►
From YouTube: IETF-ALTO-20230516-1400
Description
ALTO meeting session at IETF
2023/05/16 1400
https://datatracker.ietf.org/meeting//proceedings/
A
A
A
This
is
agenda
for
today's
discussion
and
we'll
you
know,
focus
on
two
working
good
job
and
for
each
job,
we'll
spend
25
minutes
and
to
discuss
what
is
the
open
issue
we
we
already
have
and
what
is
the
issue
we
already
closed
there
and
at
the
end
we
will
leave
five
minutes
to
discuss
the
whether
any
you
know
idea
about
the
security
privacy.
We
can
prepare
for
the
next
interim.
A
A
C
C
This
is
so
this
is
already
so
that's
not
talking
is
used
made
by
the
center
so
each
other
already.
So
we
have
to
get
a
combination
to
get
the
response
to
him
to
after
some
clarifications
about
the
text
and
for
the
Ops
directory
reviews.
So
all
the
comments
are
having
very
progressed
to
have
been
the
response
to
them
and
to
get
the
conversation
for
the
young
data
reviews.
C
C
Ask
for
some
additional
reviews
made
by
working
with
shares.
So
without
detract
the
progress
down,
so
you
can
have
the
issue
ticket
and
just
perhaps
there
are
two
open
issues
to
address,
but
but
yeah
I
think
it's
not
blocking
issues,
but
it's
also
how
these
three
pending
interest
is
just
some.
It
helps
enhancement
about
the
this
document.
Also,
they
have
to
ban
individual
reviews
by
Lewis
and
if
you
address
the
comments,
so
there's
a
link
about
the
how
the
GitHub
issues
so
we
use
databases
to
check
out
the
common
sense
of
the
discussions.
C
C
C
C
A
A
C
D
B
Yeah
I
think
yeah.
The
basic
comment
here
is
that
we
we
don't
need
to
over
specify
that
means
that
if
there
is
no
I
would
say,
link
with
what
we
have
in
the
base
specs,
there
is
no
need
to
to
the
constraints
as
much
as
what
we
have
here.
So
my
recommendation
is
that
to
go,
remove
the
group
and
remove
the
the
current
pattern.
A
D
Very
quick
question
is
the
following:
even
if
you
remove
the
pattern,
I
presume,
you
still
have
a
type
right.
So
therefore
Source
ID
sub
type
string
and
you
specify
lens,
which
is
from
one
to
Max
and
then
you're
gonna
have
the
only
same
thing.
My
question
is
typically
when
you
define
these,
have
things
and
is,
for
example,
here:
let's
really
look
at
it,
and
here
for
the
source.
Id
is
a
string
from
from
whistling
from
one
to
Max,
and
therefore
your
own
name
would
also
be
from
1
to
Max.
D
D
Otherwise
one
is
Max.
Second,
one
also
Max
should
sure
the
first
one
be
Max
one.
Second,
one
will
be
Max
two,
and
if
they
are
the
same
Max
that's
really
mean
eventually.
Maybe
your
name
can
become
Source
ID.
So
typically
you
define
the
philosophy.
I
follow
all
the
time.
I
think
that's
a
that's
one
thing
I
learned
by
by
early
days
in
my
career
when
drawing
a
working
people
like
pohudak
and
so
on,
they
always
argue
essentially
is
a
major
part
program,
language
or
formal
system.
D
You
define
the
syntax
and
the
syntax
trying
to
convey
the
semantic
here.
Do
I
really
get
the
the
reading
that
the
source
ID
and
your
name
somehow
are
related.
So
that's
why
they
have
the
same
moments
and
if
they
have
the
same
lens
then
can
you
define
a
single
one?
So
therefore
that's
a
single
Max
less.
Otherwise,
why
do
they
have
the
same
less.
D
It
depends
on
how
much
semantics
you
want
to
do
right
and
if
you
think,
Source
ID
and
your
name
are
just
typical
identifier,
you
use
just
Define
identify
and
then
they
all
have
same
lens
and
then
eventually
you
all
do
that
and
I
think
that's
the
way
it
works.
Well
here
at
Radio
type
Define.
You
want
to
come
with
a
semantics
and
that's
a
different
one
right
so
I'm,
just
only
here,
I'm
just
trying
to
really
get
today.
Why
are
you
in
single
Source
ID
and
your
name?
D
C
So
this
comments
made
by
the
younger
reviews
in
every
type
you
use
the
module.
You
need
to
despise
it
by
this
semantic
on
the
description,
yeah,
so
I'm
gonna
start
adding
a
girl
name
yeah.
Even
they
have
the
same
encoding
format
but
the
the
usage
of
them
in
the
different
context.
