a
different
way.
So
you
should
have
a
look
to
that
because
if
we
don't
do
it,
we
go
for
publication.
Somebody
will
do
the
remark
and
say:
how
does
it
work
these
mechanism
when
I
have
different
types
of
now?
A
B
B
I
D
D
I
have
deployments
where
I
what
device
is
behind
Nats
at
homee
in
mobile
notes
that
are
using
that
devices
at
mobile
providers
can,
when
they're
in
containers
they
go
through
Nats
when
they're
in
VMS
and
cloud
providers
they
go
through
Nats.
That
is
like
a
crucial
and
very
important
part
for
list
to
solve,
or
that
just
won't
have
any
deployability
in
those
environments.
D
We,
our
90
percent
of
the
cases,
the
other
cases,
it's
deployed,
our
enterprises
where
everything's
inside
a
firewall
and
although
our
loads
are
global,
and
but
if
you
want
it
to
be
implemented
out
in
the
wild
for
a
lot
of
these
things,
I
mean
just
look
at
Sharon's
next
next
agon
case,
that's
going
to
be
through
NAT
traversal
as
well,
and
so
nobody
has
really
I
mean
we
really
have
to
take
a
look
at
this
design.
It's
way
too
complicated.
We
have
to
ask
why
nobody
has
implemented
why
there
aren't
multiple
implementations.
A
A
D
Understand,
Fabio,
Albert
and
I
were
going
to
put
a
document
together
and
we
just
haven't
gotten
to
it
yet.
So
this
is
something
that's
been
kind
of
happening
for
a
couple
years
and
the
reason
we
didn't
put
effort
into
it
is
because
we
knew
the
working
group
wouldn't
accept
it
because
it
wasn't
critical
work
yet.
So
we
need
to
know
if
we
could
start
working
on
this.
So
we're
just
we're
sorting
out
our
priorities
as
well.
I.
A
J
I
do
a
quick
recap
of
the
of
the
draft
just
because
it's
new
and
then
I'm
going
to
touch
on
a
few
touchy
points,
sensitive
ones
and
we'll
welcome
any
feedback
from
the
group.
Okay,
all
right.
So
the
goal
is
to
leverage
all
these
AI
cams.
In
all
these
cars,
practically
every
car
will
have
one
using
least
multi-point
to
multi-point
channels
between
cameras
and
apps.
J
The
partition
two
of
the
world
to
this
channel
is
based
on
a
grid.
The
grid
chosen
is
h3.
This
is
because
of
it's
very
elegant
hierarchy
and
very
clear
and
neighboring
for
propagating
the
impacts
of
things,
but
it
can
easily
be
translated
to
sleep
eat
a
lot
of
times
using
the
same
channel
technology.
K
J
The
ad
h3
services
are
hosted
at
the
edge
and
as
a
car
it
drives
by
and
sees
stuff
it
sends
and
to
the
idea
what
so
and
the
Eid
multicast
it's
to.
Whoever
needs
to
know
here
is
an
example
of
cars,
finding
parking
for
other
cars
and
this
car
saw
and
this
parking
spot
being
available.
It
doesn't
need
it,
but
it
does
see
and
it
sends
and
to
the
edge
RTR
a
lock
with
the
same
come.
All
of
this
is
how
it
reversed
not.
J
Each
h3
service
r9
hierarchy,
which
is
a
few
blocks
representing
a
few
blocks
with
the
mobility
client
ID,
which
is
a
it's
CID
sort
of
temporary
ID.
It
gets
every
time
to
be
able
to
participate
in
this
network
and
then
from
there
on
it's
just
tuples,
where
what
and
in
these
cases
in
which
tile
there
is
a
free
parking
and
it
charges
frequently,
because,
like
two
tiles
right
now,
these
tires
are
hot
or
any
parking
up.
This
is
how
it
looks
like
in
the
draft
informational,
that's
the
tuples.
J
It
can
be
captured
very
simply,
and
this
whole
information
doesn't
not
change
anything
unless
it
leverages
existing
mechanism.
The
mobility
client
parse
the
street
view
that
they
see
the
localize
and
publish
to
the
hvad
service.
They
use
access
tunnels
to
release
RT
ours.
The
RTR
is
our
map
assistant.
The
tunnels
are
just
simple
tunnels
and
it
relies
in
fact
there
is
connectivity,
IP
connectivity,
and
we
need
lists
for
logical
connectivity.
The
flip
side
is
that
mobility
I
declined
on
a
need-to-know
basis
on
an
interest
basis.
J
There's
an
MLP
report
to
the
RT
ours
with
the
Eskimo
GS
is
the
r9.
Where
and
G
is
what
team
both
of
them
are
IDs
the
head
RT
ours,
which
receives
from
the
h3
service
updates
on
a
theme
and
on
specific
online
specific
name
replicated
it
to
all
the
a
subscribed
art
yard.
Sorry
life,
yours
replicated
through
the
unique
line,
o
discussion
point
one.
J
As
we
said,
the
the
anchoring
of
these
multi-point,
the
channels
are
our
nine
are
presented
by
this
grid.
It's
very
easy
to
algorithmically
come
up
with
a
Eid
for
these
a
IDs,
because
the
general
GPS,
if
you
just
remove
a
few
digits,
translates
to
a
hexagon
ID,
which
is
the
Eid
with
some
massaging
becomes
any
ID,
but
they
are
15,
which
is
where
exactly
did
I
see.
What
I
saw
that's
a
little
bit
more
tricky,
because
GPS
is
very
inaccurate.
It
jitters
a
lot,
it
fluctuates
and
you
can
compensate
by
aggregating.
J
A
few
people
who
saw
I
saw
the
same
thing
and
in
the
tile
it's
very
efficient
to
cluster
detections
together
and
come
up
with
where
you
think
it's
really.
It
really
is,
and
it's
also
getting
better
with
article,
but
article
doesn't
always
solve
GPS
problems
in
urban
areas.
It's
not
the
same
as
a
like
sunspot
interference.
It's
like
building
interference,
so
one
very,
very
efficient
method
is
using
anchor
frames.
J
J
One
mitigation
which
may
or
may
not
be
acceptable
that
it's
very
easy
for
the
client
to
Blair
and
anonymize
everything
about
the
picture
even
sometimes
leave
it
uncompressible
to
human
eye,
but
very
compressible
to
localization
algorithm
that
will
we'll
find
the
exact
anchor
frame
which
matches
it
and
therefore
avoid
any
privacy
issue.
So
it's
a
touchy
point
I
just
bring
it
here,
interested
in
any
possible
inputs
on
I'm,
not
going
to
put
it
in
the
text,
but
I
just
want
to
know.
You
know
you
know
it's
I'm,
thinking
about
it.
We
are
thinking
about
it.
J
Have
your
opinion.
The
second
point
which
I
love
feedback
on
is
this
all
methodology
that
they're
using
this
to
do
this
cloudless
processing?
So
we
know
you
know,
network
processing
is
not
new.
The
classical
model
is
SFC
and
it's
a
bit
different
than
what
we
do
here
and
it's
interesting
to
look
at
the
difference
in
SFC
when
we're
doing
that
for
processing,
we
use
a
addressable
function.
J
Network
function
using
the
overlay
we
attach
addresses,
and
we
Traverse
this
VM
so
as
if
there
were
physical
devices,
but
the
states
that
these
functions
need
they
are
prefetched
like
the
white
leaves,
the
black
leaves
the
filters
whatever
it
is,
they
need
in
order
to
operate
correctly
are
prefixed,
so
the
the
functions
are
addressable.
The
states
are
prefect
in
this
model.
J
J
It's
just
code.
I
can
just
fetch
it
from
anywhere
and
therefore
it
it
can
be
pretty
much
interesting
to
look
at
that
and
and
see
that
you
know
this
allows
us
to
do
a
in,
in
this
case,
to
implement
these
these
channels,
where
we
apply
functions
at
the
stay,
but
for
the
purpose
of
sharing
cameras,
but
it
has,
it
may
have
more
broader
applications.
There
are
there's
a
lot
of
stuff
that
you
cannot
process
at
the
cloud
you
can
process
at
the
edge.
J
For
example,
almost
all
media,
it's
almost
impossible
to
move
media
to
the
cloud
like
takes
forever,
but
it
is
possible
to
annotate
it
at
the
edge
and
create
these
channels
that
can
be
stored
anywhere
in
the
and
you
can
do
that
by
by
partitioning
using
algorithmically
source
routed
addresses
like
these
I
thought.
It
may
be
interesting
to
look
at
that.
E
Okay,
two
things:
first
I'm
going
to
interrupt
this
for
a
public
service
announcement.
Please
sign
into
the
blue
sheet.
