Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
Internet Engineering Task Force / Interim Meetings / 10 Feb 2022
Internet Engineering Task Force / Interim Meetings / 10 Feb 2022
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: IETF-SECRET-20220210-1700

Description

SECRET meeting session at IETF
2022/02/10 1700

https://datatracker.ietf.org/meeting//proceedings/

A

I'm going to give people a couple more minutes to the highlight.

A

My.

B

uh

B

Some one minute passed by my clock strong, should we.

A

You know, can we give people? You know like three more minutes.

B

Yeah, I think so, let's do that all right for those of you who listening or listening to the recording um just.

A

Yeah there's about 20 there's about 20 people and I would kind of expect more.

A

There we go more of the ib, that's what I was expecting.

A

You wanna wanna, kick this off.

C

Sure.

B

I should I should probably unmute helps all right welcome to the secret buff, um I'm one of your secret chairs. uh If you want, along with sean, I think we'll make maximum use of the silly name during the proceedings all right and we're gonna. um This is sort of pre-itf 113-ish as usual. This is run under itf note. Well so note the note well well, if you haven't been to an itf buff for a meeting before go read this carefully.

B

It definitely is important for you to understand, especially with respect to the um the ipr issues involved. So, let's clip to the next slide.

A

The only other point I want to stress here is that uh we do have code of conduct in the whole nine yards. I don't suspect that we're going to have any problems, but I just thought it was worth noting.

B

Indeed,.

B

Here's our agenda.

B

um I think we're going to spend just a couple of minutes talking about what we're going to do here. um What is a both and what? What are we trying to achieve we're going to get a presentation from like the both proponents here, um matthew and his team are going to talk about the you know, the problem of secure credential transfer and we're going to try to keep that um sort of item 3 relatively short, so we have a lot of time for discussion.

B

We're gonna keep as much time for discussion and then we're gonna try to do a little bit of a charter discussion. Afterwards, we have some, maybe some words meeting to do. Look at charter text and we're gonna be as chairs we're going to be asking a couple of questions at the end to make sure to understand whether we actually have what it takes. What's needed to establish a working group out of this.

B

So sean. Do you want to like give us the the highlights of running x successful both? What are we looking for today.

A

All right pause, pause, we're.

D

What.

A

We're trying to do is make sure that uh you know that the the problem and statement in the use cases are kind of well understood by people, and that this is work that the ietf um you know it's the right place to do, and not just that there are actually people that are willing to read the drafts uh participate in writing them. You know the whole nine yards and for this particular group I guess one of the points that was raised in the dispatch area.

A

It's the art area and on their dispatch list was to make sure they had enough security chops involved in the let's develop an apps thing, and I think we can get that. We just have to make sure that we might specifically ask like. Are there enough security people in the room to actually, you know, lend some eyes to read um and then the after that, after we figured out that there's enough people that are actually interested, it's you know um can, can we get it done? uh Do we think we have enough?

A

uh I guess we gotta have enough people um you know. Can we can? Are we happy with the words um which essentially the in the charter, which is the pack that the working group would be making with the isg to get their work done and then other deliverables clear? um And so we actually do have some words that are proposed. um I personally hate reading the words out during a block, but sometimes that's what you got to do and then people want a wordsmith on the fly.

A

My attitude is we get to that point and people are relatively happy with things that we'd switch to hedge docs and we'd cut and paste the charter text and go to town. Otherwise we can just do that later um because to me I think it's kind of like if people have a general sense of you know kind of the size of the square.

A

You know, then we can figure out. You know what color to paint it. You know later.

B

Right, um I think what we're going to do now is to let matthew run his slide deck and I know sean. Are we gonna ask people to hold questions, or are we gonna break for questions during? I I'm inclined to think we should let the presentation go through and then have have as much uh have discussion and and questions at the end.

A

I tend to think that flows best too. um So, let's, let's give that a shot and see what happens right.

E

um All right.

B

Right then, I think um matt you wanted to go uh run your own deck.

F

I think, maybe if I click ask to share slides here, you can see if this will work properly. um So there are two here: there's chair, slides and the other slides, maybe I'll choose the other ones. Yeah and click share.

F

Is that coming through? Okay, okay, great um great? Well, thank you. So much leif and sean um really appreciate the introduction, and I also um you know appreciate everybody joining. I know we had a lot of great discussion on the email threads as well.

F

This is a topic that you know myself and the other proponents are obviously you know very passionate about solving, and so it's really exciting um for us to see people come together and talk about it um in terms of questions, I think you know I'm happy to follow leif and sean's guidance to kind of hold questions towards the end. I guess the only caveat there would be.

F

You know, maybe if there's a clarification like something in the slide or something that I say that doesn't make sense or that folks want to clarify what I mean by that I'm, you know totally. Okay. If you know people want to jump in and ask for clarification, but for further discussion. You know um at the end that you know that would be. You know totally fine, um so we'll go through the slides here myself and a couple of other proponents as well, we'll be speaking to other um uh slides in the deck.

F

Hopefully we'll go relatively quickly. um I know this is content that we did uh present uh mostly at dispatch. We've also sent it out a week or two ago, and so hopefully we can. You know, save a lot of time for the discussion.

F

So um our goal is obviously to establish a working group and in this discussion we want to.

F

um uh We do have a potential solution in the form of the draft, but really want to focus on explaining the problem statement and the use cases that we endeavor to solve. um And then you know clarification. Questions are obviously welcome in this forum.

F

So, let's start with the problem statement, so a lot of users take advantage of the security and convenience of having a digital credential on their smartphone.

F

um You know you, you first saw this crop up back in you know 2010 or you know 2013 when folks could add payment credentials to their devices, um emv payment credentials that could be used um to pay over nfc uh and then it's kind of spread into other.

F

What what I'm calling verticals um transit and access and other spaces that are not just paying monetary value for a good or a service, um but getting into a subway or entering your corporate building or you know getting into your home or your hotel, and these smartphones and their associated operating systems are obviously manufactured by different companies and the credentials themselves.

F

um You know, as I mentioned, come from different verticals, so it could be a car, a home, a hotel, a place of business. You know in the access realm um you know could even be something to do with transit like riding a subway uh and the the real meat of the problem statement that we want to solve in the working group that we hope to establish is to allow users to share these digital credentials with other individuals and we'll go through some of the detailed examples in the use cases section today.

F

You know no such standardized method exists that works completely cross-platform, meaning, regardless of what company manufactured the the actual phone or and what you know, which company manufactures the operating system and then cross vertical, just meaning that we want this to solve for um different types of credentials. As mentioned earlier, like you know, access credentials, transit credentials and things like that.

F

Richard I see that you, I think, raised your hand, did you want to jump in.

G

Yeah, I just want to make a quick clarifying question here um when you talk about credentials. Obviously you know that can imply a bunch of different stuff, but it sounds like a particular property from a kind of security point of view of a credential is that it has some secret stuff um that um the the credential transfer service is probably not authorized.

G

That should only be accessible to the end devices that are holding this thing and the device uses it in some other system for access. Is that the right way to think about this basically, is a symmetric secret.

F

Yeah great great point um I'll touch on that real quick, so there are different types of credentials, namely um symmetric based from a crypto perspective and asymmetric. Let me give you an example of both one common example of a symmetric credential is a um my fair death fire applet running on a you know, mobile device, um and there is a symmetric key that was derived for that user. It's derived from an intermediary symmetric key for a specific property.

F

If you look at hotels, a lot of them use my fair desk fire and that's you know, obviously an applet technology type and a protocol, and that is a symmetric credential that cannot leave the device and the handshake between the device and the actual terminal. um There's some crypto there. You know you know, there's a mac, there's there's! You know lots of um crypto in that interaction um that uh the door that that allows the door to verify that credential. That's that's! That's one example of a symmetric one.

F

An example of an asymmetric credential could be a digital car key that complies with the ccc standard, which we'll talk about a little bit later in this deck. Those are asymmetric credentials in that you know you have a private and public key on the private part of which lives on your device and that's how you get into the vehicle. You also see this in iso 18013 for mobile drivers license that's an existing public standard, that's pretty recent, um so there are examples of both symmetric and asymmetric credentials.

F

I think it's safe to say that you know for asymmetric. You never can have the private key leave the device that owns it for obvious reasons and the same thing for symmetric right, and so you know. Obviously the crypto is very different, but that's one of the reasons that in sharing a credential, you can't just lift this thing off of the the the individual who endeavors to share and give it to somebody else.

F

There's tamper resistant aspects there, and also you you wouldn't want the actual same key to exist on two people's devices for sort of obvious security reasons.

G

Great thanks for the clarification.

F

No problem, um okay, so moving uh moving on here, we'll talk about some of the assumed constraints.

F

Now some of these constraints are um factual in that um they are existing constraints um that that exist today, either in other open standards like ccc, for example, like I mentioned, and some of these are constraints that we kind of want to assume on ourselves that our solution should have to solve for or live within.

F

um So, like I mentioned a few minutes ago, the actual provisioning, which is just the verb that is often used to get a credential onto a user's device and the usage of these credentials is very specific to different specifications and protocols. So I've.

C

Already mentioned.

F

Iso 18013 there's also ccc, and then there are other proprietary ones, for example, my fair desk fire, which itself is an open standard, but the way that my fair desk fire is used in the industry right different companies like hyatt or other hotel brands, are defining their own file structure within my fair desk fire for what keys and applications and data are needed to unlock their door.