So
we
have
a
different
Technologies.
You
need
to
use
a
description
statement
to
inside.
D
Sure,
even
I'm,
fine,
for
example,
then
I
probably
I-
would
Define,
for
example,
Source
ID
rhodium,
clearly
as
some
kind
of
what
they
called
L
value
right
and
left
hand
side
value.
They
Define
some
kind
of
identifier.
So
therefore
problem
maximum
lens
would
be,
you
know,
identify
a
name
Max
identifier,
less
and
then
your
name
also
similar,
because
you
can
also
have
maximum
lens
from
the
buffer
side
right
and
you
can
have
a
variable
name.
You
can
have
the
value
which
can
be
longer.
B
Yeah
yeah,
Richard
I
think
the
problem
we
have
here
is
that
we
don't
have
any
alternative
text
to
put
there
to
constraint.
I
would
say
the
the
semantic
not
the
format
of
this
is
to
type.
So
we
have
two
options
where
we
go
back
to
what
we
have
in
the
formal
design.
That's
simply
said
that
the
source,
ID
and
the
rule
name
are
just
strings,
but
the
problem
is
that
the
young
doctors
and
with
the
best
practices
for
iOS
certified
engineering
models.
E
B
That
you
will
have
the
same
max
value
between
here,
the
source,
ID
and
the
role
name.
All
what
it
says
is
that
it's
can
be
a
language
start
from
one
to
the
maximum
of
the
allowed
type
and
the
type
is
the
string.
So
the
question
for
us
here
in
the
for
the
working
group,
whether
we
should
we
add
something
more,
which
is
not
today
in
the
in
the
specifications
or
can
we
just
simply
see
that
yeah?
This
is
the
minimum
we
can
do.
B
We
don't
know
if
there
are
other
constraints
and
then
we
can
leave
it
for
for
the
future
and
that's
the
the
the
question
we
need
to
answer
today.
Sure
I,
remember
that
we
had
this
discussion
last
time.
In
the
last
interview
and
the
we
had
a
homework
from
from
Jensen
to
to
justify
the
rational,
why
we
have
the
ad
pattern
and
they
don't
know
that
we
came
up
with
a
justification
for
it,
so
I
think
that's.
B
Pragmatic
here
and
move
forward
and
just
remove
the
the
pattern
maintain
the
temp.
That's
that's
always
better
than
the
the
string
for
the
implementation.
You
can
always
do
a
deviation
or
refinement,
and
so
on
and
that's
that's
fine
I,
don't
think
I
think
this
deserves
to
be
I
would
say
more
discussion
that
that
we
have
so
far
for
it.
D
D
C
B
B
B
If
we
have
any
recommended
value,
we
can
we
can.
We
can
dig
it,
but
I,
don't
think
that
we
have
any
random
one
unless
we
decide
to
see
this
yeah
with
the.
If
we
do
a
makeup
parallel
with
the
other
attributes,
we
have
in
the
current
specification
and
we
have
a
maximum
for
those,
let's
use
the
same
Max,
and
then
we
will
have
a
bounded
string
value
there
right,
but
did
we
did
we
did
we
have
this
bounded
for
the
others?
I,
don't
think
so.
D
Okay,
it
sounds
like
if
I
were
Implement
her
all
I
want
to
do,
for
example,
of
course,
and
that
might
be
go
to
the
details,
and
sometimes,
for
example,
if
it
is
I'm
doing
like
a
very
simple
password.
A
young
model
I
probably
need
to
allocated
this
like
a
source
ID
like
giant
vagina
array
right,
that's
kind
of
like
a
weird
yeah.
B
F
B
B
C
B
B
Okay,
so
for
the
for
the
minutes,
please,
if
you
can
just
record
that
we
have
Richard
to
be
coming
to
review
the
duo
in
draft
during
the
the
second
working
platform
that
will
be.
This
will
be
good.
Thank
you
and
thank
you
Johnny
for
losing,
as
we
are
on
it.
Can
we
please
have
two
additional
reviewer
volunteers
for
the
DUI
document.
B
Yes,
we
need
at
least
two
names
so
that
we
can.
We
are
really
I,
would
say
good
or
having
three
three
names
and
three
reviews
from
fresh
eyes,
and
we
are
sure
confident
that
the
the
second
book
of
last
call
is
really
a
repeating
what
what
the
European
roles
so,
please,
if
we
can
have
two
additional
volunteers
that
will
help
us
move
forward.
G
B
G
B
G
A
D
G
G
C
Yeah
for
the
second
opening
Tuesday
about
the
security
consideration,
so
this
comments
also
made
by
Mis.
