►
From YouTube: IETF-PANRG-20220908-1500
Description
PANRG meeting session at IETF
2022/09/08 1500
https://datatracker.ietf.org/meeting//proceedings/
A
A
A
I
will
be
sort
of
tracking
some
of
the
discussion
into
the
hedge
dock,
but
if
so,
it's
like
the
little
note-taking
tool
icon
on
the
thing.
If
there
are
other
people
who
are
in
attendance,
who
could
help
me
out
there?
I
would
very
much
appreciate
it
for
some
reason.
I
don't
have
access,
I'm
not
getting
the
actual
markdown
the
markdown
is
rendered
when
you
look
at
it
on
the
data
tracker.
That
is
possibly
a.
A
If
you
defile
with
the
tools
team,
but
we
will
model
along
so
today,
we
are
talking
primarily
exclusively
about
progress
on
the
the
scion
drafts
and
the
discussion
around
like
how
best
to
engage
with
that.
We
will
start
with
an
update
to
the
scion
component
analysis
draft.
So
this
we
discussed
in
philadelphia
and
remotely
and
in
the
interim
before,
and
then
we
will
dive
into
a
focus
on
the
pki
components
right.
So
if
you
recall
from
the
last
time
the.
A
A
A
C
C
C
All
right:
do
you
now
see
the
slides?
Yes,
take
it
away.
How
do
I,
okay
yeah?
I
was
missing
the
slides
and
somehow
they're
still
not
coming
up,
but
anyways
I'll
get
started
and
see
if
they
they
come
up
at
some
point,
let
me
see
it's
weird,
because
I
I
don't
even
see
the
slice
control
like
in
the
slides.
A
C
C
C
So
just
to
summarize,
where
we
stand
as
of
today.
Well,
we
started
bringing
more
of
scion
to
the
itf
in
general
back
in
vienna,
so
we
had
an
initial
discussion
at
idr
and
at
the
site
meeting
and
we
were
invited
kindly
by
the
chairs
at
panergy
to
also
bring
some
of
the
work
into
the
group,
and
this
is
why,
in
the
last
interim
that
we
had
back
in
june,
we
presented
an
initial
overview
draft.
That
is
meant
to
give
you
a
rough
idea
of
what
scion
is
what
it
does.
C
As
brian
mentioned,
there
were
many
questions
about
this
system.
We
wanted
to
decompose
the
system
into
components
and
that's
why
we
prepared
this
component
analysis
that
we
are
that
we
have
been
updating
and
in
the
end
as
mentioned
before,
then
we
will
look
at
one
of
the
component,
which
is
the
pki
I'm
kind
of
assuming
that
if
you
are
here,
you
already
heard
about
scion.
C
So
I
will
not
say
too
much
just
remember
it
is
this
past
aware
inter-domain
architecture,
its
focus
is
on
availability,
security
and
scalability,
especially
when
it
comes
to
having
adversaries
in
your
network.
It
is
deployed
in
production,
especially
here
in
switzerland.
We
have
the
banking
ecosystem
that
communicates
over
cyan.
C
C
C
Moving
on
to
the
components,
just
to
recap,
what
we
discussed
the
architecture
when
you
deploy
scion
in
an
autonomous
system,
you
have
three
fundamental
components
that
somehow
you
must
deploy
so
going
from
top
to
the
bottom.
We
have
the
pki
that
takes
care
of
authentication
certificates
and
so
on,
and
this
is
what
corrine
will
present
later.
We
have
the
control
plane
that
basically
explores
and
discovers
routing
information
and
disseminates
it
to
the
end
hosts
and
in
the
end
we
have
the
data
plane
that
does
the
actual
forwarding.
C
C
So
I
think
first
of
all,
people
found
the
itf
presentation
a
lot
clearer
in
terms
of
structure
and
thought
organization
than
than
the
draft.
So
this
is
something
that
we
have
been
trying
doing,
especially
for
each
component.
We
have
been
trying
to
clarify
what
the
input
output
relationship
is
between
all
of
these
components.
C
C
We
try
to
look
first
of
all
at
the
properties
that
are
provided
by
these
components
and,
second
of
all,
we
look
at
the
input
and
outputs.
So
we
call
these
input
dependencies
or
what
each
component
needs
to
be
able
to
function,
and
then
we
call
the
outputs
what
is
provided
to
other
components.
So
what
are
yeah
really
the
outputs?
C
C
C
It
requires
some
form
of
communication
between
the
pti
entities
and
it
requires
time
synchronization
so
that
you
can
verify
certificate
and
what
the
pki
does
is
that
it
provides
a
cryptographic
material
to
the
scion
control
plane.
This
is
manifested
into
two
main
things.
One
of
it
is
this
aes
certificate,
so
each
scion
autonomous
system
is
issued
a
certificate
that
is
then
used
to
authenticate
all
the
control
messages
and
pki
also
provides
a
roots
of
trust
that
is
manifested
as
a
trc
and
later
today
we
will
really
dig
into
the
details
of
how
this
works.
C
Well,
that's
the
last
cyan
component
and,
of
course,
as
behind
below
the
data
plane,
you
also
have
applications
on
on
nhos
that,
in
the
end,
are
the
ones
that
are
leveraging
the
past
aware
secure
communication
that
that
is
provided
by
cyan,
and
so
this
is
something
that
that
probably
also
will
require
an
interface.
For
example,
there
were
some
discussions
at
tops,
I
think
about
how
to
expose
path,
awareness
to
the
transport
layer,
and
so
this
is
also,
I
think,
important
to
mention
this
in
in
this
draft,
because
it
is
an
important.
A
Diagram
that
sort
of,
like
you
know,
makes
it
very
clear
that
we
should
be
spending
our
time
talking
about
the
pki
a
little
bit
later,
like
the
agenda
is
correct.