F

um We we don't endeavor to dictate how these are provisioned, managed or used from a transaction perspective on the different devices and platforms we only endeavor to solve, for how they're actually shared and so, for example. The solution that we want to come up with inside of the working group would not dictate how a credential was ultimately provisioned onto the recipient's device that would be up to that platform. We only want to cover the transfer aspect of it.

F

um Secondly, in in this you know very highly mobile world that we all live in. We really do not want to require both devices, so the sender and receiver to have to have an active internet connection concurrently for the transfer to be successful. Let me give one quick example: there uh digital car key adhering to the ccc spec cryptographically, if I want to share to sean my existing private key, that the vehicle trusts must sign a public key and associated attestation from one that sean's device will generate on the fly during this sharing.

F

For that to work, I need to get that public key from him, sign it and give it back to him and obviously um with devices being in airplane mode or coming online and offline at different times. That's a challenging thing. um So you know we just want to say that we do understand that there's a back and forth!

F

That's needed it's kind of impossible to get around that, but we don't want to require both devices to be online at the same time, and the best example of that is if sean is out hiking in the woods, with no connection, I should be able to initiate a transfer to him that completes when his device comes back online. That's the simple version of it, um and then it's probably obvious, but you know these credentials are very sensitive. Some of these credentials. You know let you into somebody's home or hotel room or vehicle.

F

We, you know we want to consider a lot of the security and privacy aspects of the transfer operation itself.

F

Also I mentioned this earlier, but there are security primitives that are guaranteed by the hardware, and you know I kind of use guaranteed. Loosely I mean. Obviously, tamper resistant is a better way to put it. We don't know. If anything is tamper, proof um it's not possible to just transfer the credentials themselves, and I also mentioned briefly earlier that cryptographically that would be undesirable. Even if it was possible you you never want a private key owned by two different parties right.

F

We, you know, we want the recipient to generate their own key pair um and have similar permissions, for example. um So we want the sender to authorize the receiver to provision or to register a new credential with whatever privileges and entitlements that the sender has- and I say subset because I could own a vehicle and share it with my partner, and I want him or her to have the same exact privileges that I do.

F

We co-own the vehicle, or I might endeavor to share it with a valet individual at a hotel or restaurant, and I want them to have fewer privileges like maybe they can't open the trunk, for example, and then. Lastly, we talked about this. That um protocols like ccc do require specific cryptographic, data from the sender, so we you know we do need to comply with that. If we want this to work for credentials that adhere to the ccc open standard.

F

um As mentioned previously, the transfer operation may take multiple steps that is inevitable for certain asymmetric credentials, such as digital car keys. um That's, okay, we just don't want to require the devices to be online at the very same time.

F

um And lastly, if we really want this standard to work across platforms uh with devices manufactured by different companies and operating systems that um are created and owned and operated by different companies and ones that we don't even know about, yet we really think that the sender should be able to share the credential over any communication protocol, such as sms email, proprietary messaging applications, third-party messaging applications like whatsapp or wechat, or any of these things.

F

If it was limited to a very specific set of communication channels, that would mean that it's a little bit more proprietary, and so we want it to work really over any communication channel.

F

um With that, hopefully, um if there are no further questions, I don't see any hands up um at the moment, I'll hand it over to um another proponent uh casey, and she will talk about the different use cases that um um oh actually before that looks like michael you have your hand up. Did you want to go ahead.

H

um Yeah hi michael richardson, so I'm trying to understand to what extent these credentials obey some specific standard and to what extent the verifier of the credential needs to be involved in this process.

B

Michael is that a client? Do you think, that's a clarifying question, or should we say that well I.

H

Think that you go back to the previous slide assumptions that that I now understand you're not going to pass around the private keys, um so it seems, like you have to you're, assuming that the verifier is willing and able to to participate in this process.

H

The relying party that is.

F

Well, I think it depends on who the blind party is in the case of digital car keys, the the actual verifying party is actually the vehicle itself right um and and and that's a little bit different. I do think um in the ietf specification that we ultimately come up with. If we're able to establish the working group and um um work on the solution.

F

um Yeah, the the sender and receiver will have to have um software baked into their devices to adhere to the transfer protocol and perform the necessary exchange of data back and forth to facilitate the transfer, and that is required, and it is different for different credentials. It will look a little bit different for ccc in terms of what actual data is being transferred than it will for, like, for example, a micro desk fire hotel key. um There are some credentials that already adhere to an open standard.

F

The best to do as an example is iso 18013 and the ccc digital car key spec, and there are other proprietary ones that use public, open standard technology like my free desk fire or um some other technology, but that the the file system on that um applet is proprietary to whatever company, whether it's a corporation or a hotel. um I don't know if that helps answer your question or not.

F

Maybe we'll continue and we can hopefully leave a fair bit of time at the end. um Yeah. Okay, I'm gonna pass it over to casey to talk about the use cases. A little bit um casey go ahead.

I

Sounds good, um please! Let me know if you hear me, I was just trying to start my microphone and everything crashed, I'm back um so, first of all, yeah. Okay, awesome! So, first of all, we'll be talking about the vehicle use case. Matt described a little bit of this in the previous slides so but I'll go into a little bit more detail.

I

So for all of these vehicle use cases, we can assume that we are complying with the ccc open standard. So we have, you know, accounted for the different scenarios as that standard has laid out, including the back and forth between the receiver, this receiver and the sender.

I

First of all, say I own a vehicle, and I have a digital key for that vehicle. I would like to let my friend borrow the car for the weekend, so I would maybe want to give them their full permissions. They can drive everything they can open everything.

I

No no issue for just a set period of time in another example say that I own a vehicle, and I now want to share that with my partner in this scenario, I'd like to share this vehicle with them indefinitely, without any restrictions as if they're a co-owner, but maybe I got the car before we were partners, and you know they weren't as part of the car originally in the car, uh whatever it's called.

I

Sorry, I'm like kind of weird next imagine I have a car with a digital car key and I've gone to a fancy, dinner or hotel, and I would like to give my car to valet I'd like to give them. Maybe some restricted access for a short period of time, and maybe they can only drive up to 25 miles per hour and they can't enter into the trunk. They only need to be able to drive it and park it matt next slide.

F

Dude that looks like richard has his hand up um richard. Did you want to ask.

G

A question before we go to the next one: yeah, just one quick clarification here: um kind of as looking at the kind of reverse of the partner case where you had access uh before someone else and you granted them access. Is there also a need here to have a revocation where you know say things go badly between my partner and I and we go our own ways? Can I is there a need in this protocol to be able to revoke access as well.

F

Yeah, it's a it's a great point. um I mean we, we do envision if you, if you initiate a share- um or you know a transfer, that you should be able to pull that back and rescind it if the recipient has not um not uh accepted.

F

Yet we do think that there is a revocation needed after the share, but it's almost separate from the transfer flow in a way, and I think the reason that um we're kind of thinking that and- and obviously we could talk about this further in the working group, of course, but is that the the actual revocation really depends on the way that the credential is used and the kind of um you know credential authority right and so like here's. Here's one example in the case of transit.

F

If you look at transit in japan and in china and other countries in the world, a lot of it is what's called kind of truth on card, where it's purely the credential on the device or the you know: physical plastic card, that's communicating with the terminal and doing the crypto handshake.

F

Those turn styles are not online they're, they're, fully offline right and so to actually rescind that that company- let's say, for example, jre japan, rails east right. They need to push a new um credential to this deny list, and that needs to make it to all of their turn. Styles. This is actually how it works, um and they do that once per day.

F

You know between 2am and 4am, then, when you tap the next day and so long story short, the the revocation may be um a different mechanism than the actual transfer itself, but we do think that we do need to solve. For that use case.

G

Okay, so I'll just flag that that's probably an important scoping question when we get to the kind of what scope we're trying to tackle here, whether we're just talking about granting access or whether we also want to have revocation in scope. Thanks for the question no problem.

I

Okay, so in the last slide we were mainly talking about the different time scenarios or exact um entitlements you might want to transfer and as part of the share, but we also deem to solve these different online offline scenarios as matt started to discuss. So I will talk about two different scenarios. We were thinking of say I own the vehicle, and I want to share it with my friend. My friend is currently out hiking and don't have seller or service.

I

So I want, but I still want to share my key with them, so I initiate this share and send them this the share link and once the device comes back online, they're able to receive and accept this share, and there should be no issue with the fact that they weren't online at that time. So you know this should be able to be asynchronous say. On the flip side, I own the vehicle- and I want to share to my friend- I've sent a share invitation, but then I myself has gone out.

I

Hiking we're hiking a lot in this group, and now I would like my friend once once the user. The recipient has accepted my share. It should be able to to finish the share. Complete should be able to complete once my device has come back online, so there should be able to be situations where the sender or receiver device can go online and offline throughout the transaction, but continue to work once the devices are online.

I

So now we will talk about the home use case so say I own a single family home and have a a smart, lock, a digital key on my front door. I have a dog walker that comes on thursdays to walk. My dog skipper he's very active and when I'm at work I need the help. I would like my wa dog walker to be able to help to enter my home on thursdays between 8 a.m and 12 p.m. Only they should only have access to that front door.

I

Lock, conversely, say I own a home and I'm having a friend over. They are going to get here before me. Maybe I went out to get some groceries and I would like them to have access so that they don't have to stand out in the cold. So I would give them a short term.

I

I would share for a short term and that they can get into the front door only as well. Next say I have a housekeeper that comes on fridays. They don't have a consistent schedule, it's not clear exactly when they're going to get there or when they're going to leave. So I want to give them access for every friday. Just throughout like a large window during fridays, I want to be able to send them a key that will unlock the front door on that day.