There
are
24
people
listed
here
and
there
are
like
ten
eleven
on
the
blue
sheet.
We
need
everybody
to
sign
in.
It
is
part
of
the
rules,
please,
second,
just
to
Clara
by
something
well,
I
appreciate
your
point
about
being
able
to
pre-staged
the
compute
and
just
send
the
data
to
the
rut
to
to
wherever
it's
to
keep
the
data
ship
blasts.
E
Don't
compare
that
with
SFC
place,
because
SFC
is
about
sending
something
diverting
something
to
an
entity
to
which
it
is
not
addressed,
and
in
this
case
you
are
addressing
the
data
to
the
function.
It's
just
you're
gonna
move
the
function
closer
to
the
listener
by
using
Lisp
to
map
to
where
to
send
it
and
I
get
that
it's
just
the
comparison
test.
Fc
just
really
bothered
me
as
SFC
culture,
okay,.
F
J
E
I,
do
that
the
point
of
by
using
Lisp
you
can
move
the
stuff
around.
Please
take
it
where
you
want
the
function
where
you
want
it,
maybe
it's
closer
to
the
user.
Maybe
it's
not
that's
a
deployment
choice.
You
get
the
flexibility,
I
understand
that
value
I,
just
and
so
isn't
disagreeing
with
the
fact
that
there
is
value
in
what
you're
doing
it
was
just
the
way
you
present
it
are
there
questions
anybody
else,
hunt
there's
nobody
on
the
queue,
but
does
anybody
else
want
to
speak
up.
G
J
But
here
this
the
client
is
very
hard
for
him
to
do
that,
because
you
cannot
store,
but
the
the
state
there
are
nine
and
can
do
that.
The
mapping
system
is
just
be
able
to
manage
orchestrate
this
whole
this
whole
and
characterization.
That's
the
goal
of
mapping
to
I
assume
it's
working,
it's
perfect!
It
has
pops
up
works
over.
E
G
Yeah
there
was
a
lot
of
comments
on
possibly
on
and
I
seen
that
I
think
that
part
of
it
is
we've
seen
the
web
into
lists,
but
I
think
we
need
to
work
a
bit
on
it.
There
are
some
aspects:
I
wanted
to
discuss.
Many
thing.
This
interim
Issa
is
a
great
opportunity
to
do
so.
So
a
quick
recap
on
on
pops
up
or
those
to
do
that
that
happen
they
can
I'll
pop
it
off.
Well,
the
difficulty
in
with
almost
the
same
content
of
some
time
now,
so
it
hasn't
changed
a
lot.
G
It
may
change
some
stuff
of
today's
discussion
we'll
see,
but
the
basic
idea
with
pastor
is
that
you
see
a
map
request.
You
can
set
a
new
bit
that
we
introduced
in
the
draft.
That
is
the
N
bit
for
the
eye.
One
modification
you
can
send
the
N
bit
to
one
and
then
you
include
the
dexterity
so
that
the
maps
identify
you
and
that
goes
to
the
map
server.
If
the
map
server
supports
pub/sub
operation
and
wants
to
subscribe
you,
it
will
notify
back
to
you
that
you
have
been
subscribed
by
sending
back
mum.
Notify.
G
Is
the
power
request?
If
the
map
said
where
does
say
and
allow
Assad
or
doesn't
support
it,
it
will
send
back
a
map
reply,
so
it
will
be
a
standard
disp
operation.
It
will
be
ignoring
the
damn
bit.
Basically,
the
subscription
mechanism,
the
the
publication
is
whenever
there
is
an
update
on
the
on
their
log
set
for
a
particular
mapping
on
the
map
server.
The
map
server
would
go
through
the
list
of
XT
ours
and
it
would
give
the
XT
ready
for
that.
G
It
will
go
through
the
list
of
X
tiers
of
having
subscribe
to
that
mapping.
I
will
send
a
publication
to
those
in
the
form
of
her
mom
notify
and
then
the
the
idea
will
modify
AK
what
knowledge
they
notify.
That
was
the
publication
and
then
yes
to
complete
the
story
that
subscriber
stone
if
the
ITR
triggers
and
subscribe
is
just
send
in
a
economic
request
damn
bit,
but
we
no
idea
rare
logs
saying
that's
the
way.
G
We
have
to
signal
that
the
idea
doesn't
want
to
be
notified
anymore
and
if
he's
the
map
server,
the
one
that
is
unsubscribing,
then
the
way
to
signal
that
to
the
idea
is
by
sending
a
modified
weary
TTL
equals
zero
okay.
So
that's
tough
stuff
in
a
nutshell.
So
now
the
questions
that
at
least
I
have
and
I
guess
that
some
of
you
guys
have
and
feel
free
to
ask
here.
G
So
the
the
biggest
one,
for
me
at
least,
is
how
we
established
an
idea,
much
server
security
Association
and
we
have
some
options
in
the
slides.
I
will
discuss
and
prodigies
will
take
most
of
the
time
under
sedation,
then
how
we
handled
incremental
analysis
in
pubs
at
four
in
the
same
approaches
in
in
the
which
documents.
Well,
we
use
incremental
nurses
to
prevent
a
reply,
attacks
and
then
I'm
minor
note
on
on
description.
That
will
be
really
quick.
So,
let's,
let's
get
into
the
security
Association.
G
So
there
was
some
discussion
on
the
underneath
and
there
was
concern
about
the
office
as
well
and
I
wanted
to
bring
it
to
the
to
the
working
group
to
hear
different
opinions.
We
have
these
two
options
that
maybe
more
so
let
me
let
me
maybe
go
through
through
the
apps
that
we
have
documented
and
then
we
can
have
some
discussion
on
there
on
the
circular
system
before
we
move
on
to
the
next
topic.
So
so
this
is
option
one.
G
G
It
not
only
includes
you
know
that
a
standard
we
say
addiction
that
it
was
included,
partial
sealed-
and
this
is
a
bit
different
from
what
we
discussed
in
the
Middle
East
in
the
Middle
East.
We
were
saying:
listen
any
directly
a
pops
up
key
on
the
on
the
map,
server
and
included
in
the
map
reply.
We
we
modify
data
bit
certificate
in
the
directly
a
key.
You
include
a
seal
that
can
be
used
to
compute
the
key
just
because
and
we
need
to
maybe
check
this
weed,
which
you
see
a
special
by
using
a
seed.
G
Maybe
you
don't
need
to
include
the
seat.
Just
authenticate
the
seed
since
the
the
key
is,
is
Neverland
clear
in
the
in
the
in
the
path
and
and
both
hands
can
can
can
generate
it
on
their
own.
So
then,
the
the
idea
received
this
receipt.
It
generates
the
the
key
with
the
seed
plants
idk,
so
both
ends
the
map
server
and
the
idea
have
both
the
seed
and
the
under
decay
at
the
end
of
the
strains
and
then
from.
E
G
G
This
is
an
option,
for
instance,
to
include
the
pop
shots
field
on
the
list:
SEC
application
data,
which
is
basically
taking
memory,
platinum
data
type
one
and
then
extending
it
to
to
have
the
sieve,
so
it
would
be
type
two,
and
then
we
see
that
the
at
the
bottom
now
one
aspect
with
this
approach
is
that
if
you
remember
the
idea
where
the
very
beginning,
we
were
saying
that
the
way
to
acknowledge
the
subscription
request
based
in
Alamo
notified.
However,
here
we
we
need
to
send.
G
So
how
am
I
replied
because
the
multiplies
the
one
in
Lisak
the
man
replies
the
one
that
is
carving
the
authentication
data.
So
if
we
want
to
go
this
route,
maybe
we
should
consider
you
seen
a
map
reply
with
some
extra
bits
or
something
or
directly
the
the
authentication
data
as
a
signal
to
adenylate
the
the
subscribe
sky
request
and
say
a
question
for
Dino
Dino.
G
Maybe
let
me
finish
the
other
option
and
then
we
can
take
all
together
so
okay,
so
the
other
option
that
that
we
were
considering
is
to
do
directly
the
otk
as
the
seed
or
another
option
could
be
to
include
the
seed
on
the
on
the
map
request
directly.
So
basically
that
means
that
the
the
the
idea
will
drive
the
generation
of
the
of
the
seed
or
the
or
the
okay
and
and
the
map
seller
just
needs
to
produce
it.
These
will
allow
to
keep
using
the
notify
as
the
subscription
is
DK.
G
So
we
can
keep
the
current
implementations
that
are
there
that
you
see
in
my
modify
as
the
subscription
or
decay,
so
description
ACK.
And
then
you
don't
need
to
change
that.
Much
on
the
list
set
s
tense,
you
can
just
take
the
thankee
one
thing
to
notice.