Yay,
the
we
talk
about
sort
of
like
applications
on
the
end
host,
but
in
the
the
situation
where
you're,
using
sort
of
like
scion
for
network
engineering
sort
of
like
for
building
tunnels,
that
the
end
host
is
actually
a
tunnel
endpoint
right
or
the
application
is
the
tunnel
endpoint.
So
this
is
not
just
like
all
the
way
down
like
the
transition
mechanism.
A
C
Good
yeah,
yes,
to
be
honest,
we
usually
use
nhost
as
a
word,
but
the
way
that
we,
I
I
think
personally,
we
should
maybe
talk
about
endpoints.
I
I
think
I
like
the
word
better
and,
to
be
honest,
one
of
the
things
that
I
had
in
the
back
of
my
mind
is
also
at
some
point
to
look
at
the
vocabulary
of
properties
and
try
to
maybe
align
our
our
draft
to
that.
But
I
know
that
there
was
some
work
going
on
on
that
draft
as
well.
C
C
All
right
so
moving
on
yeah.
This
is
basically
a
summary
of
the
dependencies.
I
think
last
time
we
already
had
quite
a
discussion
about
that.
So
I'm
not
gonna,
repeat
myself.
I
do
have
some
slides
from
the
previous
discussion
as
well.
If,
if
we
wanna
dig
into
some
of
the
specific
topics
or
otherwise
yeah
you
can
get
to
the
draft
brian
sorry,
I
see
you're
still
with
your
hand,
raised.
C
C
So
the
idea
there
is
to
mention
what
protocols
are
reused
or
how
cyan
plays
with
those
existing
protocols
and
in
the
cases
where
these
are
not
reused,
we
try
to
highlight
the
differences
or
the
motivation.
Why
why
some
protocols
are
not
reused?
So
when
we
look
at
each
component
individually,
starting
from
the
pki,
we
we
described
quickly
that
it
uses
x509.
So
this
is
somehow
reused
built
on
top
of
it,
but
on
the
other
hand,
we
also
discuss
why
existing
pkis
could
not
be
really
leveraged
without
losing
some
property.
C
C
C
There
are
some
differences,
and
I
think
we
already
talked
about
that
a
bit
last
time,
and
we
also
mentioned
the
relationship
with
rpki
from
a
routing
perspective,
in
the
sense
that
some
of
the
scion
extensions
that
bridge
between
scion
and
ip
actually
build
on
top
of
our
pki
in
order
to
authenticate
prefix,
basically
prefix
origin.
When
it
comes
to
iprefixes.
C
When
it
comes
to
the
data
plane,
we
also
mentioned
how
it
interacts
with
intra
domain
forwarding.
We
also
mentioned
that
in
the
early
deployments,
scion
is
deployed
intra
domain
on
top
of
ipudp,
so
that
it
can
basically
leverage
the
existing
infrastructure
quite
easily,
and
in
this
section
we
also
moved
the
discussion
about
segment
routing.
I
think
there
was
a
topic
of
discussion
last
time.
C
We
did
not
have
time
to
look
deeper
at
how
they
could
be
possibly
combining
details,
but
I
think
that
the
concept
is
still
the
same
as
the
last
time.
The
two
technologies
could
potentially
work
one
on
the
intra
domain,
and
that
would
be
segment
routing
and
scion
on
the
inter
domain,
but
how
the
path,
awareness
properties
of
each
one
of
them
interact
is
still
an
open
question
that
we
have
not
investigated
in
detail.
C
We
were
also,
we
would
also
like
to
start
a
bit
tasting.
What
is
the
mood
when
it
comes
to
potentially
doing
more
work
in
in
the
group
on
some
of
the
draft
so,
for
example,
on
adopting
it,
and
on
this
point
I
also
wanted
to
remind
that.
We
have
also
this
fire
and
overview
draft
that
we
presented
in
the
last
interim,
and
there
was
some
feedback
there,
but
I
feel
it
was
overall
not
specifically
on
the
draft.
It
was
more
about
focusing
on
this
component
analysis.
C
So
that's
why
we
decided
to
create
this
draft
that
I
presented
today,
but
that
draft
is
also
something
that
could
potentially
deserve
some
further
work.
For
example,
we
have
a
section
about
deployment
that
and
experiences
that
I
think
would
be
handy.
We
also
explain
a
bit
the
motivation
behind
science.
We
give
a
glimpse
of
what
the
components
are
so
yeah.
We
would
be
happy
to
get
some
feedback
from
the
group
and
eventually
being
able
to
push
some
of
the
the
draft
draft
further.
A
So
I
think,
on
that
point,
I'm
noticing
that
we
have
11
people
in
attendance
here
today,
which
is
actually
a
somewhat
smaller
group
than
we've
had
at
previous
meetings.
Talking
about
this,
so
I
think
I
would
want
to
take
the
question
on
adoption
to
to
the
mailing
list
and
also
the
question
on
just
sort
of
like
finding
reviewers
for
the
document
who
maybe
haven't
already
seen
it,
take
that
one
to
the
mailing
list
as
well.
A
Obviously,
people
who
are
here
in
the
room,
you
know
if
you
have
not
read
this
document,
please
do
and
some
comments
to
the
list,
but
I
want
a
few
more
eyeballs
on
it.
You
know
with
my
chair
hat
on.
I
want
a
few
more
eyeballs
on
it
before
we.
You
know
before
we
issue
a
formal
call
for
adoption
so
like.
Hopefully
we
can
get
a
little
discussion
going
on
the
list
between
now
and
london
and
we
could
put
that
question
on
the
agenda
for
london.
A
You
would
split
this
up
in
order
to
engage
with
it
in
the
ietf
and
that's
also
sort
of
like
a
work
example
of
how
you
would
do
new
architecture
development
in
the
idf
right
like
so
those
are
like
as
a
work
as
a
worked
example
of
how
to
do
this.
It.
It
actually
makes
sense
to
to
publish
as
an
rg
draft,
that's
an
individual
opinion.