I

Lastly, say I own a home, and I want to share a digital house key with an individual, renting my home for a period of time, so in this scenario, maybe a larger period of time than these short short term access points, and maybe I want to share a front door lock, but maybe I'll keep the garage locked so that they can't have access to that. These should all be possible through our mechanism.

I

Lastly, we're going to talk about a hotel use case so say I'm staying at a hotel next week and this hotel does support digital access credentials. So I've made a reservation and I've provisioned the credential onto my phone. However, my significant other is also joining me, but they don't arrive until the day after I do so. I would like to be able to send them the hotel key digitally so that they can access the room as soon as they arrive and off chance that I'm not there when they get there.

B

Before you continue.

I

um

B

uh Casey there is a eric. Do you have a clarifying question.

J

Eric um so it's your question at scoping here: um um what what capabilities are you assuming? I guess about these um uh um about these underlying systems? You're accessing? um So I guess, like you know, so it's a concrete example. You know you said, like um you know, uh you know smart, lock, front door.

J

You know separate locks right um like um yeah, I assume you were assuming that the those systems all support this kind, there's a very fine grain authentication fragmenting, um because I know first but some hotel locks, don't support any kind of fine grain authentication fragmenting right. So, like um you know, I I like well. I guess I pointed your this is these are use cases just to make sure.

J

I understand that this is like, within the bounds of what the existing authentication system supports, with the assumption that each key is profiled to some like each key is already is like already pre-existingly profiled to some like um to some set of uses or that'll be out of scope or whatever so like like for it's like it's a concrete matter like we don't have to like lug around the um does. This system have like lug around like the axle as well, or is that all out of band.

I

So I just, I think, what what you're saying at first, I think is very true. So all of these use cases are kind of describing exactly what would happen, but all all within their own protocols. So within the ccc for digital car keys, there's already predefined use cases, and you know these different. uh Sometimes you call them entitlements. So whether or not you can drive quickly or or if you can have access to a trunk or just to the to drive the car or to get in those kinds of things have been predefined.

I

um We're not trying to solve exactly how how a user would with with ietf we're not trying to solve how a user would choose these different fine grain levels of support, but we wanted to show how it would be used in real life once we're able to transfer that credential.

I

If that helps so the protocol itself, that you know we're trying to get a working group for, is just making a flexible mechanism that allows a sender to send these over to a recipient, but less so about why a hotel can have this kind of fine-grained support and why a car can have a different level. Those shirts.

K

Are.

I

Out of scope for this talk, but.

J

It does.

I

Paint a picture for what we're doing sure.

J

Sure, let me try this question differently on on me. That may be more instructive. So, like, let's take the example, you had previously the valet right um and so like. I want to give the valet a key. um You know um it says you can only drive the car. You know um you know 25 miles an hour or whatever right um and um is.

J

um Is the remit of this protocol scoped to passing that key around and there's some other mechanism that is used to instruct the car that it can only go 25 miles an hour or does this protocol have to include a mechanism, although presumably just a hole and a hole for an opaque blob that says that somehow gets communicated to the car along with the key and authorizing the files that are like? Which one is it so.

I

We're.

J

Assuming.

F

It's private, I'm.

I

Sorry, sorry, man go for it.

F

No, it's! Okay! Let me just add a little bit a little bit of color here. If, if that's okay, look at look at, let's take a simple example, just just just to answer the question.

F

Look at single-family home, where the the the owner, unlocking the the door with their phone, takes place over an nfc transaction with the iso 18013 protocol for secure credentials. All iso 1803 compliant credentials is basically a public key. That's signed by some authority that the lock trusts that's how it works right.

F

Inside of the payload that the authority signs there. There is space already in the iso 18013 protocol for things, like dates and times schedules limitations. All of that exists inside of the iso 1803 definition today right. So, if casey wanted to share to a dog walker for thursday, what we would be facilitating is getting let's say, she's sharing to you eric getting you a credential, that's signed by. um You know the correct private key of the.

F

You know that the lock trusts in that single family home that covers an iso, 18 or 13 compliant credential with the right dates and times and the lock would actually be the one that doing the enforcement when you tap. If that makes sense, sure any sense.

J

But I guess I'm still a little puzzled about is like someone has to there's. There's some there's, as you say, there's a trust anchor that signs the key right and someone has to tell the trust anchor when you issue to this person, like you know, issue them for the for the following hours right, I'm trying to figure out if this protocol has to convey that information or if that will be done in some separate, separate unspecified way. um um That's what we're talking about.

F

Yeah, there's there's there's two variants. It depends if the credential authority is what we call kind of quote: unquote local and quote unquote remote. So, for example, digital car key, like casey, said you own the vehicle. You are the credential authority like it's, it's you right, so you would be signing some data that that does get sent over this transfer protocol. It absolutely does in the case of a remote credential authority. Let's say casey sharing a hyatt hotel key, it's actually hyatt that has to sign not not not the sender.

F

The sender is authorizing app right and hyatt is the one. That's issuing a new credential. The sender would just tell hyatt hey for this new credential that you're issuing. This is the restrictions that I you know that I would like to see and how it would respect that and the the sender would authenticate. However, they do so like you know could be. Fido could be something else uh too high, so it really depends on if the credential authority is local or remote, but we do want to support both of those variants.

G

But even in the local case, so it sounds like from a credential transfer point of view. I do whatever local operation to make the sign blob. The car is going to parse and then I put that into the credential transfer protocol. So the credential transfer protocol is only dealing with the thing that's signed at the end of the day, however, you created the scientific.

G

Yes, sorry, I agree with that.

F

Yes, thank you.

A

All right.

B

Casey go.

F

Well, I I think we had tim tim's handwriting, no.

B

Tim is camping out in the in the queue to.

F

Ask.

B

Questions later he's sort of pitched his tent over there. Okay casey go back in.

I

Okay, all right great there's, just one more use case we wanted to discuss um this would be say I am sharing. I am staying in a hotel and I have the one that has booked the reservation. I tend to organize for all my friends and, of course, I've done all the work for this trip.

I

However, I have paid for three adults to be staying in this room, so I would like to be able to share access to the two other individuals that are also on the reservation, so they have the exact same digital access credentials to enter the room or anything else I might have access to as part of this credential as well.

I

So these are the the main use cases we've been discussing. As we just talked about a moment ago. We are expecting that some sort of you know. Sometimes we call it like a token of what exactly this credential should do will be the thing traveling over this protocol, but we won't necessarily, as part of this protocol, we're not defining how how a user would decide or how a user would just uh work with their credential authority to choose what access the the recipient would have really just getting that choice over to the recipient.

I

So now I'll pass it on to dimitri to talk about requirements.

L

Thank you very much casey. I hope not everyone can hear me. My name is benitri and I'm gonna present the requirements section. um Some of the requirements are already defined by the assumed constraints presented by matt and explained in the use case. Sections are presented by casey so hopefully um like most of them make sense now. So the first requirement says that the solution should utilize um should apply uh security measures to transfer the credentials to intended recipient.

L

Only so let's say I want to send a key to my card to alice so which means I don't want bob to be able to intercept it and provision it into his device.

L

The second requirement states that we want the solution to utilize sanders preferable communication channel to transfer the credential to receiver.

L

This may include channels with various degrees of security such as instant messaging applications, whatsapp uh sms email um and the first requirement about the security of the solution must consider the second environment that we should be able to utilize. That is um the the channels with various degrees of security.

L

um The third requirement is about connectivity to internet, so matt already mentioned that we don't require both sender and the receiver to be online. At the same time and well, I think the reason is obvious.

L

Some people don't necessarily might have connectivity to internet because of weak coverage or because they just activated airplane mode on their devices, but for sender to initiate them sure they might be able to connect to internet, uh create the share and go offline um so later on. When the receiver goes online, they um they have, they receive the share, they should be able to provision it to their own device.

L

um Thank you, matt. So the fourth requirement says that um solution should support multiple types of credentials: for instance a key to a car, a key to a hotel room, a key to a multi-family home, so everything which was explained by casey earlier and which also should support both open specification, open standard solutions such as iso 18013 or card key digital key or proprietary apis, such as myfur deskfire, based on symmetric and asymmetric key types uh requiring logs to be online, having a connectivity to credential provider or offline having built-in cryptographic mechanisms to verify credentials.

L

Emphasis here is that the scope of the solution is limited to the actual transfer of credential and not the credential provisioning part or credential verification, so how the credential works. How they managed is not a part of this solution.

L

um The fifth requirement is that the credential transfer shall consider user privacy, so user private information, such as who they shared the credential with for what credential type at what time and for how long must not be collected or tracked by the solution.

L

The solution should not allow to build a social graph based on information coming from the user, and that is important uh and the last uh requirement uh eric please go ahead. Please.

J

You like sort of like expand on that requirement a little bit more. I think you know um sorry, like I mean at the very limit like, for instance, does that could see all the ip addresses of the people that are um that are transferring the credentials? um You know I guess like I'm trying to get um you know, does that have to conceal the public keys, I'm trying to get a sense of like like how how you scope out this. This requirement.

L

Yeah, that's a good question, so we might receive a lot of like personal information from the user and we really don't know um what's in the data uh stored by the solution, but we might take, we might we need to make our best effort not to store that information and, let's say I'm initiating a shirt to matt.

L

I want to share my key with the mat, so the solution shall not know who's gonna redeem that shirt, is it gonna be mad or is it gonna be someone else so the way I pass uh my voucher to matt shall be independent from the way the vouchers data is stored if it makes sense.

L

Thank you, of course, and the last uh requirement is this.

M

One michael has.

L

A clarifying.

H

Yes,.

