►
From YouTube: IETF-SUIT-20230911-1500
Description
SUIT interim meeting session
2023/09/11 1500
B
All
right,
hello,
everyone
and
welcome
to
the
combined
suit
t
virtual
interim,
meaning.
B
Please
let
us
know
if
you
have
any
questions
relating
to
the
net.
Will
foreign.
B
Ers
for
this
meeting
there's
an
expectation
that
that
everyone
extends
respect
and
courtesy
to
other
participants.
D
B
Advance
the
work
of
the
group
for
this
meeting
make
sure
your
audio
and
video
is
muted
unless
you're,
presenting
or
commenting
as
part
of
a
discussion.
If.
B
It'll
help
reduce
Echo
and
other
problems
during
the
meeting
so
for
today
we're
automatically
logging
who's
participating
using
medecco.
But
we
do
need
some
volunteers.
Can
we
get
a
couple
of
people
to
help
us
with
with
note
taking
I,
didn't
have
the
ether
pad
link,
but
you
can
access
that
and
meet
Echo
and
I'll
drop
that
into
into
chat
as
well.
B
F
B
Yes,
thank
you.
Anyone
else.
B
Perfect
thanks
Russ
and
if
we
could
have
someone
watch
the
chat
as
well
and
you
know,
represent
any
any
directions
to
speak.
A
Well,
maybe,
since
this
is
a
combined
meeting,
tea
chairs
anything
else
that
you
want
to
add
in
here
or
either,
if
you
want
to
volunteer.
G
B
B
We
have
the
suit
manifest
extensions
for
multiple
trust
domains.
We've
completed
a
working
group
last
call,
but
we're
working
on
revising
that
draft
I.
Believe
that's
been
post.
That
revision
has
been
posted.
We
have
the.
B
Pursuit
manifests
we've
also
completed
a
working
group.
Last
call.
We
haven't
received
any
feedback
on
that,
so
unless
we
hear
otherwise
we're
probably
going
to
want
to
ship
that
document,
we
have
firmware
encryption
with
suit,
manifests
we're
completing
the
working
group,
Last
Call
on
that
today,
I'm
shepherding
that
one
I'm
working
on
a
shepard
review,
which
I
hope
to
get
in
maybe
later
today,
worst
case
tomorrow.
B
So
those
comments
can
be
considered
as
part
of
the
working
group.
Last
call,
but
there's
been
quite
a
bit
of
work
on
this
draft
as
well
to
address
comments
so
far.
So
many
thanks
to
to
the
authors
there
I'll
verify
as
part
of
my
shepherd
review,
that
all
of
the
comments
have
been
addressed.
B
We
have
secure
reporting
of
update
status.
The
authors
believe
that
the
document
is
ready
for
a
working
group.
Last
call
we're
looking
to
see
if
there's
any
other
comments
on
that
draft.
That
need
to
be
worked
out
before
before
starting
working
group
last
call
so
we'll
be
talking
about
that.
C
B
Completed
a
working
group
last
call:
we
haven't
gotten
a
lot
of
review
of
this
document,
so
we're
hoping
to
to
get
some
additional
comments
on
that
and
we
have
the
T
protocol,
which
also
completed
working
group
last
call
to
teachers
any.
A
Just
I
know
Nancy
wanted
this
to
be
during
the
first
hour
instead
of
during
the
last
half
hour.
This
is
the
agenda
Basher.
We
want
to
rearrange
stuff
and
Brendan
I.
Think
the
thing
that
I
commented
on
was
the
T
protocols.
You
come
after
the
MTI
right,
the
one
the
top
one
on
the
slide
should
come
after
that,
just
because
that's
how
the
slide
was
constructed
and
I
see
Brendan
when
you
submitted
the
slides
in
your
title,
I
didn't
open
them
up
your
totally
put
MTI
first
in
the
title.
A
A
Okay,
I
haven't
seen
the
slides
posted,
yet
so
maybe
or
if
it
is
I
didn't
see
them.
They
may
not
have
been
proposed
in
the
data
tracker,
just
an
email
so
we'll
have
to.
A
Think
MTI
and
T
protocol
should
move
up
on
the
agenda,
I
think
based
on
Nancy
and
Brendan's
things,
and
so
whether
they
go
immediately
before
or
after
manifest.
If
we
don't
have
the
slides
for
manifest
open,
then
we
should
start
with
seven
and
eight
I.