I
want
to
also
discuss
that
either
here
or
on
the
list.
E
E
But
then
it's
up
to
the
ietf
to
decide
whether
that's
something
it
wants
to
standardize.
It's
not
something
where
we
can
say
you
go
go
ahead
and
standardize
this
we
can
say
we
think
this
is
mature
enough
for
potential
standardization.
That's
not
quite
not
quite
the
same
recommendations.
We
just
have
to
be
a
little
bit
careful,
but
but
yes
fundamentally,
I
think
I
agree
with
what
brian
said.
C
Yeah,
no,
so
I
think
I
think
that's
it.
For
from
my
component
analysis,
I
mean
I
have
similar
slides
to
the
ones
that
we
had
last
time,
but
I
think
we
had
a
discussion.
So
if
we
want
to
go
into
specific
topics
we
can
we
can,
but
I
mean,
in
terms
of
presenting,
I
try
to
focus
more
on
the
delta.
I
hope
that.
A
C
C
It
is
important
to
document
what
exists
today,
so
the
goal
would
definitely
not
be
aimed
at
in
the
short
term,
but
it
would
be
being
able
to
somehow
freeze
or
document
what
what
is
deployed
today,
how
science
works
in
in
the
deployment
that
are
around
today
and
then
I
think
this
could
be
used
for
future
work
as
standardization,
but
I
think
it
would
be
good
to
do
it
in
steps.
So
first
get
something
like
this:
it
could
maybe
even
be
an
independent
drafts
or
it
could
be
it
well.
A
C
A
A
E
C
Yeah,
just
following
up
on
that,
maybe
after
the
next
presentation,
when
we
look
at
one
of
the
component,
then
we
can
pick
up
this
discussion
and
I
would
have
a
question,
but
I
think
it's
better
if
we
answer
later
whether
it
would
be
whether
a
detailed
component
description
like
the
pki
would
be
a
better
candidate
for
any
submission
or
whether
it
would
be
more
the
component
analysis.
But
I
would
say:
let's:
let's
go
through
the
presentation
first
and
then
we
can
pick
this
up.
A
A
B
B
As
nikola
already
announced,
I'm
going
to
introduce
the
sign
control
plane
pki
a
little
bit.
I
mean
it's
a
bit
more
detailed
than
than
just
the
overview
of
all
the
components,
but
it's
also,
of
course,
not
not
very
detailed,
very
specified.
In
the
end,
it's
just
more
like
a
summary
of
the
draft
I
submitted
two
weeks
ago.
B
But
the
question
is:
how
can
you
be
sure
that
science
routing
information
is
authentic
and
trustworthy
bertie,
because,
as
we
all
know,
the
internet
is
not
such
a
safe
place.
Parties
are
inherently
distrustful
yeah
how,
and
so,
how
can
we
be
sure
that
information
is
really
sign
information,
and
for
this
the
requirement
is
that
that
the
integrity
and
authenticity
of
the
control,
plane,
messages
and
path
segments
should
be
verifiable,
and
for
this
we
have
set
up
an
authentication
mechanism
which
is
based
on
the
public
key
infrastructure
and
the
purpose
of
the
sign
control,
plane.
B
B
B
Are
these
bytes
yeah?
What
is
its
circles
in
in
within
the
isds
and
these
core
isds?
They
negotiate
a
trust
policy
or
a
contract
which
is
called
the
trust
root
configuration
and
which
is
valid.
For
this
specific
isd,
and
also
important
to
mention
is
that
the
certificate
authentications
authorities
in
an
isd
can
only
create
certificates
for
the
asses
in
this
respective
isd.
B
And
we
think
that
the
sign
control
plane
makes
a
difference
if
you
compare
it
with
other
pki
models,
because
we
have
no
omnipotent
trust
route
or
certification
authority,
and
what
is
also
quite
special
is
that
the
cost,
this
trust
contract,
which
is
valid
for
one
isd
and
its
updates
must
be
approved
by
some
a
special
voting
mechanism,
which
includes
more
than
one
voting
party.
So
this
prevents
one
single
party
to
compromise
the
entire
isd,
and
it
also
enables
multilateral
governments.
B
He
also
hope
that
it
enables
trust
agility,
because
users
are
free
to
select
an
isolation
for
internet
service
provider,
which
is
an
as
a
nas
which
uses
sine
is
part
of
an
isolation
domain,
and
so
because
of
this
users
can
select,
say
the
internet
service
provider.
They
they
want
to
join,
and
they
in
a
way
can
then,
with
this
select
which
route
they
trust.
B
B
So
I
already
mentioned
this
trust
root
configuration
this
kind
of
trust
contract.
This
is
the
trust
anchor
of
the
isolation
domain
and
because
it
holds
the
root
certificates
of
the
isolation
domain's
chain
of
trust.
It
also
facilitates
the
validation
of
bindings
between
as's
names
and
public
keys,
and
it
bootstraps
authentication
within
an
isolation
domain,
and
this
happens
in
a
special
signing
ceremony
where
the
initial
the
base
trust
root,
configuration
is
created,
and
it
also
is
a
means
to
efficiently
revoke
compromised
routes
of
trust.
B
B
B
How
do
you
say
these
certificates
are
used
to
verify
these
other
certificates,
but
the
corresponding
private
keys
are
used
to
sign
these
certificates,
so
the
root
private
key
is
science
to
ca
certificate
and
the
ca
private
key
is
used
to
sign
the
as
certificate
and
then
the
other
way
around.
The
public
keys
are
used
to
verify
these
certificates
and
then
the
asses
they
signed
the
control
plane
messages.
B
B
It
is
scoped
on
isd
level
and
it
transforms
in
a
way
that
potential
distrust
or
possible
distrust
among
different
parties
into
a
mutually
accepted
trust
bond,
and
it
is
important
to
mention
that
not
all
member
members,
member
asses,
do
need
to
trust
each
other,
but
they
shouldn't
trust
the
core
assets
of
an
isd,
the
isd's
certification
authorities
and
the
voting
ass-
and
here
you
see
also
graphically
this.