L

Certainly hi michael.

H

Said several times I want to share my private something and I'm very I'm continue to be confused back and forth. I think you want to share your access, not your private key, that's what I keep hearing and so.

K

I just I think.

H

People, if you try to discipline that thing, because I otherwise weren't confused.

L

Yes, you're absolutely right, I I'll I'll do my best, not to mention private keys, um a credential to occur. um That's what I meant. Thank you very much.

L

um So the last uh credential is that the sender should be able to cancel um uh sure before it's um redeemed by the receiver. So we need the solution needs to implement a mechanism to basically.

L

Not allow the provision uh the credential, which already has been revoked uh christopher. Do you have a question.

N

Yeah, um I think I'm confused by this last requirement with what I saw earlier in the slides and that it was um both parties did not need to be online during the transfer simultaneously right. So, if like, for example, the sender is not online, um how, how exactly is the cancellation expected to be done? um I I'm just tripped up by the the online offline requirement here and the desire to be christopher. Is this a clarifying question or are we in the discussion land? No, I, I think that's a clarifying question.

N

um Okay, but maybe it's not if it's not, we can defer it. I'm sorry.

L

Yeah, so uh the point here is that we don't want them to be online simultaneously at the same time, in order to transfer the credential right, but uh at any given moment, obviously to initiate the transfer.

L

Sander needs to connect to the network right to store that information somehow and to pass a link to that information to the receiver.

L

At the same time, we don't require the receiver to be online at the time of the short initiation when the receiver goes online. Eventually they receive the credential transfer information and at that time they shall be able to provision the credential into their device.

L

uh The same holds true with the sure relocation. So obviously, if I'm the sender in order to revoke the share, I need to connect to the internet right to pass some requests and get some response from from the solution yeah. So it's all true the only point here we don't want both parties um to have simultaneously a connection to internet.

L

Okay, thank you for.

N

Clarifying.

L

Absolutely.

F

And yeah, I think.

L

We're actually.

F

Towards the end here, oh sorry, dimitri go ahead.

L

No, no! No! I just wanted.

F

To.

L

Pass the button to you, man, thank you.

F

I I jumped the gun a little bit too much there. um Well, I I was gonna say I that was the end of the slides. um Thank you, dimitri and casey. Also for for um uh presenting them with me, so I mean I think, uh leaf shot, I'm not sure how, but I mean we can jump into q a now yeah.

B

This is the discussion part.

F

Of the the both so.

B

Good patrick, go ahead.

B

Patrick we're not hearing anything from you all right, audio problems.

F

And, and and just to um you know christopher just to reiterate on what uh dimitri said, the short answer is you: 100 have to be online to cancel that's the short answer as the sender right um we just as dmitry mentioned. We don't want sender and receiver to have to be online concurrently and but any operation such as initiating a share or canceling a share. The device performing that action needs to be online to complete that. Okay, I think richard was first there.

G

Right yeah, I was going to um just relay patrick's question for him, because I also thought it was a good question. um The question was whether the sender there's a requirement here for the sender to be able to get an indication that the recipient has accessed the resource, which I guess would mean you could no longer be canceled, etc.

F

Yeah um we do there's a good question.

F

I think I think that's a good point.

O

So what was the exact question? Sorry? I.

F

Hey: hey, yes, they're they're they're, saying that it might be a good idea for the sender to receive an indication that the receiver has successfully received the transfer and now has an active credential.

O

uh Yeah, actually um it I would say also that depends on the use case for for car keys. For example, the car the car maker is involved, and the car maker needs to get the information that the key is active now and a new key has been created because they need to register that for insurance purpose. They always need to keep track of how many keys exist for a given vehicle.

O

So they are necessarily in the loop and they will send a notification to the owner device in that case that the everything is good on on receiver side and they have now a key that they can use on the vehicle uh and sweet uh following that. They're also involved in uh revoking the key, so either the we call that friend, let's say or the receiver deletes, that key on their own device.

O

Then in that case the friend, secure element would generate a termination attestation to prove that the key is now unusable. That will be registered also by the car maker to delete that key from the list of keys issued for that vehicle for insurance purpose and then also the owner could request deletion and there it needs to go first to the car, oem or the car maker, because there are security requirements for many car makers that you can't just delete the key. While the friend is driving, for example, so the vehicle will decide.

O

When is a good moment to actually delete the key, which is in some cases, for example, if the car, if the car is locked or used with a different key and only then the key would go away and then that's all uh the task of the vehicle oem and they would then reach out to the receiver device and revoke the key once it's successfully revoked in the vehicle.

O

So just to give you an idea, yeah. So.

B

Somebody.

O

Made a point.

B

Before.

O

You get all the.

B

Cue somebody made a point in in chat that, like this is the audio recording like needs. People need to understand the audio recording, so say your name as you start speaking, it actually helps people understand it, who you just listen to. Oh sorry,.

G

Yeah.

B

Okay,.

G

Thank you, my name is so I think the question was actually simpler. Simpler than that you know the the base interaction we're talking about here is sending a credential from one device to another device and because of the async requirement, that's in two operations, there's the sending operation and there's the receiving operation right, and so the question is you know if I'm the sending device, I know when I've done sending operation and presumably the receiving operation happens, but do I can I, as the sending device know through this protocol, somehow whether that receiving operations happened?

G

Yeah and I guess at the level of requirements like does this protocol need to have that capability.

O

Yeah to meet fields and that's what yes again um to meet fields. It can be an optional one because it can go either through different rails or it can go through the protocol, depending on the use case.

P

Alex here I think, in a lot of the use cases we've been thinking of the share. Acceptance is confirmed by the partners, who usually have the credential authorities, but, as mathias said, it could be a good optional addition for future use cases.

I

I was just going to add to alex's point for a second um just that just receiving the information. The credential information doesn't necessarily mean that that user has then accepted that share or is actually able to use that access credential. Yet until we have some information or not, we as in you know, the center device knows that that partner has actually communicated to us and said yes, that that recipient has accepted the share and successfully provisioned or got that credential onto their device.

I

Somehow just knowing that the recipient has clicked on or like somehow gotten access to that information might be helpful, as we can definitely discuss farther, but it doesn't guarantee that that user has successfully gained access to the credential you wanted to um until the partner has told us so just want.

G

To give that.

I

Little extra and you can just.

G

Do the next question thanks, so it sounds like supposed to read that.

G

We're talking about here might not be everything that's involved in transferring the credentials to the semantic level, since we there's some other credential protocol bits going along around the outside that might fail, even if the transfer the bits has succeeded. Okay, thank you. Okay,.

F

I have another question, I think no, it sounds good. I I think the way, the way that at least I do it in my head, it's kind of like a like a triangle where the sender and the receiver just picture kind of the bottom two nodes. The transfer between them is necessary, but not sufficient for the full ecosystem of sharing in terms of revocations.

F

After and seeing what's going on that, third node at the top is typically like a remote credential authority that has connectivity and apis to these two devices again could be high at you know, for example, it's a higher pass you're sharing between the two of you down here center and receiver, and let's say that completes successfully the only entity actually in the world that will know if the receiver is fully provisioned actually is hyatt to be honest because they're, the ones that are actually issuing that credential that's different from car key to matthias point earlier that you know, karki works differently because the owner is the you know authority, but for for so that triangle, I think, is an important paradigm to a number of the questions that we've heard earlier too.

F

That's how you would revoke if I shared with you, that's fully successful. That was two weeks ago now I want to revoke. I would actually ask hyatt kind of from my device to hyatt and how it would then do the revoke down down to your device. um I just wanted to add that clarification.

O

Yes uh and yeah, maybe to add that just a little bit, um I think we can say there is a push and a pull model uh in the hyatt case. You would basically uh send over this relay channel token that allows you to that.

O

You would redeem at hired and hide, will push your credential into your receiver device and for car keys it's the other way, so the owner is actually giving the actual credential to the uh to the receiver and it is uh um yeah push and pull depends on the direction it is registered by uh by the credential authority, which is the vehicle oem, but it is not issued by them. So that's that's. I think the the main difference here and it needs to work for both cases.

A

Very.

J

I understand what responsibilities are in scope here and what are not um so um uh let me start with easy case, which is um the um the case where you know I I I give return my car keys for the next month and then, like two weeks from now, I decided she wasn't driving my car and I want to deal with that. That's not we have to deal with that. That's like that was someone some unspecified mechanism where I like called tyler right.

J

um I push a button on my app or whatever I could good um and um and then so. The it's a people lie their heads to confirm that, like that's what everybody thinks um and then it is, um and then in the and then the case where the thing is in flight and he has not you retrieved it. um The situation is that once again, like, I somehow notify toyota or whatever, but then toyota does not officiate the transfer when he comes to pick up the pick up. The key right. That's like that's!

J

That's the assumed mechanism for this right. um That is there's not some new protocol mechanism. We have to invent to stop that transforming effectuated just because he hasn't picked it up yet.

F

Yeah, I don't think so I mean there's there's one case, that's kind of in the middle of the ones that you just described eric, oh- and this is not speaking, which is um there's actually three back and forths needed for car key right number, one: the owner of the vehicle um initiates the request to the recipient number two, the recipient generates a key pair and sends the public component of that key pair back to the owner and number three, the owner signs that with their private key and sends that back to the recipient. Right.

F

If those three don't happen, it won't work and so, for example, after the first one that happens, you could just initiate a cancel on that on that transfer directly from your sending device to the you know, server managing this stuff and that would successfully cancel. But your earlier statements were also correct for transfers that have already successfully completed.

E

Well, is the queue drying up no richard's back? We should go.