Is
that
the
the
the
one
thing
he
should
be
encrypted
end-to-end
in
the
path
between
the
idea
and
the
map
server?
That
is
a
standard
leezak
operation.
G
D
D
G
D
K
D
B
This
fab
you
so
the
one
time
key
is
used
once
in
the
contest
of
Lisp
SEC,
basically
authenticate
the
map
reply
that
is
going
from
the
map
server
to
the
idea.
We
also
used
the
one-time
key
English
SEC
to
derive
another
key,
for
example,
that
is
used
to
protect
the
communication
from
the
ETR
to
the
I
to
protect
the
application.
The
authenticated
data,
that
is,
that
are
part
of
the
map,
replied.
B
It
is
true
that
you
know
I
mean
we,
we
change,
we,
we
call
the
one-time
key,
because
when
we
designed
this
protocol
some
years
ago,
you
know
we
thought
you
know
we
thought
only
to
this
application.
In
this
case
the
key
that
is
derived
from
the
one-time
key
as
a
lifetime
that
spans
longer
than
the
one-time
key,
but
think
mean
we
need
to
work
out
the
details,
but
I
mean
you
can
probably
refresh
that
key.
B
D
B
B
But
I
mean
the
frequencies
once
you
have
established
a
key,
you
have
derived
from
the
one-time
key
a
key
that
he
used
to
secure
the
map
notify
protocol.
Then
you
can
keep
using
the
key,
the
derived
key
okay
to
secure
the
subsequent
messages
exchanged
for
the
map
notify
protocol
for
pub/sub
in
general.
B
So
basically
you
you
can
keep
sending
map
notify
back
and
forth
a
map
notify
AK
protecting
that
you
have
a
way
to
use
another
one-time
key
to
refresh
the
key
that
you
are
using
for
the
map
notify
protocol
so
you're,
basically
decoupling
the
two
key,
even
if
they
are
still
derived
from
the
from
the
from
the
one-time
key.
So
we
trying
to
describe
the
key
hierarchy
here
right.
So
the
root
of
trust
that
is
at
the
base
of
the
sec
is
the
shared
key
that
is
between
the
ITR
and
the
Maxell
right.
B
That
is
what
we
use
to
bootstrap,
the
one-time
key,
and
so
that
is
one
first
level
of
the
hierarchy
here
then,
we
use
the
one-time
key,
for
example,
to
derive
another
key
that
is
used
to
secure
the
part
of
the
message
that
goes
from
the
ETR
to
the
idea.
What
what
we
are
suggesting
here
is
we
say
by
using
the
seed.
We
also
generate
another
key.
We
derive
another
key
from
from
the
one-time
that
is
used
to
secure
the
map,
notify
map
notify
acts
that
are
used
by
the
tamson
protocol.
B
Or
is
it
not
really
in
the
sense
that
you
can
use,
for
example,
one
one-time
key
to
establish
a
pubsub
key
and
you
can
keep
using
the
top
sub
e.
For
you
know,
maybe
the
lifetime
of
the
pub/sub
relationship
between
the
devices
that
are
part
of
these
of
these
types
of
relationship.
Then,
when
you
send
a
new
one-time
key,
you
can
use
the
new
out
when
tankey
to
refresh
the
pattern
right.
So
they
are
not.
G
G
Two
is
you
derive
the
key
directly
from
the
one
thankee,
so
the
difference
I
see
is
that
in
the
first
option
you
generate
the
key
from
two
pillars:
information
that
never
go
on
the
same
path
right,
because
the
one
thing
he
goes
on
the
path
from
the
idea
to
my
server
and
the
seed
comes
from
the
path
from
the
map
server
to
the
idea.
That
are
two
different
paths
once
goes
through.
The
map
insist
and
the
other
goes
directed.
G
That's
right,
you
know
yeah,
so
if
we
believe
that
the
the
option
of
going
just
just
using
that
the
one
thing
ki
as
their
as
the
way
to
derive
if
the
the
pops
off
key
and
that
we
trust
in
north
the
path
from
the
ITR
to
the
Marcel
through
the
map-resolver
that
we
can
go
with
option
two
that
is
basically
using
the
one
ten
key
directly
as
they
as
they
as
the
seed
itself
to
the
right
the
key.
So
then
you
can
leverage
the
what
what
you
have
today
on
the
protocol.
G
So
you
don't
need
to
change
the
little
pops
up.
I
didn't
need
to
change
Lisa
to
do
support
this.
It
seems
to
me
up
I,
don't
know
it's
less
security,
the
writer.
It
says
to
me
that
it
has
a
different
set
of
trade-offs
in
terms
of
security
for
for
convenience,
but
if
this
is
security,
not
which
may
be
because
it's
radically
they
depart
from
the
ITR
to
the
map
service
will
be
secure,
then
we
can
go
with
option
two
and
and
and
belong
with
it.
My.
A
A
A
A
Let's,
let's
take
learn
for
the
B's
experience,
so,
let's
think
carefully
the
level
of
security.
We
want
to
add
here
so
that
we
really.
We
are
really
sure
that
once
we
we
push
the
document
for
publication,
then
it
doesn't
come
back
with
stuff,
say
and
I
would
say.
Maybe,
with
with
option
one
you
can
is
more
general.
So,
instead
to
having
look,
you
have
the
general
solution,
one
other.
A
B
Its
second,
what
is
it
saying
right?
I
mean
we
have
learned
something
from
the
past
and
yeah
I
mean
I,
agree
that
you
know.
If
we
look
clearly
at
the
optimization
there
are
trade-offs
about
timing.
We
want
to
really
specify
a
clean
hierarchy
and
a
clean
purpose
for
each
key
that
we
are
going
to
use
and
I.
Think
it's
clear
that
if
we
don't
do
that,
then
you
know
the
security
review
is
going
to
be
much
more
complicated.
Now,
at
the
end,
I
believe
I
mean
it's
sure.
B
G
B
And
let's
pick
you
late
a
little
bit
the
proposal
right
and
when
we
have
enough
detail,
sir,
then
I
think
you
know.
We
know
the
types
that
we
should
be
with
and
and
we
can
do
that.
G
So
when
a
man-in-the-middle
freeze
and
can
capture
a
packet
and
even
though
it
may
not
modify
it,
it
can
send
it
again
at
a
later
time
and
then
break
the
system.
So
in
pops
up
since
about
the
subscription
and
the
publication
have
subject
to
reply
attacks
you
need
to
protect
both
with
incremental
knows
so.
The
publish
should
be
easy
to
to
keep
track
of
the
non.
So
you
have
the
map
server
and
them
XT
are
extending
ma.
G
Notify,
am
I,
wonder
if
I
hack
and
every
time
a
new
loop
allocation
extend,
the
nonce
is
increased,
so
the
next
year
can
verify
that
the
Narcisse
is
valid
and
the
map
notifies
accepted.
Now
on
the
under
subscription
and
that
and
then
the
police,
it
can
be
done
because
they,
both
the
texture
and
I'm
sure,
are
aware
of
each
other,
so
they
can
correlate
they
for
each
x,
TR,
MS
air.
G
They
can
and
know
the
the
knowns
that
is
supposed
to
to
appear
on
a
given
packet
now
for
the
subscription
is
a
bit
more
tricky
because,
as
a
next
year,
you
say
my
map
request
to
subscribe
and
you
need
to
put
an
answer,
but
you
don't
know
to
which
map
server.
That
request
is
going
to
go
because
you
send
it
to
your
map
resolver,
not
at
map
server.
So
you
know
to
which
map-resolver
you
send
your
request.
G
You
don't
know
to
which
map
server,
that
request
will
land
on
so
I'm,
not
sure
which
is
the
Bobst
option,
and
you
can't
announce
it
because
you
want
to
prevent
others
to
you,
know
research,
review
or
unsubscribe
you
in
the
future.
You
plan
your
message
under
C,
which
is
the
best
option
to
other
thing
criminals.
Here.
G
One
thing
that
was
proposed
was
to
use
a
global
nodes
for
all
the
subscription
operation
for
a
given
next
year,
so
that,
basically
he
doesn't
matter
in
which
mapserver
the
map-request
will
land,
because
the
xti
will
always
use
incremental
nonsense.
So
it
will
always
say
an
unknown
speaker,
the
Jewish
one
with
which
that
means
may
mean
the
you
will
see
some
graphs
or
the
map
server
will
see
some
gaps.
If
you
have
to
say
three
total
three
map
service
in
the
in
the
deployment
and
the
map
requests
had
a
spread
occurs
across
the
a3.