Don't
know
we
just
want
to
make
sure
we
get
to
seven
and
eight
within
the
first
hour
right.
It
doesn't
have
to
be
first
so.
D
A
Be
nice
to
get
through
seven
and
eight
before
Nancy
has
to
drop
in
50
minutes.
B
Yeah,
so
if
there
are
no
concerns,
let's
start
with
MTI
and
then
keep
and
then
we'll
complete
the
rest
of
the
agenda
after.
B
All
right
and
then,
if
we
have
time
left
at
the
end,
we
can
discuss
any
other
business.
C
B
C
C
D
D
Right
all
right
take
us
away,
so
these
are
largely
that
there
was
a
substantial
discussion
on
the
list
following
117.
D
D
We
don't
use
aescbc
so
that
I
think
is
fine.
I
also
I've
added
an
additional
algorithm
identifier
or
sorry.
I've
extended
the
the
way
that
the
the
algorithm
identifiers
are
constructed
because
they
weren't
exactly
complete.
D
So
you
know:
minus
seven,
comma
one
tells
you
a
little
bit,
but
minus
16
minus
seven
minus
25
as
it
goes,
tells
you
each
of
the
algorithm
IDs,
that's
in
use
with
a
particular
profile,
so
that
seemed
more
appropriate
and
I
hope
that
that's
not
going
to
anger
the
teep
folks
so
we'll
find
out
about
that
in
a
moment.
D
I'm
sure,
then
they,
the
suit
pqc
future
profile,
has
been
changed
to
use
AES
256
in
in
both
of
its
well,
both
in
key
wrap
and
in
encryption,
and
the
point
of
this
was
that
HSS
LMS
signatures
are
so
big
already
that
the
the
larger
key
is
basically
irrelevant,
and
there
wasn't
a
256
bit
AES
profile
to
start
with.
This
seemed
like
the
appropriate
place
to
put
it
so
that
that
was
a
request
by
Russ
I
think
originally
I
may
have
that
wrong.
D
I
think
it
was
Russ,
so
that
I've
put
that
in
now
and
I.
I
also
noticed
that
all
of
the
profiles
we
were
using
thus
far
stayed
away
from
ed25519
and
Chacha
poly,
which
seems
to
be
a
popular
combination
for
iot
devices.
So
I've
added
that
as
an
additional
current
profile,
so
as
not
to
alienate
existing
iot
users.
D
I
believe
that
all
of
the
known
issues
with
suit
MTI
are
now
resolved
bar
one,
and
that
is
purely
cddl
editorial
and
and
what
that
is
is
that
there
should
probably
be
a
single
unifying
suit.
Cozy
profiles,
structure
in
the
cdvl
and
you'll
see
that
come
up
later
when
we
talk
about
suit
report
and,
and
that
is
it
for
suit.
Mti
I
I
think
that
now
you
know,
if
I
tack,
that
one
bit
of
cddl
in
I
think
we're
done.
D
Oh,
it
was
not
evidently
Russ
who
had
proposed
that
I
forget
who
it
was,
but
in
any
case
there
appeared
to
be
support
on
the
list.
H
Yeah
I
have
posted
a
mail
to
the
list
about
this
related
to
the
CTR
aspect,
because
it
came
up
in
a
in
a
private
message
sent
around
by
Akira
on
about
the
the
Deep
usage
and
I.
Think
for
for
deep
GCM
is
definitely
better
for
these
trusted
applications
as
a
way
to
protect
them
rather
than
CPR,
so
I
believe
we,
we
would
really
need
one
version
with
GCM
and
the
other
one
version
with,
for
example,
a
CTI
and
the
MTI
algorithms.
D
Friend,
I
think
that's
fine
as
long
as
we
limit
it,
because
I
don't
want
to
get
an
I,
don't
want
the
combinatorial
explosion
that
we
are
likely
to
head
towards
if
we
don't
limit
how
many
options
we
take
on.
So
if
there's
one
particular
profile
that
looks
like
it's
the
the
right
one
for
teep,
then
let's
get
it
in
there.
Otherwise
yeah
I
don't
want
to
to
to
do
it
that
way
and
and
have
it
all
explode,
because
that
kind
of
defeats,
the
purpose
of
an
MTI
document.
H
Yeah
yeah
I
I
see
it
more
as
a
MTI
for
sort
of
a
classical
iot
devices
versus
sort
of
like
the
Deep
use
case,
which
is
focusing
on
on
a
higher
end
devices.