G

I'm happy to happy to talk some more um so I mean it sounds so we have these on the one hand, authentication and access control requirements. The credits will only be sent to the specific, so the the intended purpose of recipient now.

G

On the other hand, we have privacy requirements that we don't want the transfer service to know who's who, um so it seems like that sort of implies that there is a some way to establish who the intended recipient is, so that so that the transfer service can verify that it's the incentive recipient without knowing the identity of the recipient.

G

Does that sound right.

F

Yeah this has been tricky I'll. I'll be honest. This has been tricky when we've been thinking about it, because not only are those things somewhat at odds with each other, but um anyways it's a hard problem. I don't. I don't want to um like prescribe anything about our solution that that's up in the draft, because I know we want to focus on the requirements here in the problem statement, but I'll just say like some of the things that we have um uh done.

F

Here's one example when the sender shares the data that the recipient needs to receive the transfer. The sender is encrypting that data with, let's just pretend a brand new symmetric key that they generate on the sending device.

F

They then put that data onto this transfer service. The transfer server, cannot decrypt it for obvious reasons and they're sending the symmetra key in a uri fragment of the url that they're sending to the receiver. You know to the recipient and the idea there would be um the recipient can download the data from the relay server and then only that recipient can decrypt the data. So we've we've sealed off, or we've attempted to seal off the oh sorry richard go ahead.

F

All right go ahead: okay, we've attempted to seal off one potential attack vector which is um a malicious transfer service, or somebody who has compromised the transfer service. There remains additional attack vectors, for example, if I sent it through sms and somebody captures that sms. Of course now they.

C

Have the symmetra.

F

Key- and there are some other things that we were thinking of so like, for example, um the recipient device would generate a uuid or guid when it receives the link and sends that up to the transfer service when it gets the um transfer request.

F

The first time the transfer service then binds quote unquote to that uuid so that if somebody else happened to guess the you know, transfer identifier, which is a hard problem from an entropy perspective, but pretend that they did the um so like, basically, the first person to receive it wins which has pros and cons, I'm not touting it.

F

As a you know, solution, that's you know amazing, but these are the kind of things that we're thinking so, like the short version is have the data field level encrypted such that the transfer service cannot read it kind of you know, one uh primitive um have the um the key that needs that's needed to decrypt. It only sent between the sender and receiver no server and that helps kind of seal that off, and we have some other ideas also for the um protection of that channel.

F

There are some interesting things that we've been thinking about like a potential second channel with the pin code, so you have to compromise two channels in order to truly compromise the link, like maybe sms, and then you call the person and say hey. The pin code is one two three four or you know whatever the case may be. I don't know if this is more appropriate for the working group discussion rather than here, but I just wanted to share some insight as to what we've been thinking about with privacy and security.

G

Yeah thanks uh that matches the intuition I had as well, um I think from a requirements and kind of scoping point of view. The important thing I think to capture is that we have this transfer service, which is sort of oblivious.

G

um You know, doesn't know a lot about identity information and we have we presume some other service that is being used to establish who the intended recipient is in a way that the transfer service can then verify, um and so I think they will have to you know we'll have to figure out what this working group is going to commit to do in terms of that that secondary service, because it sounds like you want to be a bit flexible, but maybe we want to define what data elements go over that at least or um you know, maybe define the format for those data elements, but I think just at least establishing a separation.

G

Acknowledging the existence through the requirement for a separate channel um will be important in kind of laying out the scope and it'll obviously be important in the security analysis later on.

F

Yeah absolutely um fully concur with what you said and eric just before. I I hand it off to you, because I see you have your your hand up. I also just wanted to add that, like I mean one of the things that we think is that the the the identifier of this transfer that is kind of established when the sender first initiates should be large enough and with high enough entropy that it's for all intents and purposes impossible to guess right.

F

I mean, I think, probably everybody kind of understands that, hopefully and and agrees with that and the the knowledge of that when the receiver comes to the transfer service to complete the transfer is sort of necessary and sufficient for the transfer service to provide the encrypted data and then, of course, the second layer there is is that the recipient has to have the key to decrypt it and thus we're kind of reducing the problem statement almost ignoring the transfer service.

F

Then at that point and reducing the problem statement to your point, richard purely to the communication channel or channels that are used for the sender, to communicate to the recipient and and hopefully that that makes sense um um eric. I I see you have your hand up there as well.

J

So actually the thing you just said surprised me a little bit, um which is to say um I mean so mean I've read your draft and the sort of the implicit like structure draft is that the um uh the the um senders as a recipient, a um a a a mailbox with a secret identifier and a uh uh um metric key that it can use to decipher the the content of the mailbox right?

J

And um I guess I'd like you to talk a little bit about why you think that the um what requirement you think gets you that the mailbox has to have a secret identifier, um um um name except it's like here, like here's like here's, the superdom version right, which is to say that the mailbox is entirely public and like anybody can read it and, like you know, they're just enumerated one, two or five, and that the symmetric key um is sufficient to crypt. And you you travel the crypt and it works.

J

It doesn't work right and I'm not saying I would actually on the system that way, but I think it'd be worth trying to like tease out what the requirement is that gets you, the the the mailbox has to be. um Has to be secret because I think that's obvious.

F

Yeah yeah, that that's a great question I mean in my mind there are two or three things, I'll I'll state, those and then you know I you know I'll close, my mouth so that other you know, proponents can also answer as well, whether it's dimitri casey, you know matthias or others, because I'm sure people have their own opinions here too. But you know one one. One opinion would be that that this mailbox is relinquishing encrypted data right and obviously the only uh person that should be able to decrypt.

F

That is the recipient, with the symmetra key. Typically in cryptography. It's a bad idea to um you know: have your encrypted data be open and available for anybody to look at because they can typically, um you know determine some ways that it's encrypted and things like that, but I think more importantly, it also allows the transfer service to do things like rate limiting right basic. You know, you know ddos attack prevention. You can limit on the mailbox identifier itself, for example, and that that's more practical than theoretical, but I think I think that's that's helpful.

F

um You know whatever you are sharing with anybody in the world, you kind of don't know who they are um sending them some kind of a secret that you know in this case. It could just be this uuid that that you mentioned, is um you know you know having possession of that it? You know, in my opinion, should be a requirement for them to download the data it helps. It helps. Prove is the wrong word, but it helps towards them.

F

Having received the message from the sender versus just like, let's pretend we use like a you know: monotonically increasing integer, one, two, three, four, five: six etcetera.

F

If anybody in the world could download the data from any mailbox, then they would be able to kind of you know, uh you know, attempt to decrypt it and and all kinds of stuff. It just felt like a good idea.

J

You look like this. What surprises you state? This is a cryptographic principle, because I typically operate the opposite assumption, which is the data transmitter network, is equivalent to anybody and they're trafficking protects it. Hence, like you know, tls or mls or whatever right so um so I think that's I think I mean I think if we don't assume that the cryptography is sound, we have much more search problems um totally um yeah. um I think you know the part of the thing.

J

This goes to the threat model against the against the relay server, which is like, what's the trust model against the relay server. um um So um you know I guess like I would, I guess, I'd be uncomfortable, a system that did not provide um security for the system, even assuming the relationship was entirely compromised right. So I think that probably like has.

K

To.

J

Be laid out a little bit um um anyway. I I I'm not sure, that's what I think it's a bad design, I'm just saying like water. What are we depending on here? It.

J

One more thing: you sort of indicated that sort of hand moved around, I think maybe or implied, was- was attempting to persuade the relay server that um that you were that you were the correct recipient right.

J

So I think um you know, as I think you know what one question is like you know the um that uh um that, like in this in this environment, right, um you know uh uh the um uh um the the the the um the the really a server is persuaded at the time of download that you know the um that you know the uh uh the uid but has not persuaded.

J

You know the cryptographic that encrypted right and when men imagine, who might imagine forcing the recipient to prove they could decrypt it right, um um and um so I think you know just trying to sort out like what the access control situation around the relay server is and like, and especially when you start talking about having a url fragment- um and you say, like you know, because one of the reasons we'll use your offering is just like trying to allow the release server to learn the uid and not not the key and that kind of stuff.

J

So I just think trying to do it that would be helpful going forward. um um The second thing I wanted to say um is: um I think we probably need to like nail down the implied sort of properties of the center recipient channel a little bit more, and richard was kind of poking around a little bit a little bit in particular.

J

um Like um you know, it seems to me that, like that, the properties you seem to be envisioning um and correctly, if I'm wrong, are ones in which um there is no cryptographic binding effectively of any material to the recipient and namely that it's like sms, where, like I assume it's confidentiality and the system has company out job, I have no idea what the key material of any of any kind is just to provide.

J

That's all I've got is this: is this encrypted channel right um that, hopefully, is delivered the right person and- um and secondly, it seems to me you're, assuming that it has some minimum bandwidth requirement, which is to say it's large enough to get larger large enough to to to to produce a to to contain a cryptographically relevant key, but also a maximum bandwidth requirement, and it is, it is small enough that it cannot that it cannot contain the entire appeal, um and so I think, trying to like lay that out a little bit probably would also be helpful.

J

um So you know so we to understand what we have to work with right. I think in particular you know trying to lay out. I think what the minimum like like effectively like the minimum mtu of this channel will be like very helpful. um um I mean sms is large enough to have any possible trafficking, but, like just like it doesn't have to work. You know it doesn't have to work if it can't contain participants or something I think has to be like or maybe 500 bits or whatever.

P

Steven.

O

Yeah, maybe I I give it a first shot matias here.