G
D
M
D
G
D
But
when
you
send
a
map
request,
you
pick
a
random
number
as
the
nonce
right
and
because
you
you
have
to
write
and
then,
when
you
get
a
reply
back,
then
you
have
to
know
that
any
subsequent
map
requests
that
are
sent
to
that
map
server
have
to
be
incremented,
but
it
won't
scale.
So
it's
not
a
it's.
You
know
it's
wrapped
either
way.
If.
G
The
yeah,
so
you
will
the
berryfest
okay,
the
very
first
map
request
will
be
random,
but
then
the
rest
not
again,
because
you
you
need
to
so.
Let's
say
you
need
to
send
to
map
request
right.
You
want
to
subscribe
to
to
preferences
and
and
those
two
prefixes
happened
to
be
on
the
same
map
server,
but
you
don't
know
that
right,
so
you
send
them
up
request
for
the
first
prefix
with
a
random
notes.
You
get
the
baki
is
so
good.
D
G
D
D
A
D
Know
server
not
in
the
ITR.
We
know
the
map
server
has
to
store
a
lot
of
state
because
it
has
to
send
map
notifies
that
everybody
who's
interested
in
the
era
looks
at
change,
but
the
idea
now
has
to
keep
stay
for
all
the
map.
Servers
and
we've
never
had
to
do
that
before.
An
ex
TR
would
only
have
to
know
about
two
or
four
map-servers
just
to
send
registrations
and
only
know
a
map-resolver
for
all
the
map
requests
it
would
ever
have
to
send.
D
K
G
So
the
problem,
the
product
of
having
a
single
knowns
for
Adam
of
service,
is
that
you
run
out
of
non
sooner.
If
that
may
be
a
problem
eventually,
the
non-stress
will
be
always
be
bigger
right.
So
you
don't
need
to
think
anything.
You
just
need
to
check
that
this
vehicle
and
the
previous
one
you
seen
observer.
B
Basically
will
receive
a
larger
knowns,
probably
not
in
sequence,
if
let's
say
a
lot
of
requests
to
go
to
one
map
server
that
will
increase.
But
when
you
go
to
the
other
one
that
map
server
will
receive
after
a
big
hole
and
a
value
that
is
still
incremental.
We
need
to
be
careful
because
I
think
there
are
attacks
that
can
be
done.
B
Taking
the
map,
requests
that
are
going
to
one
map
server
and
replying
to
the
other
map
server
so
but
I
mean,
if
you
wrote
it
at
the
end
at
the
global
state
is
not
it's
not
really
compromised,
but
we
need
to
think
a
little
bit
through
the
solution,
but
I
hope
that
we
can
do
it
without
synchronizing
the
state
across
the
across
the
map.
Server.
A
D
D
B
D
B
G
N
A
B
B
The
point
is
I
mean.
Do
I
think
the
discussion
here
is
that
I
mean
we.
We
are
pointing
out
to
the
issues
and
we
understand
that
are
there
are
open
problems.
It's
very
good
to
have
this
kind
of
conversation.
I
think
you
know
going
in
the
direction
of
trying
to
synchronize
is
not
a
goal
of
the
design.
At
this
point.
G
Okay,
then-
and
the
very
last
point
is
just
really
quick-
is
I-
would
like
to
bring
you
guys
and
to
understand
what
do
you
think
about
I'm?
Sorry,
the
subscription
that
means
when
next
year,
out
of
the
blue,
receives
a
map
notified
as
a
pops
up
so
as
a
publication,
and
then
it
uses
it
to
update
each
state
without
prior
request
to
subscribe.
A
M
G
You
do
map
service
subscribe
and
next
year
without
this
they
are
asking
for
it
and
the
case
can
be,
for
instance,
when
you
have
an
ELP
miss.
Please
look
at
her
path
and
you
know
that
some
hops
are
going
to
be
traversed
by
a
packet,
but
the
hops
don't
know
it
yet
the
map
several
knows
it.
It
may
be
proactive
list
and
the
the
publication
to
them.
So
they
have
the
state
before
the
packets
arrived
at
this
case.
But
then
the
security
aspect
is
is
tricky.
G
Here
you
need
to
have
either
pre
Serkis
explicitly
good
before
for
deployments,
where
you
know
you
put
this
everyone,
and
then
you
need
also
to
realize
that
you
need
to
have
incremental
nuts
as
well.
So
basically,
it
saved
who
estart
announced,
because
in
the
in
the
regular
operation,
the
XS,
the
one
that
picks
the
knowns
and
then
issues
incremental
through
the
process
in
here
is
the
maps,
everyone
that
picks
the
nodes
and
then
increments
over
the
processor.
D
Well,
the
lp
change
is
definitely
on
our
local
set
change
and
you
would
think
that
the
ITR
should
want
to
ask
for
that
or
otherwise
it
shouldn't
be
notified,
because
then
you're
gonna
get
these
notifications.
You
don't
want
and
who
knows
where
the
ITR
is
located,
may
not
be
able
to
have
enough
bandwidth
or
CPU
power
to
to
do
it,
and
it's
it's
a
dots
attack
waiting
to
happen
by
a
roadmap
server.
So
for
that
use
case,
you
should
still
require
solicited
subscriptions.
D
L
A
G
My
question
is:
is
it
okay,
for
they
will
go
to
a
state?
This
I
mean
saying
that
if,
if
we
want
to
support
this
kind
of
behavior,
then
the
the
requirements
have
this
and
that
and
they're
going
to
be
a
strong
requirement
like
having
a
preset
key
across
all
entity.
So
this
may
not
work
in
other
scenarios.
The
working
group
be
fine
with
that
or.
D
F
A
A
F
F
O
O
O
F
F
So
in
this
talk,
I
will
basically
discuss
what
is
worthy.
A
super
brief
introduction,
then
what
we
have
done
and
then
some
implementation
and
performance
analysis
and
finally,
the
discussion.
What
is
Barger
so
I
apologize
for
those
of
you
that
we
already
know
I
will
try
to
go
quickly
through
the
slides.
So
while
there
it
is
basically
our
secure
network
tunnel.
These
are
basically
DPM.
It's
it
has
been
merged
onto
the
in
the
Linux
kernel.
F
F
So
they
are
entering
into
a
quite
crowded
space,
which
is
VPNs
right
and
they
say:
okay,
let's
take
a
look
at
traditional
solutions
such
as
IP
ii,
I'm
a
nike
and
they
say
basically,
they
support
a
very
large
set
of
cipher,
suites
and
PM
change
mechanism
and
they
separate
exchange
layer
from
encrypted
transport
right.
And
although
this
is
academically
a
sound
approach
to
this
the
result
of
the
whole
architecture,
it's
super
complex
because
you
support
many
different
security
mechanism,
which
means
that
this
needs
these
needs
to
be
negotiated.
The
code
is
super
complex.
F
This
is
prone
to
errors.
It
is
harder
to
perform
a
sound
security
out
of
it
and
so
on.
So
what
this
is?
We
will
try
to
do
something
which
is
way
less
flexible.
They
are
not
aiming
for
flexibility,
but
rather
for
simplicity,
so
they
try
to
drop
as
many
things
as
possible
to
keep
it
extremely
simple
and
have
a
super
small
code
which
is
simple,
simpler
to
manage
and
to
12-8.
F
So
this
is
how
we're
go
work.
Basically,
it's
a
builder
interface
that
will
bring
up
as
a
standard
interface
on
in
Linux
and
you
can
add
an
IP
address
which
they
don't
call
it
this
way
of
course,
but
we
can
assume
that
it's
equivalent
to
what
we
call
nav
and
then
you
add
some
route
and
so
on,
and
this
is
the
other
interface
the
word
interface
node.
Then
you
have
to
apply
the
security
configuration
which
I
will
discuss
later
and
once
you
apply
the
critical
figuration
you
end
up
with
something
like
this
peers.
F
F
F
So
the
workers
interface,
it
has
what
they
call
a
crypto
key
rod,
which
is
basically
it
peer
identified
by
the
public
key
and
then,
once
the
pill
has
been
identified
by
the
public
key.
The
packet
is
encrypted
and
routed
to
the
endpoint
of
that
peer,
which
is
the
locate
the
locator
and
using
as
the
in
the
packet,
the
LEDs
for
the
local
peer
and
the
destination
peer.
F
So
just
finishing
with
with
well
guard
the
it's
quite
important
to
understand
that
the
key
distribution
that
they
are
aiming
for.
So
how
do
you
deploy
the
public
keys
on
the
peers
is
equivalent
to
operation
open?
It
SSH
meaning
that
you
just
use
an
out-of-band
exchange
mechanism
to
configure
a
static
public
keys
between
the
peers,
so
you
send
it
by
email
or
your
secure
copy
them
or
whatever
you
want,
but
they
don't
provide
any
sort
of
mechanics
for
that.