So
that
sense,
it
I
think
it
would
be.
It
would
be
fine,
but
I.
Let
Akira
also
who's,
also
going
to
speak
about
that,
because
he
he
brought
this
issue
up.
I
Okay,
okay,
yes,
a
CTR
is
only
not
it's
not
only,
but
for
encryption
and
DCM
is
able
to
use
for
the
authentication
too.
So.
I
D
I'm
I'm
not
sure
I
understand.
Maybe
maybe
you
can
explain
what
I'm
missing,
there's
already
a
signature
on
the
data.
What.
I
D
I
mean
maybe
that's
a
discussion.
We
need
to
take
to
the
list
yeah
if
you're,
if,
if
this
isn't
the
the
right
time
to
talk
about
it,
but
yeah
I,
guess
I'd
just
like
to
understand
what
benefit
we're
getting
out
of
it.
B
A
So
I
don't
have
a
strong
enough
knowledge
of
the
the
two
to
have
an
opinion
as
to
which
one
is
right,
and
so,
if
you
recommend
the
the
CTR
instead
of
the
GCM,
then
no
objection
but
I
did
want
to
share
that.
There
are
two
things
that
the
T
protocol
uses
this
this
for
and,
of
course,
you
know,
I
agree
with
the
point
that
we
want
to
have
like
for
iot
devices
as
few
as
possible.
A
Right,
you
don't
have
one
thing
for
teeth
and
one
thing
for
rats
and
one
thing:
Pursuit
can
try
to
fit
all
three
different
things
into
say:
a
constrained
device
right
that
doesn't
make
sense
right,
so
you
want
as
much
unification
as
possible,
so
two
things
that
the
cheap
protocol
reference
is
using
whatever
it
is.
A
Okay.
This
is
not
about
what
goes
in
the
Manifest,
which
is
the
third
one
right
right
about
what
would
use
manifest.
So
those
are
the
three
different
things
two
on
the
sending
in
one
on
the
receiving
end
right
and
to
say
what
is
the
right
one
for
all
three
purposes,
because
teep
would
probably
defer
to
Suits
recommendations.
As
long
as
the
understanding
is.
This
applies
to
suit
reports,
potentially
manifests
and
eat.
D
As
it
happens,
I
have
updated
the
suit
report,
security
considerations
referencing.
This
I
would
argue
that
the
suit
report,
particularly
if
it's
being
used
for
attestation,
which
I
don't
believe
it
is
in
OT,
but.
D
Signature
is
critical,
so
GCM
is
irrelevant
in
that
case,
when
it
comes
to
sorry
the
what
was
the
other
one,
it
was
the
suit
the
eat
right
again
with
an
eat
because
it's
being
used
for
attestation,
the
signature
is
critical,
so
the
use
of
GCM
is
probably
irrelevant.
D
So
so
that's
essentially
how
we've
gotten
where
we
are
today
we
have
signed
payloads
and,
as
a
result,
the
use
of
GCM
doesn't
matter.
Quite
so
much
and
I
think
we're
currently
like
I'm
happy
to
change
that,
but
I
want
to
understand
why
I'm
changing
it.
Does
that
make
sense.
H
H
H
C
I
Not
really
just
if
it's
going
to,
if
we're
going
to
have
both
GCM
and
CTR,
the
CTR
is
right
now
in
the
the
it's:
the
represent:
minus
16,
minus
seven,
minus
25
and
minus
six
five,
five,
three
four:
if
it's
for
the
new
way
for
the
DCM,
it
will
be
minus
16,
minus
7,
minus
25
and
1..
So.
D
C
G
Can
you
hear
me?
Yes,
yes,
sorry
having
trouble
with
my
microphone,
I
I
just
wanted
to
relay
on
the
chat
Michael
mentioned.
He
couldn't
take
notes,
since
he
wasn't
understanding
a
cure
suggestion,
so
just
wanted
to
make
sure
that
perhaps
Akira
you
could
capture
that
in
the
notes.
D
C
D
B
All
right,
so
let
me
switch
over
to
the
T
presentation.
B
A
Right
draft
16.
next
slide.
A
Yeah,
so
just
as
a
reminder,
this
has
already
gone
through
working
group.
Last
call
we
have
a
document
Shepard
right
up.