O

I think the relay server itself has very little security properties, um so uh the probably the most important one is uh to release the credentials that have been deposited there only one time to one receiver, so it needs just the first receiver grabbing. The link is the one, and once this is done, it should not be possible for any other receiver to to copy the credentials meaning to to duplicate them.

O

The encryption is indeed, as you said, it's a secure channel. uh The cryptography is chosen to be strong, uh but the one who has the key uh can decrypt. So I think the that's mainly for privacy, but not really security, because uh it depends more on who has the key, then? Can anyone crack or break that encryption right um and then how does the key get to the right person? And that is unfortunately, a very hard problem to solve.

O

I think, especially if you talk across cross cross device platform within apple and I'm sure, within google within samsung. There are proper proprietary methods where you can bind much stronger the identities, and you can be much more sure that it's going to the right person and for universal um sharing mechanism you there needs to be second factor or there can be a subset where you can do some identity binding, provided, for example, the receiver has an email account. That is second, that is already verified and maybe the email account owner could attest to something.

O

But that would not work generally. So I think we can't really put that in scope. um So it's a very simple mechanism and to recall the main problem to solve is it needs to work independently of the device platform because we could do imessage airdrop, whatever google could do something. Some samsung could do something, but for really universal thing we don't have real, really good identity binding, and we need a simple protocol that is open for basically everyone to uh to participate.

B

All right, stephen, I'm gonna, let.

M

You in here now all right, so I have a question about the kind of the expected implementations or deployments. Who do you expect would select the relay server? Would it be the platform or the credential owner or who.

F

Yeah we would envision that the sender the sending device would be the one that selects which relay server they would initiate the share or the transfer to, and it would typically be um you know I mean it could be any relay server, but it would, it would most likely be a relay server hosted by the you know, the company that manufactures that operating system. Although you know you could kind of use whatever relay server you want, you could also envision third-party applications.

F

So so, for example, you know a you know: ios application, um for you know, bmw right, who has digital car keys, initiating a share against a really servant that bmw themselves hosts and and that's perfectly acceptable as well.

M

Oh yeah, I I I guess I need to think I mean that yeah there's. Obviously a lot of consequences flow from that as to what privacy issues you have to kind of consider, and possibly as well, whether there are kind of issues related to kind of spammy, mailboxes or fishing attempts, and so on. So.

Q

I think that's something I'd like to understand better for myself. Personally, thanks sure, yeah, no, okay, no problem, I mean.

F

Yeah yeah sorry go ahead. Did I trump somebody.

O

Yeah, maybe uh to give another use case that makes that bit uh or that widens bits. The the landscape of possible usages is, um for the moment we're talking really device to device physically, like I'm, the owner, I'm private person. I share.

O

I share my key with friend, family member, etc. um So that's then very likely. uh The sender device oem will set up the relay server just for practical reasons. It's there's no obligation or any technical reason. It's more practical reason that generally a device oem if they set up their own relay server, they can bind the device uh the sender device very strongly to that relay server and have uh very little uh um uh danger that it connects to a fake relay server and restricted something.

O

um If we think about uh business sharing use cases, that's I think we haven't discussed that, but it would apply there as well. For example, you have hertz or avis, who has a whole fleet of vehicles, and they there there would not be a hurts employee running around with an iphone or google phone to to uh be the owner of all these vehicles. It will be a server. So there is another use case where the server or the owner is basically a server a device on the server.

O

If you want and then the the use case is uh more on the contractual level, then because it would be a server to server connection to the relay server and then the relay server on the other side would would share to a real uh like renter device to the person who wants to rent the key. So.

K

The car.

O

And so that that's a use case also to consider and there um there might be other ways to bind. For example, let's say there is a security company who is really specialized in secure servers. They will offer that service and they will very strongly bind the hertz server that owns the cars to transfer the ownership to that secure server that that is really the the owner. Sorry and then the relay server there will be a contractual relationship um and it's very well identified.

O

So I think, there's also no risk and that could be than any any relay server that they choose to to contract. So that's that's a bit our vision or our view. I don't think there's anything uh settled yet in that environment, but uh the situation is just a bit different here. Thank.

B

You matthias, I I want to get uh richard uh as time slot now.

G

I was just going to just to touch on the last point. I think that flexibility around who the relay service is does underscore the the identity point that matthias made, because, especially when you have multiple verifying parties like multiple transfer services, it's tough to come up with an administrative service.

G

um What I was in queue to ask was more about, and you get more scoping around what we need to support here. It seems like, in the schemes we've discussed, you have multiple different credential schemes uh running around that may or may not be supported on a given device uh participating in these transactions.

G

um Do you envision having as part of this protocol, like some negotiation, where I can find out whether the you know, whoever I'm trying to send this thing to supports? You know a hyatt hotel, key or um or giving cargo, or we were thinking.

L

Can I take this up, please sure sure uh dmitry so richard? This is a great question and we were thinking about that a lot. So let's say I'm sending my credential to my friend, but he receives them on uh desktop device which doesn't have the secure element. So we cannot use that device um as a car key or as a key to the hotel.

L

So we we need to establish a mechanism to relinquish so at the time when they connected to the mailbox they bound. They claimed that mailbox. Now we need to establish a mechanism to relinquish the mailbox for them so that now they can forward that link to the proper device to their iphone to the phone or anything that has the secure element on it.

L

So we we agreed that the solution needs to take day into account.

F

Yeah, I I also want to say, like I think we don't. I don't think for privacy reasons, that we should create some kind of a system that acts as an oracle, where you can send a transfer out and see what somebody's device does and doesn't support. We've, we've kind of distinctly set that as a non-goal just for privacy reasons um you know. Instead, the major manufacturers of these of these phones would have an error message on device that says: hey. You know richard just shared with you a car key.

F

um You know this phone, you know upgrade your software to you know be able to support it or you know this hardware doesn't support it whatever they want to show, but I I I personally don't think we should send that information back to um the uh the sender and then you know just to add on to what demetrius said you know.

F

I also think that we we need to have some kind of a fallback web page, that's hosted by that same url so like if I send it to a device that you have that just has no idea about. You know this service and transfers in general if they click that link.

F

You know whether it's an sms or something it's going to go to some web page right, that's hosted by this transfer service because it's a valid url and you know again, we might show something reasonable there, like you know, you receive the transfer and you know I don't know you know some some text basically.

G

Yeah.

F

I think you're right.

G

Especially from the privacy point of view about being able to create an oracle here, it sounds like that we probably at least have a requirement to articulate what sort of credential is being offered when you go to receive one so that you can make an intelligent decision. You can present an intelligent error message that says you need you've received a key and you know we know we can't use that.

F

And that was a recent addition, I think. Oh sorry, casey go ahead.

I

Oh, I was just going to add that to to your point richard, there are, and it's even a more complicated problem, because there are several different scenarios that could cause a credential not to be able to be received.

I

It could be that you know you sent this to your friend and you knew they had a the correct device and, as matt said, they opened it on the wrong device. So that's one thing or it could be that the device is on the wrong operating system. They just need to upgrade. So that's another scenario we have to like explain to the user of how to fix, and, lastly, it could be that they are completely up to date on the correct device. However, their operating system hasn't um created connectivity or work to implement.

I

You know that particular kind of credential, so all these different scenarios are very valid. We need to be able to explain them to the user, so it's a tricky problem to solve. Definitely.

F

And we did, I think, between version zero, two and zero three of the draft. We did add some sort of enumeration like stuff to show what type of credential was being shared richard to uh um to so so, if you haven't already version three, I I believe contains some metadata that that will so that will help the receiver determine what was shared.

B

All right, I just want to remind people that at some point in the like soon we're going to bring up the chair slides again and start talking about sort of both questions. So if you have any outstanding questions about sort of the presentation and scoping and issues related to that, please step up now.

B

Anything that will help the the both make a determination.

J

All right eric go ahead. Yeah I just like probably useful to have for the record some sense of like which major players in this uh in this ecosystem are participating, which ones are not. um um You know, there's something that it's know a lot about and happy to see us we'll do work here, but like it'd, be good to like make sure that, like we're not missing a bunch of people like are important um that are not going to want this.

J

um So I guess I know obviously that's a difficult question from opponents who obviously are in favor, but maybe you could just list out like who you think is like likely to be interested and involved in involved in the standard specification, although of course you can't commit to any product.

G

Plans or if there are other people uh in the room who would like to express their interest? Oh yes, thank you. Yes,.

F

Richard I didn't catch what you just said.

B

So so I think richard was uh or eric was asking about sort of who are the who are like the engaged um actors in in this field.

K

Right who.

B

Are the companies or the organizations who are interested in this who's going to implement, um etc? Right, obviously, we see some some big names in in the on the drafts, but you know what other level of interest etc. Is that a fair representation.

J

Thank you. Yes, exactly.

R

Yeah, I do want to comment on it. This is nick um from google and yeah. I think we are one of the other proponent of this proposal here um and I think it's fair to say that this being adopted by something that we're working to get adopted by ccc, so we have vehicle manufacturer that are also interested in this kind of uh uh proposal.

F

Yeah and then- and then I'm you know, I um apple- is represented- pretty heavily on this on this call, as well, um by myself and and and and by others. So I think we do envision. um You know support from a lot of the the larger manufacturers of um smartphones.

A

I I just want to say that I think that any statement that has just been made now or a minute ago is not meant to imply that the manufacturers are absolutely positively going to release this in the next version of their whatever. um So I want people to be able to to say whether they're they think their company is interested without being like having their feet held to the fire absolutely later like. Oh, you didn't do it in version 12 or whatever. So thanks.