But
at
the
same
time
it's
super
easy.
F
Once
you
have
the
kid
you
just
configure
it
and
that's
it
exactly
same
as
SSH
before,
where
God
does
not
have
its
traditional
approach
to
cipher,
suites
and
protocol
agility,
meaning
that
worker
does
not
have
to
negotiate,
which
is
the
appropriate
security
mechanism.
But
they
will
use
among
the
one
supported
by
the
peers,
but
rather
only
supports
are
very
a
small
set
of
cipher
suite
and
and
if
you
want
to
change
that,
basically
you
need
to
do
a
software
update
on
the
worker
node.
F
So
it's
more
like
a
DevOps
approach,
rather
than
a
security,
iteration
security
approach
and,
most
importantly
I
guess
for
us-
is
that
then,
once
you
have
this
done,
everything
else
happens
below
the
workers
interface.
The
administrator
does
not
have
to
carry
out
anything
meaning
that
the
key
session
exchange
connection
disconnection
reconnection.
Discovery
of
the
new
mapping
is
de
mobile.
If
the
node
has
moved
the
new
endpoint
and
everything
else
happens
below
the
workers
interface
and
you
don't
have
to
do
anything.
F
So
there
is
no
kind
of
word
to
what
the
control
plane-
and
this
means
that
well
worker
natively
support
free
mobility
without
any
kind
of
notification
such
as
SMR
or
random,
of
service
such
as
a
commission.
They
don't
get
any
kind
of
messaging
like
this
one,
because
once
you
have
an
authenticated
target
from
your
peer,
you
don't
care
about
the
new
you
already.
F
You
will
trust
the
new
outlook
that
it
is
using
and
that's
one
of
the
main
I
will
Sherratt
extra
advantages
from
of
respect
so
Alberta's
a
degree
source
information
because
it
can
be
trusted.
Will
it
changes
that?
Because
it
is
encrypted
by
the
peer
and
verified
by
the
public
key
that
you
have
configured
locally?
F
F
F
But
but-
and
that's
unimportant-
that's
my
my
personal
understanding.
Ok,
it's
not
written
by
the
on
the
wire
on
the
where
that
white
paper,
but
I
will
say
that
they
don't
care
about
the
use
case
because
it's
super
complex
to
solve,
and
it's
extremely
rare,
so
they
prefer
not
to
address
it
and
rather
to
have
a
simple
architecture.
I
would
say
that
that's
the
main
philosophy
behind
work
that
and
for
this
particular
use,
but
it's
true.
So
what
we
have
done
is
we
have
tried
to
design
this
listicle
architecture
using
word
art.
F
So
what
we
have
done
is
so,
let's
say
that
the
host
on
the
Left
wants
to
communicate
with
the
host
of
the
right.
So
the
first
thing
it
will
happen
is
that
the
custom,
the
on
the
right
will
map
register
the
Eid
12
of
mapping
plus
the
public
key
for
that,
and
so
that's
the
first
step
we
are
assuming
one
single
map
server
map
is
over
the
back
as
English
as
in
a
standard
list.
F
That's
why
you
need
to
push
you
need
to
push
the
public
key
of
this
initial
node
or
where
destination
node
will
not
be
able
to
receive
any
packet
okay,
so
once
this
is
done,
then
the
worker
channel
can
be
established
and
in
order
to
secure
the
whole
thing,
it's
super
simple.
What
we
have
done
is
we
also
use
a
worker
channel
between
the
X,
T,
ours
or
mobile
nodes
and
map
several
members
over,
which
means
that
fundamentally,
in
order
to
so
with
standard
we're
done,
you
need
to
configure.
F
D
D
F
F
F
F
So
I'm
a
tricky
take
take
away.
You
only
need
to
configure
on
your
exterior
key
of
the
map
server
and
that's
it,
and
once
you
have
this
key,
you
will
be
able
to
communicate
with
anyone.
So
we
did
an
implementation
on
the
router
and
we
basically,
we
configure
the
worker
interface
using
the
worker
API.
Actually
we
have
two
word
interface,
one
to
communicate
with
the
peers.
Another
one
to
communicate
with
your
map.
Server
map
is
over
yeah.
F
N
F
New
key
yeah,
the
wire
connection,
will
drop
and
we
will
have
to
be
with
you,
but
you
typically
I
I'm,
not
I'm,
not
an
expert
on
that,
but
typically
you
have
to
refresh
this
kind.
The
public
key
in
that
that's
an
early.
We
have
to
refresh
it.
I
will
say
in
probably
five
enough
more
of
this,
but
I
will
say
weak
small,
like.
N
F
D
D
N
F
B
D
F
B
B
N
Kind
of
indicating
that
we
can
take
the
discussion
for
the
if
it's
already
there-
that's
fine
I
just
wanted
to,
because
I
think
this
I
see
in
the
general
map
server
communication
as
well.
If,
let's
say
we
need
to
renegotiate
the
key,
that
is
like
a
kind
of
take
some
time
and
especially
when
the
deployment
has
lot
of
XT
ours.
Everybody
has
to
do
that.
That's
fixed
time,
so
there
is
just
a
thought
we
can
discuss.
N
D
If
I
respond
to
Prakash
know
the
ECT
shof
allows
you
to
register
public.
You
can
use
the
authentication
key
as
we
have
it
now,
but
that
just
gives
you
authorization
to
register
within
an
instance
ID.
If
you
want
to
not
allow
individual
X
T
ours
to
register,
then
you
just
remove
their
public
key
from
the
mapping
system
and
then
their
map
registers
will
get
and
map
requests
will
get
rejected.
So
that's
how
you
can
scale
oblique
change,
keys
or
disallow
in
real
I'll
new
XT
RS
into
the
mapping
system
for
and.
F
Okay,
so
we
prototype
at
these
architecture
and
in
a
pan
over
a
router,
we
will
configure
the
to
whether
interfaces,
because
one
is
for
the
map,
mopsa
resolver
and
there
one
explore
field.
Communications.
Mappings
are
only
needed
for
the
first
connection,
because
afterwards
our
weather
will
take
care
of
the
new
editor
of
mapping
for
that
peer,
meaning
that
even
if
one
peer
handovers
or
or
changes
the
or
changes
for
whatever
reason
they
are
no,
there
is
no
country.
There
is
no
list
controlling
message
require
because
weather
will
take
care
of
that.
F
We
we,
when
we
prove
that
with
this,
we
decided
not
to
to
change
anything
on
the
wire
current
module.
Well,
one
of
the
reason
why
it
is
because
it's
super
complex
and
because
maybe
it
doesn't
make
sense
architectural
it,
which
means
that
there
is
no
support
for
this
mapping
mapping
system.
We
can
discuss
this
later,
and
here
you
have
how
it
looks
like
because
once
you
drop
support
for
internally,
because
at
this
point
we
couldn't
make
it
happen,
maybe
for
the
next
iteration
of
this
prototype.
F
This
means
that
we
don't
use
the
list
encapsulation,
we
just
use.
The
word
got
encapsulation
because
that's
enough
for
us,
okay,
so
just
super
quickly
on
performance
and
I-
think
that
you
will
see
that
one
of
the
plots
I
believe
it's
quite
relevant.
So
this
is
the
CPF
of
red
standard
over
par
and
blue
wire,
plus
double
over
for
the
end-to-end
latency,
meaning
all
the
cut.
F
E
F
So
so
it's
are
quite
good
overhead
for
the
for,
in
order
to
obtain
the
benefit
of
of
the
key,
the
one
which
is
we'll
say
most
impressive
to
me-
is
this
one.
This
is
the
kind
of
latency
between
one
guard
and
the
Wawa
where
the
plant
World
War
and
the
robot,
which
means
that
here
we
are
comparing
okay,
we
have
a
mobile
node
and
either
with
each
to
a
new.
F
So
we
turn
off
the
Wi-Fi
and
we
switch
21:5
or
with
what
Wi-Fi
20
and
then
you
have
to
do
the
holes
so
with
a
standard
or
a
wire
which
I
will
say
it
the
standard
list.
It
took
on
average,
eight,
nine,
second
and
with
well
guard.
It
only
takes
around
one
one.
Second,
and
the
reason
is
that
you
don't
need
to
simmer
anyone.
You
don't
need
30
hours,
you
don't
need
any
kind
of
control
playing
messaging.
You
need
any
kind
of
a
lot
Bobby
and
that
seems
that
attackers
are
authenticated.
B
N
F
L
My
point
is
my
point:
you
there's
two
ways
to
do
this
right.
One
is
to
wait
for
the
Earth
and
Mars
to
get
through
and
re-request
your
mappings
and
reconverge.