We
raised
two
issues
at
hackathon,
117
and
posted
a
draft
that
referenced
those
two
and
so
we're
basically
dealing
with
any
other
issues
that
get
filed
as
they
get
filed,
while
we're
waiting
for
the
dependencies
to
to
progress,
because
you
see
quite
a
number
of
the
ones
that
I
think
four
of
the
documents
that
from
suit
are,
are
normative
dependencies.
A
So
next
I
think
that
goes
a
lot
of
that,
and
here
they
are
so
here's
the
list
of
normative
dependencies
and
they're
all
farther
along
or
as
far
along
as
the
tea
protocol.
The
last
two
being
the
the
tail
end
right
so
NPI,
which
we
just
talked
about
and
suit
report
which
we'll
talk
about
shortly.
The
hope
is
that
they're
all
getting
to
the
iesg
before
November,
so
that
we
can
discuss
any
AD
review
and
ietf
last
call
stuff
would
be
great
if
we
can
discuss
those
November
meetings.
A
All
right
so
I'm
going
to
talk
about
what
changed
since
the
last
time
that
we
met
in
San
Francisco
next
okay.
So
there
are
two
things
that
we've
presented
at
ietf
117
that
came
up
at
the
hackathon,
the
boy.
We
had
an
implementary
agreement
there
and
we
had.
We
believe
working
group
consensus
that
didn't
change
after
the
meeting,
and
so
everything
that
was
done
for
those
two
was
presented
in
the
meeting
and
made
it
into
the
draft
and
so
I
don't
need
to
talk
about
further.
A
A
Okay,
then
honest
raised
a
point
that
says
this
is
an
editorial
one.
That
says
you
know
how
is
replay
protection
prevented
and
we
should
have
a
discussion
that
just
explains
that
right,
and
so
we
added
the
paragraph,
that's
on
the
screen
and
it's
security
consideration
section
right,
there's
nothing
normative
in
it.
A
But
if
you
look
at
the
diffs
between
15
and
16,
this
is
the
main
diff
other
than
what
we
actually
presented
on
the
screen
at
iitf
in
San
Francisco,
so
I'm
just
going
to
pause
for
a
second
to
allow
people
to
read
it
so
give
me
15
seconds
here.
A
Main
point
is,
there
is
nothing
normative
in
here.
It's
all
things
that
should
be
should
be
obvious
from
somebody
that
understands
the
rest
of
the
spec,
but
if
somebody
is
looking
for
replay
protection,
it's
just
a
summary
in
the
threat
model.
That's
in
there
covers
a
whole
bunch
of
different
threats
in
the
security
consideration
section.
So
this
one
is
new
right.
If
I
don't
see
any
hands
up,
then
go
on
to
the
next
okay,
so
new
issues
raised
since
then
that
were
just
raised
in
the
last.
A
What
two
weeks
this
is
Ken's
ones,
I,
know
Ken
you're
on
here
and
so
feel
free
to
get
into
the
queue.
If
you
want
to
discuss
anything
more
than
what's
on
the
slide,
so
all
right,
so
the
first
one
is
that
that
we
talked
about
eats
and
suit
reports
that
are
created
by
the
TP
agent
and
they're
processed
by
The,
Tam
and
so
on,
and
then
the
in
one
of
the
ones
that
we
discussed
at
117
and
made
it
into
Dr
F16.
A
We
added
the
notion
that
you
could
require
the
Tam
to
a
test.
Before
you
give,
you
know,
say
secret
data
off
to
The
Tam
and
that's
you
know
an
option
that
people
support,
and
so
we
put
that
into
there
about
attestation.
But
what
it
neglected
as
Ken
pointed
out,
is,
it
doesn't
mention,
say,
Suit
reports,
because
if
you
were
to
use
suit
reports
in
attestation,
like
Brennan
said
that
you
know
you
don't
have
to
use
your
reports
attestation.
A
But
if
you
really
wanted
to
you
could
right
and
so
do
we
want
to
allow
or
disallow
the
use
of
things
like
suit
reports.
All
right
clearly
eats
if
you
want
to
have
a
testation,
but
should
you
allow
C
reports.
D
A
And
so
it
does
not
mention
those
that
there's
a
particular
section
that
talks
about
sending
them
and-
and
it's
that
that
whole
section,
including
eats,
implies
that
it
is
only
keep
agent
to
Tam
Direction.
And
so,
while
we
fix
the
wording
of
some
other
sections,
we
didn't
make
the
wording
of
this
one
sort
of
a
agnostic
wording.