C

uh Two small procedural comments, uh one, which is, I hope we can really avoid, calling this secret and introduce even more confusion by people outside the atf about what on earth our acronyms are connected to and the other is that substantially. Every substantive comment, I've heard in the last hour and a half has been about security issues and not about applications issues.

C

Well, I want to raise my question about the appropriate area and home for this again um just to race.

B

All right, yeah thanks uh john obviously right names aren't um set in stone. um If this becomes a working group, then it can be changed to cool to be called whatever, and I I think the second question is more. Like a, I think, more, a question for our various ads on the call, and you know if any of them want to step up to the mic and talk about um you know potential homes. For this then go right ahead in the meanwhile. um I think richard wants to say something and.

G

Yeah I'll uh plus one john's uh concerned about the name. um I would I agree that we should find a better name for this. That's I agree, that's minor um as far as applications versus security. um I think this is going to have.

G

I think this has more application design than um than security design um in terms of how things get indicated, how the bits get moved around there's a bunch of kind of how do we arrange application transport stuff that the security area is not going to be great, for I think we can get the right security folks in the room. Obviously echo- and I are already here um so I think we can get the security model right um and then that that, but that's that's just kind of the core of the protocol.

G

If you will there's a bunch of uh stuff wrapped around that that's going to need uh application attention, so I think uh uh you're right this straddles the boundary, but I think uh applications is is slightly the better place for it. um While I'm here, though, the the reason I enqueued is actually continue that discussion of the you know do we have the right community.

G

um I think nick mentioned um the ccc, um uh potentially some interactions there. uh So you we talked something about the the device vendors who are involved. I was wondering if anyone from this kind of credential ecosystems, um any of the kind of credential issuers or something needed to be uh engaged in this, and if so, we've kind.

C

Of have the right.

G

Connections on that end,.

C

Yeah richard the applications argument convinced me when I raised the question on the list and got an answer, but again empirically at least as far as this off call is concerned, I haven't started single applications, comment or question. I've heard nothing but security issues and that's just something to keep in mind. Well, I asked.

G

The content negotiation question, which I think was an application.

K

So.

C

Francis.

K

As era director, I will just jump the queue to.

C

That.

K

Queue as well, but then you can probably just say as well, but we at the rtd and securities have been talking about it.

K

We are synchronized and- um and we agree that this is cross area, and I expect that so we haven't agreed yet, or we were looking forward to this discussion to hear more from participants what they say where they think they should live if the working group is created, and but I expect that um we would do something like uh if it lands in security that it will have a art id if it lands in art, it will have a security id just to make sure that there is coverage from from us.

K

But then, of course, we want to do what's what's best for for participation, so just make sure that both art and sec are uh are are present. So yeah.

B

Thank you francesca. That's um that's very reassuring and clear. So richard are you in the queue or are we letting ben talk there? You go ben, go right ahead.

D

Okay, yeah, just to I guess, reiterate what francesca said. Yes, we acknowledge that this draws the boundary between applications and security and we're happy to place it as appropriate.

D

You know, as we learn more, we will do all we can to get the cross-area coverage just to john's point specifically about, like the amount of time we're spending in this session on security questions.

D

I would respond to that by saying that we're not talking about security mechanisms, we're talking about security requirements and that, once the sort of requirements of the application protocol identify what security properties we need, then the cryptography to use to get those security properties is pretty straightforward and so like it's not really a question of defining the security mechanisms. It's a question of defining the security requirements and identifying them.

B

That's a great point eric you want to.

J

I am entirely indifferent under which area this sits, but um but I I do think that john is making an important point, which is: are we going to get enough interest from application area? People um to uh you know to be able to effectively execute on the application pieces, which I think are significant, as I know in my review. um So I think, like I guess what I would encourage is the chairs the ads to during this.

J

You know the traditional call for you know, um call for you know, interest or whatever, to attempt to just in some way measure the temperature of both the applications and the security people independently um to make sure that, like you know to make sure that, like we want people who understand like webdav or whatever it is like our email john suggested. So it's like you know, so we don't like. I don't end up designing like misdesigning the application components. So I I don't think yeah like the case, but I think we should make sure.

A

I alluded to that earlier in the conversation to say that when we did our hums or the questions about you know, are you willing to participate? We could you.

K

Know literally.

A

Ask generally, is everyone interested and then break it down? Okay, we're going to ask two more and break it down on this in the security versus zaps and to make sure that we've got a good constituent of people.

B

All right, maybe that is our cue- to bring back the bring up our or our list of both questions here and see. If we can take some temperature of the room, um do you want to get the slide.

S

um Deck back all right there we go.

S

All right, so, I think we're back right.

B

All right, I think, yeah it's after that here we are all right.

B

So um I don't know, should we do we want to try doing this with the show of hands tools.

B

And the first.

B

Or michael, do you want to say something.

H

That's all.

J

Just to clarify raise hand means you understand the problem, correct.

B

Race hand means that, yes, we kind of understand the problem.

B

There's about 39 people in the um in the session right now and it feels like a pretty clear.

B

Consensus that the problem seems to be well enough defined right.

B

Do proponents have to vote? uh No, I don't it's not a vote. It's kind of we're kind of taking the temperature john did you want to say something.

C

You always apparently the lone.

K

Dissenting.

C

Voice, uh the uh the questions about boundaries between certificate transfer and certificate management, uh and a number of other things leave me somewhat confused about where the boundaries are and what the work is and consequently I'm not certain. I understand the question and if anybody else is clear about that, then fine.

B

All right, no all right point uh noted john. Thank you. um I want to see if we can get um so sean, you seem to have figured out how that tool works. So I'm hoping you can so.

A

I'm gonna do it.

B

Or see anything.

A

When I'm running it, so you tell me when you want to call it so I'll.

B

Type in then, let's do the next one yeah, let's do the next one. So the next question is: is the problem space worth solving in the idf and.

A

All right off, we go.

A

Oh, I guess for the minutes, we should say for.

G

Well, somebody's doing that great.

A

All right, I think, that's probably pretty good.

E

Yeah.

A

um I would say: that's pretty unanimous.

B

Yeah we've got about like a little bit more than half of the participants in in the um on the session, so has raised their hands and there's no um dissenting voices or opposing voices here. So yeah.

I

I think you can.

B

uh Call this one all right and all right this seems like for for for for us. This seems like we're we're sort of we're on track here that to to be able to say to the isd that this is worth a working group. uh The next couple of questions is sort of about resource uh available resources. Here and in order to have a successful working group, we really need people who are willing to edit and review drafts and editing drafts is often sort of you know. It's not.

B

I think we need to assume that the proponents are not going to be the only ones who actually write text here so like the first question is who is willing to edit drafts in this space, um not necessarily the only drafts that are being proposed now, but other drafts that can come out of this work.

B

So let's take that temperature now.

B

All right, we have like a fair number of people who say that they want to willing to edit drafts.

B

There are some who say that they won't be able to do that. uh We're going to ask the follower quest quick question in a next about reviewing drafts, which is almost as important towards a successful working group, but we're looking at about eight people who are willing to edit drop. So let's go ahead and do the next one who's willing to review drafts even more important. I would say to get good reviews and lots of reviews is kind of the backbone of our working group.

A

And to note that we are going to go ahead and ask the sub supporting questions too and the art versus security, and you can categorize yourself. However, you want.

B

All right exactly.

H

All right here we go.

B

All right, fair number of people, um so, let's right, let's see if we can get. um I am. I am an ops. I am a a a security person and I will review drafts versus. I am an abs person and not that I've never ever sort of been able to tell the difference really. But.

A

Okay, so sending it from an art perspective: first, art apps, whatever yeah.

M

All right.

B

I choose one.

B

Kind of looks like a little bit like half.

A

Yeah yeah now I'll do it from.

B

From a reviewing from a more of a security perspective,.

B

Now my math says that there were more people who were willing to review drafts as categorized people than as, but um I'm maybe a little bit off in my map. But it still looks good to me, like um sufficient number of people in the art area and security area are clearly willing to put in the work. That's very, very, very helpful um and I we haven't sort of gone through the. So maybe we should sort of um we still have about a quarter of an hour to go.

B

Should we just go, take a look at the charter text and see if there's anything like obviously like bad or good and see if how far we can bang this out.

B

So at this point, anyone who wants to comment on this page, the charter text, then there's like a couple more right, um just go ahead and put yourself on the queue and like um make suggestions, or you know I know uh and michael you want to go. Michael and steven go michael first.

H

Alright, so the first sentence of the charter says that we want to share a digital credential when everything I've heard over and over again says that we want to delegate a credential to somebody else, so I think that kind of flows through the whole process, the whole charter.

B

Stephen.

M

uh Yes, the of convergence out of scope- I think, is a bit unclear- needs a bit work um the language, but I couldn't quite follow exactly what was being said and then. Secondly, I think I'm not clear to what extent this work requires understanding the security and privacy properties of the credential mechanisms themselves.

B

Are you, are you suggesting that those who put out a scope specifically.

M

uh The the thing about out of scope is that I just think the phrasing is odd, so I didn't, I couldn't quite pass it correctly. It's on the couple of slides ahead of the one you have, um I think that's just wordsmithing, probably but more. I think the the more interesting question for me is that I don't I'm unclear to what extent doing this work requires a full understanding of the privacy and security properties of the credential mechanisms.

B

Like any of the proponents here, you want to briefly speak to that point. Is there anything we could sort of put in the in the charter.