So
it's
actually
discussing
down
the
GitHub
feature
tickets
and
right
now
we
have
the
early
proposal
about
how
to
revise
it
about
two
parts
like
that:
they
need
to
start
a
proper
yeah,
some
type
of
so
we
need
to
set
and
exam
this
tension
for
the
authentication,
related
data,
node
and
Rhino
I
think
all
the
I
think
is
really
generally
protected
by
the
reusable
groupings.
C
It
is
depart
in
some
other
graphs
that
for
some
choices
defined
in
this
document,
so
it
may
be
argumented
by
some
other
extension
modules.
So
this
will
introduce
some
other
authentication
related
data
nodes.
So
we
need
to
be
carefully
so
when
they
function
modules
Define
this
kind
of
objective
nodes,
so
they
need
to
set
the
number
right
as
time
expression.
So
imagine
this
consideration
some
days,
new
revision
and
another
write
about
for
some
writable
data
notes.
C
C
C
D
I
think
Jessica
here,
you're
really
talking
about
two
different
issues:
security,
authentication,
authorization,
Are
One
issues
and
they
Integrity
or
or
safety
of
system,
is
second
issue,
so
they
are
really
two
very
two
different
issues
and
you
might
want
to
separate
into
I.
Don't
think
they
are
security
considerations.
The
first
one
looks
likely
to
be
security
consideration.
The
second
one
is
more
like
operational
issues
right
and
because
second,
one
really
is
operational.
D
I
do
have
some
more
comments
and
about
the
operation,
our
personal
issues,
for
example
the
feed
interval
and
put
into
what
I
can
understand
right.
For
example,
whenever
you
have
data
type
of
course,
it's
a
young
model
essentially
is
only
defined
the
uses,
standard,
syntax
and
Define.
Something,
for
example,
feeding
table
cannot
be
negative
one
and
that
doesn't
make
sense
right.
So,
therefore,
all
the
value
must
be
valid
and
it
cannot
should
not
be
zero.
D
What's
the
meaning
of
zero
or
what's
the
meaning
of
minus
one
and
so
on
so
I
think
that's
issue
number
one
basically
is
integrity
over
value,
I
know
sometimes
in
real
systems.
What
you
do
is
there
are
two
ways,
for
example,
because
the
feeding
table
oftentimes,
you
want
this
OEM.
So
therefore
you
want
some
kind
of
unless
you,
when
you
discuss
about
operation
issues
is
you
might
have
a,
for
example,
multiple
system,
multiple
or
entities
getting
involved.
D
For
example,
one
part
of
management
comes
from
the
operator,
for
example,
the
you
know
the
the
ISP
who
really
controls
feed
intervals.
So
therefore
they
can
say
that
they
can
set
some
kind
of
upper
bound
and
lower
bound.
You
cannot
be
faster
than
one
millisecond
or
100
milliseconds
per
poly
interval
or
cannot
be
lower
and
so
on,
and
so,
therefore
you
can
put
some
upper
back
and
then
you
might
have
second
entity
which
might
really
go
in
and
modified
variables.
D
So
therefore,
essentially
it
is
hierarchical
policy,
but
essentially
you
Define
operational
or
defined
in
policy.
So
therefore,
the
policy
will
have
some
kind
of
hierarchy
and
higher
level
policies
who
might
Define,
for
example,
some
ring
and
which
constrain
the
second
level
of
policy.
The
second
level
policy
can
be
no
set
by
a
separate
operator
or
separate
entity
or
can
be
really
controlled,
for
example
by
some
kind
of
dynamic
algorithm
right.
For
example,
poor
interval
will
be
adjusted
According
to
some
kind
of
learning
algorithm.
So
therefore,
I
think
those
are
the
issues.
D
I
don't
know
if
you
want
to
go
into
the
discussion
and
you
probably,
if
you
really
want
to
do,
and
you
really
give
up
about
lower
bound
or
whatever
Bond
essentially
is
higher
level
policy
and
lower
level
policy.
So
this
probably
makes
more
sense,
but
you
probably
want
to
clarify
what
was
intended.
Just
only
gave
a
upper
by
lower
ball,
probably
not
a
good
right,
and
what
exactly
is
the
correct
value
of
upper
lower
bound.
C
D
Right
because
basically
interval
Point
table
essential.
Sometimes
they
might
be
different
variables
and
basically
higher
level
policy
is
constraint
to
the
scope
of
second
level.
So,
therefore,
you
might
have
separate
different
variables
and
control
it.
So
at
least
that's
the
way
it
works,
so
operational,
I,
I,
just
I,
would
I
would
suggest
right
and
operational
and
then
allow
safety
so
put
intervals
bound.