This
function,
graphically
displayed
like
inputs,
are
these
policy
parameters
and
the
required
keys
and
certificates.
The
function
is
in
a
way,
the
bootstrapping
and
then
later
on.
A
A
Might
this
structure
doesn't
necessarily
have
to
overlay
the
organizational
structure
of
how
all
of
this
is
set
up
right
like
because
there's
the
there's
the
cryptographic
question
of
like
who
has
the
material
to
be
able
to
sign
a
thing,
but
then
there's
also
sort
of
like
the
organizational
structure
of
who
can
tell
the
people
to
sign
things
right
like,
and
how
does
do?
Do
we
get
into
like
the
question
of
what
the
organizational
structure
would
have
to
look
like
in
order
to
make
the
the
the
passive
trust
work?
B
A
Right
because,
like
when
you,
when
you
get
into
sort
of
like
you
know
specifying
how
this
is
going
to
work,
if
you
compare
this,
for
example,
to
the
rpki
right,
the
rpk
has
a
set
of
protocols,
but
it
also
has
a
set
of
practices
and
procedures
at
the
irs,
and
those
are
also
important
for
the
general
trustworthiness
of
the
arrangement.
So
that's
probably
a
different
document.
I
just
wanted
to
to
raise
it.
B
There
is
there
is,
especially
in
the
draft.
There
is
a
bit
more
in
more
detail
described
how
this
signing
ceremony
should
be
set
up,
and
but
there
is
also
a
sign
also
explicitly
at
least
members
of
the
isd,
some
freedom
in
how
they,
how
they
organize
how
they
set
this
up,
and
also
yeah
yeah,
how
they?
How
do
you
say
this?
Who,
who
are
the
voting
asses,
who
are
the
core
asses?
That's
something
they
have
to
isds-
have
to
make
this
up
among
themselves.
A
B
Yes,
so
that's
can
I
continue
okay,
good
so
well
about
the
certificates
they.
As
I
said
already,
they
are
x,
509
version,
3
format
and
base
of
this
rfc
5280,
and
you
already
saw
there
are
three
kind
of
control:
plane,
certificates,
roots
certificates,
ca
certificates
and
as
certificates,
and
they
built
the
verification
chain.
B
So
this
is
more
like
if,
if
a
root
certificate
or
a
voting
certificate
expires
and
has
to
be
replaced
by
a
new
one,
but
in
case
there
are
really
yes
changes
in
the
set
of
core
asses,
for
instance
of
or
if
one
root
key
is
compromised.
That
must
that
it
can
be
possible
to.
There
might
be
a
sensitive
update
where
you
really
replace
a
specific
certificate,
and
this
is
called
a
sensitive
update
and
for
this
unity,
sensitive
voting
certificate
and
these
details
are
all
again
described
in
the
draft.
B
And
this
is
very
shortly
how
a
compromise
certificate
in
sign
can
be
revoked
for
the
root
certificate,
voting
certificate
or
core
as
certificates.
This
happens
through
updating
the
trc,
and
if
too
many
certificates
of
this
kind
of
certificates
are
compromised,
it
is
even
possible
that
a
trc
trust
reset
may
be
needed,
and
this
I
come
back
to
this
a
bit
later
on,
but
ca
certificates
and
also
the
non-core
as
certificates.
They
are
in
a
way
automatically
revoked
because
they
are
short-lived
certificates
which
only
live
for
11
respectively
three
days,
and
then
they
are
reissued
again.
B
B
And,
of
course,
nth
hosts
or
points
are
not.
They
do
not
only
communicate
with
asses
in
their
own
isd,
but
they
also
communicate
with
other
asses
or
maybe
are
even
also
part
of
other
isds,
so
they
need
to.
They
need
access
to
all
these
trcs
of
all
the
entities
in
isds
they
they
communicate
with,
and
the
question
is,
of
course,
how
do
they
get?
B
B
First,
we
have
this
bootstrapping
of
trusts
in
an
isd
where
you
yeah,
the
first
initial
based
trc
of
an
isd
is
actually
created.
This
is
an
in-person
signing
ceremony
and
the
participants
are
a
representative
of
the
is
the
voting
ass,
a
ceremony
administrator
and
a
neutral
witness,
and
they
have
in
advance
of
this
signing
ceremony.
B
B
B
Then
the
parties
which
are
present
present
sign
the
trc,
and
then
it
is
validated,
and
if
this
all
of
this
has
been
has
been
passed,
then
it
is
distributed
out
of
band
throughout
our
isd,
and
so
it
is
also
like.
This
is
not
something
which
is
really
fixed.
Every
isd
can
set
up
this
ceremony
itself
like
the
way
they
they
like
it,
but
of
course
it
should
be
more
or
less
along
these
lines
and,
of
course,
the
trc
itself,
how
it
should
look
like
is
defined.
It's
also
written
in
this
draft.
B
So
in
the
the
output
of
this
ceremony
should
be
a
valid
trc
and
then
also
for
tlc
updates,
especially
sensitive
updates.
You
can
it's
up
to
the
isds
whether
they
will
create
another
in-person
ceremony
or
if
they
do
this
automatically.
These
aspects
are
a
bit.
We
give
the
isd
a
little
bit
freedom
in
how
they
do
this.
B
This
is.
This
is
called
trust
reset,
and
this
is
also
something
which
I
an
isd
or
the
members
of
the
isd
have
to
decide
in
the
beginning
already
whether
they
allow
this
or
not
so
it
can
be.
You
can
set
as
one
of
the
parameters.
You
can
define
a
no
trust
resets.
What
is
it
parameter
and
and
really
explicitly
say
we
do
not
want
to
have
to
have
a
truss
reset,
because
it's
it's
too
much
of
a
hassle
and
too
much
of
risk
risk,
but
suppose
it
happens.