That's
our
traditional
mobility.
We
can
also
subscribe
as
an
ITR
to
any
changes
in
that
destination.
That
is
moving
and
you
would
be
notified
immediately
as
soon
as
the
registration
that
happens.
And
yes,
there
is
some
signaling,
but
what
we've
observed
is
in
the
order
of
20
50
milliseconds.
D
D
F
Is
not
one
or
two
to
handover
late
and
seriously,
because
you
just
need
to
send
the
next
data
packet
and
that's
it
so
even
under
latency
doesn't
make
too
much
sense
here.
There
is
so
so,
although
I
agree
that
you
can
improve
in
many
aspects,
I
don't
see
how
you
can.
D
That's
what
I
was
doing
a
list:
mobile
node
demos
was
that
the
Artie
ours
were
gleaning
the
information,
so
there
was
no
net
reversal
control
logic
that
needed
to
be
done,
because
the
RTR
was
cleaning
the
source
information.
Of
course
that
wasn't
secured
and
it's
the
concern.
But
here
we
have
the
security
which,
which
makes
it
a
really
good
solution.
D
B
F
B
D
Percent
effect,
I
think
we
should
write
a
simple
internet
draft
that
describes
the
map,
notify
advertising
public
keys,
and
then
we
can
use
the
gleaning
approach
and
have
fast
handoffs
I
mean
I,
don't
know
if
you
had
plans
to
do
that,
but
we
could
do
this
enlist
proper
by
distributing
the
public
keys
and
you
you
know
what
she's
just
done.
Is
you
built
even
a
better
decentralized
mapping
system?
Because
there
is
now
mapping
system
right
only
only
to
retrieve.
D
L
L
F
In
this
case,
we
don't
use
bliss,
Mineta
pain,
we
only
use
wagner
and
what
we
are
missing
from
list.
I
will
say
the
most
important
feature
in
intensity,
so
if
what
I'm
one
of
the
discussion
items
was
how
we
could
introduce
him
since
I've
in
this
architecture,
so
the
answer
to
your
question
is
yes,
but
to
me
this
is
already
worth
a
try.
This
is
where
class
instance
IV,
or
are
we
missing
any
other
feature
of
the
playing
disconfirmation.
O
G
Is
another
aspect:
I
would
like
to
highlight
Florida
on
the
trade-offs
that
we
are
making,
because
this
is
an
excellent
result
on
and
and
I
love
what
you
guys
have
done
and
another
thing
that
this.
On
the
other
hand,
another
thing
that
this
complicates
is
the
forwarding
of
data
packets,
and
we
rely
on
that
a
lot
in
in
mobility
today,
right
in
English
and
in
the
ad
mobility
and
American
command.
G
Probably
on
that,
since
he's
an
author
of
the
drop
here,
if
you
were
an
old
IP
for
a
given
Y,
ID
right
and
an
old,
an
old
air
lock
for
a
given
EA
T
and
you
receive
a
packet,
it
really
hard
for
you
to
forward
it
to
the
danuel,
we're
getting
it
to
establish
the
the
new
civilization
and
another
big
wall
in
vanilla
list.
You
can
just
forward
it
and
that's
it
and
I
say
that
you
know
this
has
so
stopper
for
this.
But
you
know
it
has
some
trade-off
stuff
that
we
need
to
consider.
F
Because
this
is
literally
my
last
slide
so
and
I
think
that
many
of
the
questions
that
they
do,
you
guys
were
asking-
are
pretty
much
somehow
here,
but
this
work
is
basically
can
be
understood
as
two
different
things.
So
first
is
a
little
bit
architecture,
but
it
is
also
rolling
forward.
So
the
same
word
can
be
understood
in
two
different
ways,
as
I
was
saying,
it
does
not.
Support.
Multihoming
is
about
support,
incense
IV,
and
is
that
not
support
the
receiver?
F
The
mapping
system,
but-
and
that's
my
personal
opinion,
I-
think
that,
but
at
least
by
doing
this
work
we
shall
have
run
our
well.
We
have
learned
is
that
maybe,
if
you
narrow
down
the
use
cases
or
you
simplify
a
little
bit
what
you
really
want
to
achieve
it's
easier
to
come
up
with
your
architecture,
so
let's
say
the
the
unique
the
unicast.
So
if
one
note
the
fact
you
have
full
duplex
communication,
it
complicates
things
a
lot.
F
Let
us
see
that
you
always
full
duplex
and
and
that's
it
because
things
are
way
easier,
or
this
is
super
simple.
When
you
have
one
single
map
server
map-resolver,
once
you
start
having
a
shredded
mozzarella
resolver,
then
everything
it's
super
complicated
most
of
the
use
cases
today,
lisper
they
played
with
just
one
single
Maps
romantic
server.
F
B
A
big
lesson,
this
Wahby
I
mean
that's
basically
the
main
lesson
of
varga
right.
While
we
have
been
busy
in
ITF
for
many
years,
I
think
all
the
possible
option
of
security.
B
L
Yeah,
this
is
Victor,
so
I
think
definitely
something
to
to
pursue
further
a
one.
Big
difference
is:
how
much
do
you
do
on
the
host
versus?
How
much
do
you
need
to
do
on
network
devices?
I
think
that's
where
that's
where
things
get
a
little
ugly
for
us
from
a
you
know,
multihoming
and
other
perspectives.
L
L
So
you
know
it
doesn't
mean
that
in
every
system
we
have
to
do
that.
But,
ironically,
this
is
a
system
where
a
good,
scalable
and
fast
mobility
solution
would
be
extremely
welcome,
because
it's
about
connecting
airplanes,
yeah,
but
it's
it's
distributed
and
it's
distributed
across
governments
and
countries
and.
E
B
E
I
L
Mapping
system
Federation
it
came
about
in
the
context
of
an
overlay
application,
so
that's
how
it
maps
to
the
relay
discussion
so
I'll
do
a
quick
round
based
Lisp
refresher.
This
was
the
design
based
on
overlays
that
was
put
together
for
the
Civil
Aviation
Organization
Network,
which
triggered
the
thought
on
these
requirements
and
then
we'll
talk
about
the
requirements
for
federating
a
mapping
system
across
multiple
organizations-
and
you
know
we
can
cap
it
at
any
time.
I
mean
this:
could
roll
on
forever,
so
we're
honestly
brie
slope
by
extending
the
time.
L
So
we
could
capped
it
at
20
minutes.
If
that
that's
okay
and
we'll
see
how
far
we
get
into
the
solutions
discussed.
But
my
goal,
my
main
goal
is
to
actually
get
people
thinking
about
this,
because
I
I
think
we
will
get
better
results
by
having
everyone
put
their
edge
to
it
and
see
what
ideas
come
about
in
terms
of
these
systems.
So
the
the
problem
that
was
being
posed
to
us
by
the
Civil
Aviation
Organization
was
that
of
their
global
network
for
connecting
the
airplanes
and
the
airplanes
are
connected.
For
several
reasons.
L
Some
of
it
is
traffic
that
goes
back
to
the
manufacturers,
some
of
them.
Some
of
it
is
traffic
that
it
goes
to
air
traffic
control.
Some
of
it
is
traffic
that
goes
back
to
the
airline
and
they
have
these
radio
regions,
which
are
all
these
bulk.
There
are
satellites
or
ground
ground
to
sky
links
and
there's
all
sorts
of
different
radio
regions
and
they're
all
interconnected
by
an
IP
network
right
and
what
we
were.
L
What
we
were
solving
was
the
mobility
within
an
IP
network,
and
it
was
mobility
within
like
a
network
that
was
built
by
different
companies
and
different
governments
and
I
said
east
west
south.
Here
it's
not
really
a
geographic
geographic
type
service,
sometimes
you've
been
the
same
geography
and
you
could
be
multi-home
to
different
to
different
providers.
So
this
is
more
of
an
abstract
view
of
things,
but
you
could
have
Inmarsat
and
bias
at
in
the
same
region
and
you
could
connect
for
connected
both
right.
L
So
so
one
of
the
big
things
was
to
solve
this
multihoming
between
two
different
regions,
which
resulted
in
basically
multihoming
to
two
different
providers
in
the
list
network
and
and
by
the
way,
this
internet
working
region
is
the
area
where
a
list
would
be
enabled,
and
the
other
problem
was
simply
the
the
moves
across
right.
So
multihoming
and
moves
were
where
the
thing
that
triggered
interest
in
Elizabeth
now,
because
these
are
handled
by
different
organizations
and
different
governments.
There
are
different
preferences
in
these,
and
some
of
these
organizations
are
very
keen
on
using
lists.