You
probably
make
like,
for
example,
controlled
by
one
entity
and
then,
but
this
one
actually
should
be
also
tied
up
with
your
security
policy
right.
B
Just
for
the
context,
so
what
this
section
is
is
trying
to
do
is
to
to
identify
the
I
would
say
in
the
in
the
young
data
model,
the
data
nodes
that
are
sensitive.
That
means
that,
assuming
that
you,
without
making
an
assumption,
how
the
authorization
is
done,
how
the
all
the
I
would
say
your
system
is
set
up,
there
may
be
some
meditation.
Some
vulnerabilities
are
related
to
some
of
the
the
nodes
and
just
giving
you
I
would
say
in
the
chat.
B
To
manage
the
authorization
and
the
I
would
say,
correct
access
and
utilization
of
the
nodes
right,
so
the
we
don't
need
to
be
a
comprehensive
or
exhaustive,
but
only
to
identified
what
are
critical
and
the
one
which
is,
for
example,
displayed
by
Jensen
here
is
about
the
the
pointer
event.
It's
even
if
you
allow,
for
example,
a
range
of
values.
There
are
still
some
wind
liabilities
related
to
it,
because
it
depends.
There
is
no
recommended
value
that
you
can
set
to
be
safe
right.
B
If
you
set
it
lower,
then
you
can
have
more
frequency
in
in
pulling
your
reducers.
If
you
see
it
high,
then
you
will.
You
will
end
up
having
still
data
in
your
in
your
system
and
then
your
all
the
auto
Machinery
will
be
based.
So
even
with
a
branch
we
still
have
a
problem.
If
there
is
I
would
say
a
malicious
user
who
who
is
accessing
to
that?
To
that
to
that
data
so
in
place
we
have
the
recommendation
to
use
secure
means
to
access
to
that.
B
But
in
the
same
time,
we
need
to
pull
out
the
sensitive
I
would
say,
information
that
that
should
be
protected
even
or
without
the
use
of
the
the
the
I
would
say.
The
access
control,
which
is
also
displayed
here
by
emergency
in
this
slide.
So
I
I,
don't
know
which
is
currently
your
proposal
for,
for
the
section
by
introducing
the
the
operational
I
would
say,
parameters
and
so
on.
D
A
The
research
additional
collaborate
actually
for
this
security
section
we
do
have
you
know
templates
that
we
can
follow
young
data
model
security,
template
and
as
a
medical
Library,
we
just
need
to
you
know,
focus
on
young
data
models
that
are
sensitive.
We
identified
insensitive
and
provide
a
you
know,
additional
description.
D
B
C
C
D
Create
a
common
question
and
I'm
like
I,
said
actually
review
a
document,
but
I
haven't
fully.
Would
I
would
talk
about
notification
to
add
for
resource
limits
only
or
you
already
have
notifications
for
other
things
as
well.
For
example,
you
know
it
doesn't
have
to
be
to
be
a
resource
limit
exceeding
it
can
be.
For
example,
people
set
a
notification
value
of
less
than
10
milliseconds
and
therefore
you
should
be
notified.
Someone
might
be
doing
something
then
potentially
dangerous,
so
I
I
will
talk
about
generic
notification
mechanism,
essentially
anything
somehow.
C
There's
some
things
yeah
so
so
because
we
see
some
other
notice,
for
example
the
other
modules.
Maybe
they
already
defined
a
more
concrete,
more
General
Solutions
about
the
notifications.
So
we
can
use
them,
for
example,
that
that
we'd
like
to
mentioned
about
the
not
just
the
resource
limiting
also
some
others.
C
D
F
E
D
Right
so
typical,
for
example,
if
I
were
going
to
use
the
Zookeeper
or
whatever
others
Google
stuff
so
oftentimes,
the
way
it
works
is
and
I
would
basically
use
your
model
as
a
way
of
you
know
like
zookeeper
and
essentially
is
I.
Have
a
overall
structure
and
I
will
link
the
data
to
to
to
the
management
om
system
of
individual,
for
example,
I
I'm
Network,
one
and
I
have
five.
For
example,
Auto
servers
and
I
have
one
branch
or
one
Whatever
brand
for
every
single
server.
D
Whenever
that
server
it
is
connected
that
Branch
will
be
disappeared
and
then
I
said:
okay,
there's
a
alarm
so
therefore
I
will
send
notification
right.
So
that's
a
that's
a
standard
connection,
oriented
design
model
of
Zookeeper.
That's
exactly
whenever
this
information
on
refresh
and
then
will
the
trigger
alarm
right,
trigger
essential
State,
and
so
therefore
you
know
what
happened.