B
B
B
There
is
a
new
trc
which
is
signed
by
a
number
of
votes
defined
in
the
previous
trc,
and
then
this
the
number
of
this
new
trc,
the
ids
of
this
new
trc,
is
announced
in
science
control,
plain
messages
and
even
ais
then
discovers
that
it
does
not
have
this
new
trc,
because
the
trc
it
has
that
the
number
is
is
lower
than
the
one
of
the
new
one.
It
can
fetch
it.
It
can
ask
for
it.
B
It
can
ask
them
how
to
say
the
a
s
that
sent
a
control
play
message
to
get
the
new
trc
and
through
this
mechanism,
the
new,
the
new
trc
with
the
new
truss
roots,
propagates
quite
rapidly
through
the
network,
so
really
within
minutes
or
yeah
in
maybe
in
a
bad
case
in
hours.
But
this
is
this
goes
very
fast
or
relatively
fast.
Maybe
I
don't
so
now.
I
have
like
explained
a
little
bit
in
theory
how
how
this
works,
but
it's
not
only
a
theory.
It
is
really
also
already
deployed.
B
We
have
already
two
industry-grade
implementations
in
switzerland.
One
is
so
this.
The
control
plane
pica,
is
in
in
use
by
the
main
financial
infrastructure
and
service
provider
of
switzerland,
the
sixth
group,
and
if
you
click
on
this
link,
it
goes
to
a
page
of
six
where
they
explain
how
they
use
it.
And
then
there
is
another
implementation
which
is
based
on
the
hashicorp
hashicorp
vault
and
the
design
implementation
company
anapaya
has
also
a
website
where
they
explain
how
this
works.
B
B
A
We
have
like
three
different
implementations:
do
these
interoperate
with
each
other,
like,
as
I
understand
it,
sort
of
like
the
the
like
the
scion
lab
and
the
industrial
code
bases
are
not
yet,
or
at
least
the
last
I
I
I
looked
were
not
yet
sort
of
aligned
with
each
other.
Are
these
implementations
of
the
same
protocol
or
they
worked
examples
that
this
approach
to
doing
trust
root
configuration
works
like
could
I
connect?
A
C
So
as
far
as
I'm
aware,
I
think
the
general
that
this
player
is
incorporable,
but
I
think
there
might
be
some
extensions
that
are
not
part
of
the
core
pki
that
are
not
equally
deployed.
So
some
of
the
extensions
are
only
deployed
on
the
experimental
research
network
in
lab,
but
not
on
the
productive
one.
C
A
B
Yeah
so,
but
it's
in
it's
an
interesting
point.
Definitely
I
mean
okay,
so
so
now,
I'm
already
coming
to
the
end
of
the
presentation
which,
as
I
already
said,
is
very
really
some
some
summary
of
of
what
is
explained
in
the
drafts-
and
I
also
I
mean
nikola
also
also
said
it,
and
I
was
already
even
already
in
discussion
that
yeah
we
have
now
these
three
active
drafts
and
and
yeah
we
were.
We
are
just
thinking
how.
How
can
we?
B
What
would
be
the
next
steps
into
the
possible
adoption
process
and
well,
we
already
discussed
this
a
bit
so
yeah.
Maybe
now
that
you,
I
don't
know
if
anybody
has
seen
the
draft
itself,
I
mean
this
was
only
the
presentation
but
yeah
this.
This
could
maybe
also
be,
for
instance,
something
which
could
go
in
the
independent
submission
stream.
I
don't
I
don't
know,
but
so
this
is
something
we
are
really
you.
You
realize,
because
also
nikola
had
this
question.
We
just
are
figuring
out
how
we
can
continue
from
now
on.
D
Yeah-
this
has
already
been
said
just
not
by
me.
The
word
adoption
here
is
is
really
confusing
and
there
are
very
different
things
that
that
can
be
done
by
an
adoption
and
in
a
research
group.
Adoption
essentially
means
that
the
research
group
thinks
this
is
interesting
stuff.
It
doesn't
mean
that
anything
is
good
or
works,
or
it
could
be
the
basis
for
for
a
major
engineering
effort.
It's
just
interesting
research,
so
I
I
wouldn't
get
my
hopes
up
just
because
this
research
group
thinks
this.
This
is
interesting
stuff.
D
I
said
that
the
proof
will
be
in
the
pudding
in
the
end,
so
I
I
think
that
the
the
fact
that
that
penergy
hasn't
been
talking
about
anything
for
a
few
years
for
a
few
months
already
is
an
indication
that
cyan
is
is
interesting.
So
we
have
already
generated
that
and
how
we
actually
handle.
The
specific
documents
depends
on
what
we're
trying
to
do.
The
ise,
independent
submission
part
is
good
for
one
actor
just
going
ahead
and
describing
what
they
did.
B
Yeah,
that's
a
very
good
point,
because
the
draft
I
also
we
submitted
is
really
a
very.
It
was
a
really
very
first
version
because
we
were
asked
to
submit
some
submit
something
and
we
had
not
so
much
time.
So,
like
things
like
this,
we
definitely
want
to
have
a
section
where
we
do.
You
know
some
kind
of
glossary
where
we
define
all
these
terms,
which
is
now
you
are
totally
right.
B
Yeah,
I
think
you
also,
I
mean
the
point
is
also
that
we
we
have
this
very
broad
question,
because
we
are
just
a
bit
like.
I
think
we
we
are
just
a
bit
trying
to
find
out
in
what
can
be
yeah.
How
can
we
proceed
because
in
the
end
we
have
10
drafts
or
something
and-
and
you
know
we
should-
we
want
to
try
to
continue
in
a
way
with
some
of
the
things
we
we
started
now.
Yeah.
A
As
as
an
individual,
I
will
well
second
carson's
point.
I
think
that
talking
about
terminology
is
something
that
we
do
very
well
here,
and
we
can
do
quite
a
lot
of
it.