L
L
Tr
in
this
case
that
actually
fed
into
the
overlay,
so
one
one
of
the
things
that
that
became
evident
was
that
the
the
providers
already
have
peering
agreements
amongst
each
other
and
those
those
have
been
heavily
negotiated
over
time
and
and
that
allows
them
to
not
have
a
third
party
broker
the
connectivity
amongst
them
and
they
want
to
move
that
forward.
So
there
wasn't
an
environment
where
we
could
propose
an
overlay
operator
that
owned
a
global
mapping
system
and
simply
provided
service
to
all
of
these.
L
It
was
more
requirement
where
the
overlay
portion
of
the
network
was
federated
and
you
had
a
series
of
map
server.
So
if
I,
if
I
describe
graphically
what
the
environment
is,
it
starts
looking
something
like
this.
So
if
I
go
back
to
my
west
east
and
south
analogy,
there's
a
series
of
radio
regions
connected
to
each
one
of
them.
This
network
starts
where
the
air-to-ground
routers
are,
and
there's
also
ground
to
ground
routers
connecting
to
data
centers
and
control
towers
and
things
of
that
nature.
L
We
proposed
the
overlay
so
that
they
combine
different
methods
of
using
Lisp
or
even
have
some
islands
that
were
not
even
using
Lisp
and
and
that
that
model
was
proposed
originally
with
a
single
mapping
system,
and
therefore
you
can
see
that
the
question
arose
in
terms
of
who
actually
manages
this
this
mapping
system
so
as
forward
the
thing
that
makes
sense
was
that
everybody
had
a
presence.
A
research
provider
would
have
a
presence
in
them
in
that
mapping
system,
and
we
have
things
like
DDT
that
we
could
use
to
do
this.
L
We
could,
we
could
do
just
I
mean
in
the
early
days.
We
did
things
with
BP
amongst
these,
the
the
problem
that
that
we
have
and
why
this
becomes
hard.
It's
not
just
the
fact
that
I
want
each
one
of
these
guys
to
all
endure
their
mapping
assistant
presence
in
the
overlay,
but
also
the
fact
that
these
airplanes
move
from
one
region
to
another.
And
if
the
airplane
moves
into
a
different
country
or
into
a
different
provider,
they
have
been
very
clear
that
they
want
to
preserve
all
the
registrations
for
that
airplane
in
the
region.
L
So
their
policy
is.
We
are
going
to
align,
location
or
attachment
to
the
network
with
me
being
the
authoritative
point
of
registration
for
days
and
the
their
understanding
right
or
wrong,
and
we
could
provide
some
better
guidance
there.
But
their
understanding
is
that
by
owning
the
registration,
they
are
in
a
position
to
also
control
the
policies
by
which
traffic
is
forward
to
and
from
that
aircraft.
L
Does
it
has
to
be
seamless,
but
but
that's
a
great
question:
I
mean
a
lot
of
a
lot
of
the
discussion.
Around
security
with
iCal
has
been
centered
around
encrypting
all
the
messaging,
and
they
haven't
really
been
concerned
much
about
the
authentication
of
cable
and
I
guess.
The
assumption
is
that
anybody
playing
in
this
field
has
has
access
to
the
info
yeah.
It
would
have
to
be
preserved.
L
So
so
one
one
of
the
things
that
I
would
like
people
to
think
about
is
that
this
is
not
necessarily
on
a
overly
specific
problem.
It
came
up
in
the
context
of
an
overlay
application
in
general,
if
you,
if
you
simply
think
about
those
border
or
encapsulating
tala
routers,
that
separate
the
sites
from
the
overlay.
Those
for
the
purposes
of
this
Federation
are
basically
xt
ARS
right.
They
will
register,
they
will
get
notifications
and
so
forth.
L
So
if
there
is
a
flow
between
the
west
region
and
aircraft
in
the
west
region
and
a
manufacturing
facility
that
is
in
the
south
region-
and
there
is
a
policy
between
the
providers
that
are
that
are
supporting
that
connection
or
an
agreement
between
then
we
should
be
able
to
honor
that
and
in
order
to
honor
that
we
should
be
able
to
understand
at
resolution
time
the
source
and
destination
points
of
the
flow
right
so
which
did
the
originating
our
look,
was
it
in
in
which
region
was
it
in
and
the
destination?
Our
look?
L
Which
region
was
that
in
so
that
we
can
then
say:
okay,
yes,
you
are
allowed
to
connect
directly
or
no.
We
should
could
be
putting
you
to
many
of
P
different
things
that
we
could
do,
but
that
awareness
is
important
and
also
they
are
very
adamant
about
having
the
endpoints
register
with
their
resources
right.
L
So
there's
those
two
things
and
we're
still
working
with
them
for
to
get
more
crisp
definition
of
what
those
policies
could
be,
but
it
was
one
of
those
things
that
when
we
shared
in
the
room,
well,
maybe
you
can
anchor
all
the
Boeing
aircraft
to
one
to
one
mapping
system
and
all
the
Airbus
aircraft
to
a
different
mapping
system.
You
know
everybody
lost
the
date.
L
It's
not
it's
not
how
they
operate
so
so
this
is
in
a
way
of
summary
of
some
of
those
requirements,
so
the
ABS
should
be
in
full
control
of
this
PDA
attached
to
the
I.
Think
I've
talked
about
that
quite
a
bit.
We
should
support
the
peering
agreements
by
different
mechanisms,
engineering
paths
or
choosing
specific
recaps
relating
to
all
the
routers
is
the
thing
that
occurs
to
me.
But
there
may
even
be
scenarios
where
you
don't
allow
the
communication.
L
The
definition
of
the
policy
should
be
an
autonomous
process,
meaning
you
you
own,
you
are
in
control,
so
you
can
guarantee
to
your
local
government.
Yes,
I've
enforced
this
policy
all
the
way
to
our
borders
and
then,
if
we
went
into
another
provider
they'll
that
I
I
have
compliance.
I
have
ways
to
actually
show
that
I
am
and-
and
this
gets
complicated
because
because
of
this
ability
to
multi-home
so
an
eID
and
and
we're
fighting
this
battle
with
Aikau,
so
that
we
can
have
different
IP
addresses
as
you
connect
into
different
radio.
L
So
those
are
some
of
the
things
to
consider
and
we
don't
really
have
a
good
answer
for
this.
So,
a
few
months
back,
I,
Tina
and
I
chatted
about
this.
Very
briefly,
we
looked
at
a
cash
referral
system
which
I've
documented
here.
I
had
also
thought
about
some
enhancements
in
the
signaling
that
are
rather
elaborate
and
we
can
discuss.
L
Descent
may
have
some
promise
some
of
what
Albert
just
described
in
terms
of
what
we
do
by
sharing
a
key
may
actually
may
actually
be
useful.
So
there
it's
it's
I'm,
basically
trying
to
open
this
for
discussion
and
consideration
of
the
group
as
a
more
as
a
problem
statement
and
as
a
proposal
for
a
solution.
Although
I
do
have
some
some
thoughts
on
things
that
we
could
do
initially
and
the
I
think
what
one
key
question
to
the
group
is.
Does
this?
Is
this
problem
clear
enough?
D
L
L
My
reason
for
my
question
you
know,
is
in
in
Orlais
we're
talking
about
how
do
I
concatenate
the
series
of
domains
and
make
that
work
and
make
that
whole
the
specifics
of
how
the
mapping
system
is
implemented
in
each
domain.
Our
left,
open,
open-ended
and
D,
and
the
intent
of
overlay
is
to
clearly
define
the
interfaces
between
these
domains
that
may
have
different
employment.
The
mapping
system
this.
L
D
The
site
overlays
are
running
a
mapping
system
according
to
the
existing
list
protocols.
So
deployment
options
are
different
than
protocol
options
right
they
don't
have.
They
don't
need
any
new
mapping
system
features
on
the
site
overlays
and
to
connect
the
site
overlay
mapping
systems
together,
uses
a
draft
of
new
technology
called
overlay
right,
yeah,
so
I,
don't
I,
don't
see
anything
that
you've
presented
here.
D
L
So
if
you
were
to
think
of
the
girls
mapping
system
as
inverse
that
and
the
boys
mapping
system
as
viasat,
we
basically
didn't
meet
the
requirement
which
was
I
want
anybody
who
attaches
to
my
region
to
be
registered
with
me,
and
in
this
case
we
would
be
basically
having,
for
instance,
Paul
moves
to
a
different
region.
He
still
is
registered
with
his
original
mapping
system.
L
L
A
An
interesting
problem
because
so
far
we
we
only
looked
at
the
fact
that
only
the
valley,
smooth
and
he's
attached
behind
different
xtr,
but
still
the
registers
to
do
the
same
mapping
system
mappings
are
at
the
end
right
now.