C
A
G
H
For
the
other
reviews,
we
have
at
least
pinned
the
reviewers
and
for
the
Ops
Dr
review
and
for
the
TSB
art
review.
We
have
got
confirmation
from
the
authors
that
they
considered.
The
updates
has
addressed
their
comments
and
for
the
office
they
are
review,
I
think
sun
has
replied
publicly
and
but
for
the
tsvr
Arts
I,
basically
is
in
the
personal
email
to
Bernard
and
he
replied
also
in
personal
email.
So
probably
we
need
to
ask
him
to
basically
respond
publicly
I.
H
Think
that's
the
state
for
the
document
and
as
a
major
road
blockers
here,
I
think
it's
still
the
HP
jar
review
and
super.
So,
let's
intermediate
what
has
mentioned
that
there
are
some
basically
issues
pointed
out
in
the
hpdr
review,
and
so
after
the
next
after
the
last
intermediate
we
have
made
some
updates
I
think
for
some
of
the
comments
they
can
be
addressed
like
by
some
editorial
changes.
For
example,
we
have
proposed
a
list
of
terms
to
define
the
determines
that,
so
we
don't.
H
Basically,
when
we
do
the
specification,
we
we
refine
the
tones
that
we,
for
example,
don't
use
terms
such
as
should
be
like,
and
we
are
using
terms,
for
example,
must
have
the
format
of
I.
Think
that
probably
would
solve
the
problem
or
like
specification
by
example,
issue
and
also
we
have
a
list
of
terms
terminal
defined
in
a
section
2.2
and
that's
basically
we'll
solve
the
inconsistency
of
terms,
issue
and
I.
H
B
H
B
D
Yeah,
we
really
should
add
it
about
Matt.
We
send
an
email
to
Martin
Thompson
times.
We
want
to
have
a
very
quick
chat
with
some
like
within
the
next
one
today,
which
is
an
email,
maybe
like
around
half
an
hour
ago
a
hour
ago,
and
after
he's
also
okay,
and
then
we
can
add
a
paragraph.
Of
course
it
will
be
more
having
discuss
about
why
session
based
it
makes
sense,
it
adds
complexity,
but
it
is
actually
awesome.
B
If
you
suggestion
to
be
made,
please
make
sure
to
yeah
to
to
ship
this
by
the
end
of
the
of
the
week,
so
that
we
can
we
can
follow
the
the
plan
we
had
for
the
second
book
last
call
and
by
the
way
we
also
need
you,
the
three
volunteers
for
the
this
draft
as
well.
So
people
who
are
who
who
are
on
the
I
would
say
on
the
bridge.
Please.
B
F
G
Yeah
I
I
can
also
come
here.
The
some
of
you
guys
already
did
the
review
like
let's
mentioned
I
I,
leave
these
two
documents
prior
to
the
first
working
Google.
Let's
call
I'm
happy
to
do
another.
Well,
it's
challenging
because
it's
only
a
few
days.
I
guess
margin
here
and
but
I'll
do
my
best
to
do
a
review
yeah.
The
challenge
is
the
timing.
D
B
D
B
D
G
F
E
D
Yeah
I
just
want
to
give
a
very
quick
update.
I
would
like
to
write,
of
course,
working
with
ayob
and
Luis
I
want
to
write
up
a
little
bit:
security
and
privacy
analysis
and
a
little
bit
design
as
well,
in
particular
in
the
context
of
multi-domain
domain,
and
there
are
different
secured
privacy
for
some
networks.
They
are
most
important
for
some
other
ones.
For
example
the
CERN
and
LGC
one
they're,
less
they're
less.
You
know
strict
because
they're
relatively
open,
openly
open
public
network.
D
H
H
Is
working
on
some
basically,
some
an
algorithm
called
gradient,
boosting
which
can
basically
generate
multiple
Maps
you
based
on
a
single
Auto
map,
and
then
they
will
still
be
able
to
keep
some
statistical
features
of
the
original
map.
But
then
it
can
basically
generate
some
other
values
than
the
true
value
of
the
map
and
I
I'm
wondering
whether
this
could
be
a
useful
case
for,
for
example,
when
the
clients
may
have
some
privacy
issues
with
the
network.
H
B
No
I
don't
know
comments
on
it,
so
I'm,
looking
forward
to
CD
I,
would
say:
yeah
visited
version
of
the
documents
and
also
the
structuring
of
the
next
entry
meeting,
because
this
will
fit.
The
discussion
will
have
only
your
future
of
the
working
group.
So
please
get
engaging
it.
If
we
want
to
CDM
I
would
say
more
activities
in
the
in
the
future.