Actually,
we
need
to.
I
was
reminded
today
that
we
need
to
get
back
to
our
our
path
properties
vocabulary
document
because
it
expired,
so
that
will
also
be
on
the
agenda
in
london.
A
A
The
looking
at
the
draft
as
it
is
right
now
like
so
like
it's.
It's
sort
of
a
description
of
what's
there.
I
I
think
if
we
go
the
route
of
of
you
know
adopting
it
and
working
on
this
draft
a
bit
more
in
the
research
group
before
we
send
it
somewhere,
it's
going
to
turn
into
a
very
different
draft
right,
like
it's
going
to
be
generalization
of
this
approach,
because
there's
a
lot,
that's
very
specific
about
right.
A
So
I
think
the
draft
makes
the
case
very
well
about
why
you
can't
just
sort
of
lift
and
shift
the
rpki
into
like
a
scion-like
network.
Right
like
this
idea
of
isolation.
Domains
is
fairly
fundamental
and
that
comes
with
sort
of
different
ceremonies
and
existing
pkis.
It
comes
with
different
actors:
you're,
using
a
lot
of
the
same
sort
of
presentation,
layer
and
application
layer
concepts
where
you're
using
x509
three
you
have
like
the
the
the
formats
are
are
interoperable
things
that
we
already
have.
A
We
already
have
experience
with,
but
the
arrangement
of
the
components
is
different,
so
yeah.
I
think
that,
like
focusing
on
bringing
this
into
the
research
group
and
and
talking
about
sort
of
like
terminology
and
generalization
seems
quite
interesting,
I
want
to
have
a
discussion
on
again.
We
have
11
people
here
right
now.
B
E
Yeah,
I
think
I
think
I'd
agree
with
that.
I
think
that
there's
there's
definitely
scope
for
an
interesting
discussion
about
the
different
security
models
and
how
that
and
how
to
interoperate
between
the
different
models
and
what
are
the
trade-offs
and
so
on,
and
I
think
there's
a
bunch
of
interesting
research
questions
there.
E
I'm
not
sure
that's
what
this
this
current
draft
is.
This
seems
more
of
a
description
of
what
what
is
implemented
now
and
I
think
how
to
proceed
that
I
think,
really
depends
on
what
your
goal
is.
If
your
goal
is
to
document,
what's
what
exists
now
as
a
set
of
rfcs,
then
you
know
the
independent
stream
would
seem
like
the
right
way
to
do
it.
E
You
develop
a
standardized
version
and
perhaps
to
understand
which
pieces
you
know
how
to
you
know
incorporate
some
of
the
trust
models
that
exist
in
the
current
internet
and
how
to
interact
with
them
and
standardize
it
and
and
bridge
that
into
the
scion
world.
Then
you
possibly
want
some
combination
of
the
itf
work
and
the
irtf.
B
That
would
be
almost
academically
like
research,
really
about
more,
like
how
you
say
that,
then
you
don't
think
any
more
about
how
it
is
implemented
now.
But
you
you
are
more
like
it's
more
like
almost
on
a
philosophical
level,
not
not,
of
course,
but
more,
like
really
talking
about
models
and
comparing
them
and
seeing
how
they
yeah.
E
I
I
think,
if
you,
the
sorts
of
things,
a
research
group
would
do
would
be
more
on
the
academic
side
she
wants.
You
know,
obviously
it
this
seems
like
something
that
could
be
mature
enough
to
standardize
and
that
would
involve
taking
it
to
the
ietf
and
letting
them
take
change
control.
And
I
would
guess
that
one
of
the
questions
they
would
ask
is
well.
E
How
can
we
interwork
the
the
security
model
of
scion
with
the
security
models,
or
lack
thereof,
that
we
have
in
the
internet
and
there's
going
to
be
some
things
which
are,
I
think,
clear?
How
to
do
it
and
the
standards
world
could
can
advance
that,
and
there
are
probably
some
some
questions
which
would
be
more
on
the
research
side
and
you'd
end
up
with
a
a
bit
of
activity
in
both
the
ietf
and
the
irtf.
E
C
E
B
That's
where
you
want
to
summarize
what
has
been
said,
the
the
two
documents,
the
overview
document
and
and
the
cppi
are
really
describing.
What
what
is
there
now
so
you
this
would
be
more
appropriate
for
the
I,
the
independent
ise
stream
over
is
its
submission
or
and
what
the
the
draft
of
niklas
draft
is
a
bit
more,
maybe
a
bit
more.
How
do
you
say
it?
B
E
Yeah
I
mean
the
draft
you
have
for
the
pka
now,
for
example,
looks
to
me
as
someone
who
doesn't
really
understand
pkis.
It
looks
to
me
like
a
perfectly
reasonable
protocol
spec
and
if
what
you,
if
your
goal,
is
to
document
what
you
have
now
then
publishing
that
that,
as
an
independent
stream
document
would
seem
like
a
reasonable
thing
to
do
right
now,.
B
E
Independent
stream
has
done
that
in
a
bunch
of
occasions.
You
know
company
x's
protocols
do
why
if
the
goal
is
to
bring
it
into
the
ietf
and
turn
it
into
a
set
of
standards
documents,
then
that
might
be
a
starting
point
for
that
process.
But
what
you
end
up
with
might
look
quite
different
after
the
itf
process
is
run.
D
Yeah,
I
just
wanted
to
point
out
that
this
is
not
an
alternative
right.
You
can
go
for
an
ic
publication
of
of
what
you
have
today
and
still
go
to
the
research
group
and
and
ask
for
help
putting
this
in
into
a
more
general,
understandable
framework
and-
and
I
haven't
read
the
document-
so
I
don't
know
whether
it's
it's
ready
for
for
ise
publication,
but
I
think
that
might
be
a
quite
attractive
approach
and
you
can
even
pursue
this
in
in
parallel.