You
want
to
change
where
you
register
and
the
register
from
the
other
I
suppose.
L
D
Victor
I
mean
Joe
made
this
comment
many
ATF's
ago.
You
can,
you
could
have
the
mobility
and
register
to
the
same
map
servers
and
you
can
still
get
independence
because
each
of
the
regions
can
consider
can
configure
the
map
servers.
It
operate.
The
map
servers
independently
with
their
own
policy,
so
he
was
questioning
and
I
am
now
is.
D
L
D
D
A
D
L
D
The
plane
moves
when
the
plane
knows
it
enters
a
new
region,
it
clears
its
map-cache
and
then,
when
it
starts
needing
to
talk
to
new
places,
it
sends
map
requests
that
apply
those
policies,
and
then
it
decides
how
its
map
cache
gets
populated.
So
it
knows
who's
it's
allowed
to
talk
to
and
who
it's
not
allowed
to
talk
to
you
right.
L
D
L
L
L
Network,
so
so
the
point
is:
if
the
East
provider
can
guarantee,
if
we
can
guarantee
to
this
provider
unequivocally
that
when
somebody
connects
to
their
network,
even
if
they
continue
to
register
with
somebody
else's
map
system,
they
do
it
through
our
inference
through
their
East
infrastructure
and
the
East
infrastructure
is
in
a
position
to
enforce
their
policies.
Then
problem
solved
I,
don't
need
to
take
over
your
registration
dive.
D
F
L
L
D
L
Plain
connects
through
the
radio
region
right
in
that
radio
region.
There
is
a
variety
of
technologies,
all
of
which
have
agreed
to
deliver.
Basically,
an
OSPF
update
to
the
air-to-ground
routers
stating
this
IP
address
is
here
with
this
metric
and
we
take
that
and
we
convert
that
metric
and
IP
address
into
the
series
of
prairies
weights
and
an
eID
registration
that
eid
registration
goes
to
the
local
mapping
system.
How
does.
L
G
E
L
L
No,
actually,
the
metric
less
preferable
metric
is
sent,
and
that
basically
indicates
removal
these
guys
and
then
the
other
thing
actually
I'm
getting
I'm
getting
that
confused.
When
you
register
in
the
new
site,
you
register
with
a
better
metric
and
then
we
basically
register
with
a
better
priority.
Q
Q
Q
E
E
E
L
D
E
D
E
They
automatically
change,
XT,
ours
and
the
XT
are,
is
already
are
bound
to
their
mapping
system
and
I.
Don't
understand
the
problem,
you
have
to
use
the
same
e
IDs
you
have
to.
You
have
to
arrange
to
be
able
to
keep
the
same
EE
IDs.
If
you
want
things
to
work,
keep
TCP
connectivity
and
the
like.
But
if
the
airplane
is
not
participating
in
the
lisp,
then
the
airplane
moves.
Fine.
It
talks
to
a
different
XT.
Our.
E
L
E
E
D
L
Right,
so
if,
if
I,
if
I
now
take
my
single
so
now
that
we've
got
the
different
sites
right
and
you
guys
particularly
much
better
than
I-
did
that
when
the
plane
moves
from
one
site
overlay
to
another,
it
will
be
registered
with
a
different
site.
Overlay
mapping
system
like
that
that
registration
take
this
airplane,
for
example,
on
the
left,
that
registration
will
hit
the
site
mapping
system
and
that
would
basically
be
propagated
by
the
border.
Router
that
connects
to
the
overlay
into
the
so.
E
D
E
D
Well
so
so
the
problem
is,
is,
is
you
don't
have
a
single
mapping
service
provider
so
when
you
the
x-tra
route
or
when
the
Eid
move
around,
you
don't
want
to
register
to
that
original
one.
So
you
the
mobility
problem
into
the
mapping
system,
which
means,
in
the
end
the
thing
that
connects
them
together.
You
have
to
push
the
updates
around,
because
now
you
have
to
tell
other
people
that
are
sending
map
requests
that
it's
not
following
the
DDT
hierarchy,
it's
following
some
other
path
and
that's
and
that's
we.
D
L
So
that's
one:
that's
one
option:
the
other
option
is
we
move
the
mobility
effectively
into
the
mapping
system.
I,
don't
know
if
the
decent
approach
would
help
in
this
case,
or
maybe
it's
all
just
about
being
able
to
enforce
policy.
So,
if
I
look
at
how
we
do
things
in
the
Lisp
SEC,
where
we
actually
add
semantics
to
the
to
the
keys
and
encryption
and
hashes
that
we're
going
to
do
as
to
lookup
basically
moves
around
the
mapping
system.
L
That
could
be
another
way
of
actually
securing
the
enforcement
of
the
policies
at
which
point,
then
it's
okay
for
all
the
Boeing
airplanes,
to
register
in
one
map
system
or
for
that
map
system
to
be
authoritative,
but
as
you
move
around,
the
registrations
will
actually
flow
through
the
local
mapping
systems.
Giving
you
an
opportunity
to
enforce
the
policy
that
you
decide
as
a
local
provider
of
connectivity.
So
do.
D
L
D
D
Why
not
have
why
not
have
the
xt
ours
registered
to
the
same
xt,
ours
everywhere,
registered
as
same
map
server,
because
it's
based
on
the
Eid
that's
being
registered,
and
then
the
map
request
flow
to
through
for
map
resolvers
and
then
what
the
source
destination
cares
for
that
map
requests
are
that's
where
the
policy
gets
applied,
which
means
there's
a
certain.
Our
local
set
that
gets
returned
versus,
know
our
local
set,
and
that
can
work
with
non-lisp
sites
as
well.
L
That
could
be
the
basis
for
a
solution.
The
challenge
we've
had
is
that
there
are
not
only
competing
vendors
involved,
but
there
are
governments
that
it's
appropriate
to
call
them
competing,
but
in
some
cases
they
are
involved
as
well.
So
this
notion
of
controlling
the
database
where
things
are
registered
and
where
deposit
is
enforced,
it's
important
to
them
yeah,
link.
D
E
L
E
D
D
L
Well,
yeah:
the
key
is
that
there
isn't
a
an
international
organization
that
is
gonna
run
that
overlay
mapping
system
right,
so
they
all
need
to
put
a
server
there,
and
you
know
here
with
each
other
and
then
decide.
Okay,
I
just
so
happened
that
the
u.s.
decided
to
host
all
the
Boeing
aircraft.
If
that's
how
they
want
to
structure
what.
D
L
G
D
Map-Request
would
be
initiated
by
the
european
XD
ours
and,
yes,
they
would
actually
they
wouldn't
flow
all
the
way
to
the
US,
because
the
map
resolvers
over
europe
would
have
a
map,
referral
cache,
and
so
they
well.
Yes,
they
would
have
to.
Then
they
wouldn't
have
to
go
through
the
routes
they
wouldn't
have
to
talk
to
those
three
nodes.
We
would
have
to
forward
the
map
request
to
the
map
server
in
the
u.s..
Yes,
be.
E
D
D
D
L
L
West
right,
so
the
question
in
my
mind,
is
I.
Maybe
I
just
don't
understand
things
well
enough
and,
and
the
mechanisms
are
already
in
place
to
do
that,
but
that's
where
I
would
need
some
help
to
understand
that
when
I,
when
I
get
my
reply,
the
replies
in
these
diagrams
that
I
put
together
on
something
they
reply
directly
to
the
xtr
I
think
it
could
be
proxy
through
their
map
servers.
D
E
Think
there
may
be
a
need-
and
it's
hard
to
know
without
knowing
what
the
policies
really
are.
There
mate
there
may
be
a
need
to
play
a
game
with
telling
making
sure,
because
everybody
can
agree
that
the
home
servers
provide
all
the
answers
so
that
the
the
local
server,
the
server
that
the
xtr
thought
to,
because
we're
talking
a
distributed
system
can
apply
policy
on
the
answer
and
you're
basically
running
a
federated
system,
and
you
just
it's
what
you
apply.
You
have
different
policies,
because
that
applies
in
different
places.
L
L
D
L
I
D
D
A
Just
an
idea,
so
we,
the
use
case
we
are
looking
at,
is
slightly
different
from
what
we
are
used
to
in
Lisp.
So,
in
my
opinion,
with
slightly
has
time
to
get
our
heads
around
this
use
case.
So
what
would
we
have?
A
clear
problem
statement
may
be
written
with
Aikau
what
what
what
the
system
needs
to
do.
This
is
one
thing
and
then
the
working
group
can
express
do
we
have
already
all
the
machinery
once
we
really
have
understood
that
use
case.