F

Yeah no problem yeah, I I think I think we can clarify the language a little bit. I I don't think to um to to work on or review the charter or the draft. I I don't think you have to have intimate knowledge of the actual credential types and how they work. um I think I forget who mentioned it earlier, but the the the purpose of the protocol is that largely the transfer service is sort of unaware of the details of the the actual credential and the information being shared.

F

So in my personal opinion that would not be a requirement and then um you know uh definitely heard you on the wordsmithing. um I should also note- I think, we've gotten a couple comments before this about specifically about the word multidisciplinary in the last sentence of that first paragraph. So we may need to wordsmith that a little bit as well.

M

Thanks yeah, I'm not sure I would fully agree that you can be ignorant of the credential mechanisms to be. To that extent.

M

Just to give an example I had it, I had a student a few years ago did something about kind of my fair classic weaknesses and so on, and um I can imagine that you know knowing that the potential vulnerabilities and security assumptions being made by some of these credential mechanisms might be important.

F

Yeah, I do think I mean I do think you know, knowledge of them would be useful. I just don't think it would be required in terms of like comparing my fair classic to my fair death fire understanding, how um you know ccc credentials. You know work, I it's just my opinion, but I don't. I don't see that as a prerequisite to um you know meaningfully contributing to to the transfer um just because we wanted to be relatively agnostic and work for a very wide variety of credentials.

M

Sure it's fair point. I wasn't trying to imply that everybody needs to be an expert in everything, but I think that expertise is kind of needed in the room.

Q

Understood.

J

um My sense is also that we don't need to understand this in detail, but I think it would be. It is important, maybe like just briefly some so at some point. Someone should briefly write down what they like. What the underlying assumptions about these credentials like might be, and what they what they require myself. My impression is very little, but just like what you know um like, I think, like a perhaps a non-normative document with a with a couple. You know a couple diagrams that showed like how these things were supposed to work.

J

um You know would be. It was a value at some point. um uh uh You know I, I don't think it's a, but I think I don't really move forward. I think it might be helpful as a reference point um right.

B

Eric, maybe the intent, maybe it's enough to say that the intention of the work is to limit is not to and have um deep knowledge of, deep understanding of the underlying credential system.

J

I agree: that's my sense as well.

G

Yeah, I I think that's right as well. On the other, the the other boundary of the problem, now we've nailed that one boundary. I think it would be useful to kind of distinguish um this protocol from kind of a generic tunnel data between two users protocol right.

G

You can envision a protocol where I set up a tunnel, the mats phone, and we can push stuff back and forth my senses that there are some specifics to the credential case here to be added, um but it would be good to kind of identify exactly how we're different from generic tone protocol.

F

Yeah, I think that's a good point.

E

um Eric and um oh.

C

I'm sorry.

H

No.

E

All right.

B

All right ben you wanna.

D

uh Yeah, I was just gonna mention, and that has raised the question of. If we want to talk about a person or a user agent or potentially both. I guess.

F

Got it so standardize on the sort of noun that we're using for um what sort of entity is on the receiving side in the sending side?.

F

On that.

A

Note.

F

This is like an eye test.

J

Hi, I could probably just send these as prs, but I think these last two um are not super helpful. I think they're good things that are good things to happen, but they're, not protocol considerations, they're that they're they're uh they're operational considerations and we can't guarantee that the relay server will will do any of them. So um the um I think the the the privacy goals are for protocol design and so and so like.

J

If we think the real server, for instance, should not have the identity should not be able to persist at any central receiver, then we have to have to deny it that identity not not tell about the story right. um So um so I think like just in general. Probably these two need to be rephrased in some way um that that is more protocol-oriented.

J

um I'm looking at the left-hand side of this diagram.

D

uh I just think.

J

um Yeah, I think this and then on the um on uh on the on the lower right hand, one allow center and device to quickly perform around multiple communications. I think we're gonna need some more um some more understanding of what this context really means. um So I just like just you know, relooking your draft, I see you know diagram. One which involves a run.

J

Trip between you know involves around trip and start does not evolve around trip and diagram, two which doesn't evolve around trip and trying to flesh out like what, um in some requirements, language what's acceptable in those cases and- what's not, I think, is probably important, um so I mean just a concrete example. You said initially that they don't be online at the same time and they sort of said later and then, but then they share the thing with around trip, but those are a little confusing right, because um uh exactly what exactly? What the?

J

What the capabilities are, it needs to be flushed out a little bit. um So I'm not sure that goes, but somewhere.

B

So um did I hear you correctly? Did I understand you correctly eric that you would be willing to sort of provide a couple of some suggested language.

J

um So I I guess I I'm going to buy a pr. My pr is going to be removing these first. The second two bullet points. The last two bullet points under privacy calls um and maybe replacing them with some language about like denying information. Yes, I can find some stuff, um this lower right hand, one. I think the proponents have to like help out with, because I don't quite I just I still like struggling.

J

I guess with like what the communications requirements of this channel are um in particular, like you know, it's like the solution is extraordinarily different, if I, if like, if like I'm, always willing to have at least one round trip between between the sender and the receiver and versus I'm not, and so I think would understand what that like what what has to work under both cases. You know, um I think it's gonna need to be fleshed out somehow. But it's not it's not a charter issue perhaps, but we'll need it eventually.

B

But yeah, I agree some of the language here. It kind of approaches more like a requirements draft rather than a shorter text, but it the question is whether maybe removing charter text in order to clarify it and in order to make it sort of more clear. It could also be a good thing, um and um I I think, we're at the point in the timeline here for for today that we're not going to be able to fully bang all of this out.

B

So, like finalizing the charter on on sort of on online, I think it's a good idea. What do you think sean.

A

I I haven't heard it. I don't think anybody willing to get to the microphone to be like this horrible go away. This is the absolutely wrong thing to do so. My advice to the area directors at this point is that you know wherever this is wherever the charter's getting banged on, whether it's on github or um uh dispatch or dispatch or wherever the secret mailing list that it moved to that four and basically, we start uh zeroing in what a what a good charter would be for the ist.

B

Yeah, I would agree with that. I think like I again, I'm gonna eric did you? Can we let richard and casey um up to the mic, or did you want to speak more to your point that.

J

Was just another media echo yet again failing to like take me off the queue when I said something nope.

G

Yeah I was just going to plus one shot. That seems close enough that we can workshop on the mailing list.

B

All right sounds good casey.

I

I had a quick question to those of you that have worked more on these work uh working group charters in the past, so a large part of our requirements are that we're trying to make sure we're uh working with these open standards, such as the ccc and everything we're doing complies with those standards that already exist.

I

Would it be helpful to add in references to those within this charter, saying that you know this like, especially for those round trips like these, we are trying to have a solution to transfer in accordance with this open standard that already exists, or is that not helpful.

A

I think it does. I think you can add another paragraph at the bottom and say the other working groups that we will you know interact with, including itfr blah blah blah and also to note that some of the credential we can also um you know, liaison not liaise, don't liaise. um You know communicate with the other um sdos that are developing.

A

You know example credentials, including blah blah, something like that. So you can list a whole bunch of them.

E

I agree.

I

Okay,.

E

Great yeah, I.

I

Asked that mainly because I think that that part of the reason are the protocol, we're trying to design is different than existing ones. It's because we're working within we're trying to make a very generic protocol, but within bounds, I've already been predefined, and I think that makes it so that we're limited to existing, like we can't use as many existing protocols because of these other limits.

I

So I feel like that, helps um explain why we're doing it so we'll definitely I'll make a note of that and obviously see what you guys think when we put it up for review.

J

On this last slide, but um uh I I don't wanna flag, I think probably this last line is not actually appropriate. In this case um often we do start the charter, we're assuming there's gonna, be a given draft, but like I I I distracted a number of good points, but I think it's like also fairly far from like what I think probably is exactly right. Starting point. So I think, like perhaps that's your question for the working group in their initial meetings rather than being defined in the charter link this year.

D

In terms of like the starting point language, we sometimes also see the working pool use whatever draft as input or other variations on the phrasing. I was wondering if you had the thoughts about using it as input, but not necessarily a starting point.

J

I mean, I guess I guess I don't think that that's doing very much. I mean, like the the usual reason. The usual reason to like have this textbook starter is to like foreclose the question of what like foreclose. You know a bunch of like discussions about the overall architecture protocol because we're assuming you're, starting with one thing right and, um and so like. Essentially you have a you know, essentially instant adoption of about rather than a lot of discussion and input needs me to say nothing like like like.

J

Like you know, you know it's gonna, it's gonna use the message of the mailing with this input, so I don't that really helps very much. I think that the question is like. Are we gonna bake? I'm happy to have it, I suppose, but if, if we're gonna, my my objection is to making the assumption that this will be the starting point um and effectively immediately working productive like into the charter, um because I don't think it's quite ready for that. Yet sure.

D

Okay, so maybe it's better to just not mention it is what it sounds like.

B

All right we're down to the last minute here and I think that is kind of it um sean.

B

Maybe a fair summary here is to say that, uh while the charter needs a little bit of work, smithing, there seems to be a pretty strong consensus to to like push this to the isd and recommend forming a working group in some um some sort of near near future and well.

B

There seems to be enough people who want to work on it too.

B

And you're muted.

A

Oh, I think, did I come on. Did I mute we're good? Oh the only thing. I would ask that uh to thank everybody who participated today um for having a nice experimental way to try to run a buff yeah. This worked out.

B

All right, even out of cycle for an itf and a successful moment, both yeah, that's the first for the itf. I think all right. Thank you. Everyone. um Thank you see you all on. Thank you. Whatever the working group is going to be called list, hi.

A

Fred, frank.

S

Yeah.

B

The frank list.

A

All right, ciao.

B

Bye.