D
E
And
it
may
even
be
that
it
may
even
be
that
all
three
of
these
happen
in
parallel
in
the
you
know,
publishing
what
you
have
now
on
the
independent
stream
while
simultaneously
saying
okay,
there
are
these
bits
which
are
standardizable,
which
we
should
try
and
take
into
the
ietf.
And
there
are
these
open
research
questions
which
we
should
bring
into.
B
B
C
Thanks
all
right,
sorry
we're
in
nothing
room
so
so
yeah.
I
think
the
goal.
What
what
colin
mentioned
makes
a
lot
of
sense.
So
the
goal
is
definitely
to
somehow
document
what
is
existing,
especially
because
because
of
the
existing
deployments
that
I
mean
as
we,
for
example,
before
we
mentioned,
there's
different
pkis.
Some
basically
is
interoperable,
but
some
extensions
are
not
so
clearly
defining
a
boundary
there.
What
is
let's
say
the
per
minimum
would
be
very
beneficial
for
for
those
initial
deployments,
so
that
would
be.
C
I
think
it
would
be
beneficial
to
go
through
the
isc,
but
as
mentioned,
this
does
not
exclude
continuing
the
research
part,
because
there
is
still
a
lot
of
research.
I
mean
also
here
at
ath.
There
is
a
lot
of
research
and,
besides
that,
there's
also
other
people
that
sometimes
join
discussions
here,
mostly
at
banerjee,
but
also
at
other
groups,
because
there's
a
lot
of
research
on
many
aspects,
for
example,
transition
mechanisms
and
so
on
and
of
course,
moving
into
the
itf
for
a
bigger
standardization
work.
C
I
think
this
would
also
be
beneficial
because
there
are
some
engineering
challenges
that
I
mean.
Some
of
them
are
already
addressed
with
the
early
deployments,
but
I'm
sure
there
are
more
where
so
far
things
are
not
very
clearly
defined.
So
I
think
this
would
also
be
very
beneficial,
but
perhaps
at
the
later
stage.
So
I
hope
that
adds
something
to
what
we
discussed
before
I'll
leave
it
to
the
next
in
the
queue.
A
Great,
so
it
it
seems
like
there's
four
documents.
This
is
just
me
thinking
aloud.
This
is
not
me
with
my
chair
hat
on.
It
seems
like
there
are
four
documents
that
should
go
to
the
ise
there's
the
overview,
there's
the
pki,
there's
the
control
plane
and
then
there's
the
data
plane
right
like
so
those
four
specifications
and
those
would
be
sort
of,
like
you
know,
a
an
exposition
on
the
existing
deployments
of
the
scion
internet
architecture
right
and
that
that
set
of
four
documents
would
be
would
form
the
basis.
A
I
think
of
everything
else
that
that
you
all
want
to
do
in
this
space
right
like
so
that's
you
have
a
published
thing.
You
can
point
to
it.
You
have
like
a
a
you're
engaging
with
the
outer
community
and
say
these
are
the
things
that
work.
These
are
the
things
that
didn't.
This
is
how
we
why
we
built
this.
The
way
that
we
did,
those,
I
think,
are
going
to
be
very
useful.
A
Regardless
of
what
like
nicolas
said
like
there
are,
there
are
engineering
challenges
that
would
be.
That
would
be
useful
to
address
in
a
in
a
form
like
the
ietf.
Those
are
all
going
to
push
toward
building
sort
of
like
interoperable
components
like
in
the
component
analysis
where
you
could
actually
sort
of
like
you
know.
I
mean
build
this
into.
You
know
the
actual
next
internet
right,
which
is
the
the
long-term
goal.
A
I
agree
with
with
everything
that
colin
and
carson
said
here
that,
like
you,
don't
have
to
pick
one,
but
I
would
also
say
you
have
a
finite
amount
of
time,
and
I
think
probably
the
place
to
put
the
time
now
would
be
in
refining
the
documents
for
ise
publication
like
getting
something
there
that
you
can,
like.
You
know,
stick
a
pin
in
the
sand
and
say
this
is
where
we
are
starting.
A
At
the
same
time
with
you
know,
my
pan
rg
chair,
head
on
I've,
heard
a
few
things
mentioned
here.
That
would
be
documents
that
you
could
start
in
parallel
and
start
a
discussion
within
this
research
group.
One
is
like,
let's
actually
explore
the
space
of
of
pkis
and
architectures,
that
look
like
scion.
One
is
developing
a
vocabulary
that
is
more
precise
for
dealing
with
with
trust
and
authorization
in
pathway
networks.
A
B
B
A
So
I
think
that
that,
like
something
that
I've
seen
and
I
see
the
queue
growing,
but
I
am
going
to
address
this
one
first,
sorry
chairs
prerogative,
a
thing
that
I've
seen
in
the
the
three
meetings
that
we've
done
so
far
talking
about
sort
of
scion
in
general.
Is
that,
like
every
time
we
have
an
overview
there?
Are
people
engaging
in
this
room?
Saying
that's
an
interesting
research
question.
That's
an
interesting
research
question!
That's
an
interesting
research
question!
A
I'm
I'm
not
sure
it
makes
sense
to
have
sort
of
like
the
development
of
these
ise
documents,
be
a
thing
that
happens
in
the
research
group
right
because
they're
like
it's
for
a
different
thing,
but
I
would
like
to
see
sort
of
periodic
updates
within
pan
rg
on
here's.
What
we're
working
on
right
now
because
like
when
that
gets
presented
in
this
forum
like
every
time
you've
brought
something
here,
you've
gotten
like
feedback
that
I
think
is
useful
to
the
research
community
and
useful
to
yourselves
right
like
so.
A
I
think
this
is
that
part
of
this
this
this.
This
interaction
is
working
very
well
and
I'd
like
to
see
that
continue.
So
maybe
it's
focus
a
bit
on
the
ise
stuff
now
but
give
presentations
about
it
here
and
then
we
continue
having
like
I.
I
hope
that
next
time
we
have
like
slightly
more
attendance
for
the
interim,
I'm
I'm
a
little
surprised
that
we're
only
10
today,
but.
A
A
B
C
Yeah,
I
I
think
I
think
you
already
partially
answered
my
question,
so
it
was
really
about
the
expectations
from
panergy
and
yeah
how
it
should
track.
So
I
think
that
is
somehow
clear
regarding
your
next
point.
You
you
mentioned
maybe
presenting
this
somewhere
at
the
security
area
or
how
would
this
work
if,
if
we
are
also
perhaps
developing
something
with
a
independent
stream,
would
it
be
just
presenting
hey.
A
A
There's
this
document
which
we're
doing
to
the
ise,
but
we're
having
discussions
about
research,
questions
that
this
document
throws
up
right
like
so,
and
we
noticed
that
panergy
is,
is
basically
transporting
routing
geeks
and
we
need
some
security
geeks
in
there
right
like
so
that's
you
know
you
can
send
that
out
to
the
to
the
mailing
list
as
well
right
like
so
the
and
the
idea
is
that
you
get
some
you
get
some
more.
You
get
some
more
eyeballs
on
the
drafts
that
are
going
to
the
ise
right.
A
Like
I
mean
those
drafts
are
still
they're
still
internet
drafts,
anybody
can
read
them
right,
but
you're
being
very
clear
that
hey
no!
This
is
not.
This
is
not
the
start
of
a
standardization
process,
it
might
be
the
basis
of
future
standardization.
This
is
us
documenting
this
for
the
benefit
of
future
research
and
future
standardization.
But
but
you
know
here
are
the
documents,
and
we
talk
about
research,
questions
that
might
pop
up
around
this
in
panargy.
A
Please
join
us
right.
It's
a
little
bit
like.
I
think
you
want
to
send
that
to
the
list
first,
because
I'm
going
to
be
like
very
adamant
that
we
don't
schedule
pan
energy
on
friday,
and
I
think
sag
is
always
on
thursday
afternoon
right
like
so
that
the
timing
might
not
line
up
right,
but
yeah
I
mean
you
can
also
like
I've
done
it
before.
Where
I
go
to
like
tsp
area,
I'm
like
hey,
you
just
missed
a
great
meeting.
Please
join
us
in
the
mailing
list
right.
This
is
like.
D
So
if
we
find
something
here
that
really
can
be
or
should
be
spin
spun
out
to
something
that
that
is
focusing
on
on
security
and
authorization
and
so
on,
we
probably
want
to
discuss
this
in
a
larger
irtf
context.
I
mean
the
result,
could
be
that
we
say:
okay,
that's
still
fine
to
do
in
penergy,
but
that
should
be
the
result
of
a
discussion
and
not
just
the
presumption.
A
Panergy,
I
am
mortally
offended
by
the
the
idea
that
there
are
other
research
groups,
but
I
agree
wholeheartedly
with
you
yeah.
I
think
that
that
yeah-
I
I
don't
want
to
say.
Yes,
we
need
to
bring
everybody
into
pan
energy.
I
I
want
to
say
more:
we
need
to
make
sure
that
we
get
this
in
front
of
the
right.
The
right
eyeballs-
and
I
am-
I
am
happy
again
tear
hat
on
for
this-
to
be
the
default
form
for
those
things,
but
but
yeah.
A
E
E
D
Custom-
I
I
wasn't
talking
about
moving
so
that
the
the
interesting
thing
about
all
these
groups
we
have
in
in
the
iitf
is
that
they
are
all
very
virtual,
so
it's
more
like
pulling
in
other
groups
and
and
making
sure
their
specific
expertise
on
on
some
aspects
of
this
could
be
used.
Obviously,
the
the
the
actual
model
of
of
players
and
and
actors
and
objectives,
and
so
on,
is
very
pathway
specific,
so
so
pen
will
always
be
an
anchor
for
this
activity.
I
was
just
pointing
out.
A
Notetaker,
at
the
same
time,
so
I'm
curiously
typing
over
in
the
corner.
I
will
continue
catching
up
on
that
and
publish
some
minutes
at
the
end,
but
I
went
to
before
you
know,
going
off
and
doing
the
closing
and
giving
everybody
32
minutes
back.
Ask
if
there
are
any
other
points
of
discussion
or
questions
that
people
would
like
to
raise
or
any
other
questions
that
the
presenters
would
like
to
ask
the
room.
A
C
So
maybe
just
in
view
of
london,
I
guess
we
would
just
polish
a
bit
the
draft.
So
if
there's
any
feedback,
maybe
also
if
people
want
to
share
it
on
the
mail
as
well.
I
think
this
could
be
a
thing
and
we
could
perhaps
provide
a
short,
updated
panel
tree
just
to
check
and
yes,
but
I
think
more
than
that
it
would
be
difficult.
We
were
also
thinking
to
maybe
organize
some
something
into
hackathons,
so
people
could
get
their
hands
dirty
but
yeah.
C
A
C
A
That
actually
the
way
things
are
going
in
the
the
ietf
now
you're,
you
might
be
more
successful,
attracting
security
geeks
to
come
and
have
a
look
at
this
by
having
a
hackathon
table,
then
by
showing
up
at
sag
right,
like
so
there's
a
lot
more
a
lot
more
energy
over
in
the
hackathon
side
of
things.
So
I
think
that
is
like
very
good
advice
to
yourself.
C
B
B
A
Yeah,
I
will
I
we
don't
actually
have
the
the
the
request
in
yet.
Actually
one
of
the
things
I'm
going
to
do,
as
I
give
everybody
30
minutes
back,
is
take
some
of
that
time
for
myself
to
actually
go
make
that
happen,
and
I
will
be
you
know
I'll
put
the
please
please,
please,
please,
please
don't
put
due
friday
on
there,
because
I
would
very
much
like
to
be
able
to
go
cherry.