As
as
a
reminder
to
those
in
t.
A
We
change
things
like
you
know:
Tam
and
tape
agent
to
keep
implementation
just
for
any
paragraphs
that
could
be
in
either
direction,
and
so
Ken
pointed
out
a
section
that
needs
to
happen
here,
and
so
that
makes
perfect
sense
to
me
and
I
think
we
should
just
do
that
because
it
doesn't
break
anything.
It
just
makes
it
be
more
more
applicable
if
you
want
to
do
that
in
the
other
direction
too.
A
C
A
Okay,
there's
no
question:
no
questions
no
hands
up,
then,
let's
go
on
to
the
next
slide,
all
right.
So
the
next
question
is
remember
that
list
of
all
the
normative
references
Ken
asks.
Do
we
need
the
suit
report
document
to
actually
be
normative,
and
so
can
the
the
top
two
thirds
of
this
is
actually
Ken's.
A
Liberal
quote
in
the
issue
right,
so
you
could
put
a
suit
report
into
the
mesres
claim
of
eat,
and
so
does
that
mean
that
we
need
to
put
anything
or
can
we
remove
it
from
you
can
see
option
one
option
to
an
option.
Three
removes
your
reports
option
from
all
messages,
which
means
the
only
place
you
can
put.
It
is
inside
of
an
eat
inside
of
a
team
message.
You
can't
put
it
in
parallel
to
that
option.
A
Two
would
be
to
remove
the
reports
option
from
the
query,
request
and
query
response,
but
maybe
leave
it
in
some
other
messages
and
number
three
is
leave
things
the
way
they
are,
and
so
I
wanted
to
repeat
my
response
in
there,
which
sorry
I
wanted
to
repeat
the
working
groups
discussion
we
had
before,
at
least
for
my
recollection.
The
rationale
for
the
current
state
is
The
Following.
When
the
attestation
payload
contains
evidence,
the
attestation
payload
is
okay,
you
can
go
to
the
verifier,
in
other
words,
if
you're,
using
the
background
check
model
right.
A
If
you're
using
the
background
check
model,
then
the
attestation
payload
never
goes
to
The
Tam
right.
It's
completely
opaque
right
just
goes
off
the
verifier
and
if
you
were
to
say,
the
only
way
to
get
suit
report
is
through
the
evidence
and
the
background
check
model,
and
that
means
you're
introducing
a
requirement
that
the
verifier
which
you
might
not
have
control
over
has
to
copy
the
stuff
from
the
evidence
in
the
attestation
report
and
the
next.
A
That
is
an
extra
dependency
that
we
didn't
want,
and
so
that
is
why
it's
it's
in
parallel,
because
the
destination
of
the
suit
report
is
the
Tam
or
as
the
destination
of
the
evidence
is
the
verifier.
And
so
that's
the
rationale
for
option
three
but
Ken.
If
you
want
to
bring
up
anything
because
I'm
saying
I
think
we
had
consensus
on
this
before.
But
if
you
have
new
implementation
experience
or
something
like
that,
then
you
know
we
can
discuss.
Is
it
worth
changing
based
on
new
layering,
so.
I
Oh
I
still
have
this.
Yes,
this
was
not
only
about
the
having
suit
report
redundant
in
the
peak
message
and
also
inside
e.
It
was
about
when
we
making
a
draft
I
ran
and
can
always
run
the
cdto
syntax
test,
and
a
suit
report
is
still
having
a
syntax
syntax
era.
So
yeah
it
didn't
Ken
thought
moving
the
suit
report
into
the
eat.
I
Well,
so,
with
us
going
past,
passing
the
syntax
test
for
the
protocol
draft,
but
so
I
I
talked
with
him
and
for
me
it's
okay,
just
having
suit
report
in
this
deep,
deep,
deep
message,
because
that's
how
we
were
discussing
for
a
very
long
time
for
the
historically
for
the
making
the
tip
message.
I
So
the
my
my
thought
is
making
having
a
suit
report
inside
the
teeth.
Messages
is
perfectly
fine
and
and
making
as
a
informative
is
might
be.
Okay,
but
that's!
That's
all
I
have
a
my
thought.
Yes,
nothing.
Okay,.
A
A
B
A
A
I
think
we
did
have
a
discussion,
I'm
thinking
it
was
like
a
year
ago
about
if
we
have
a
teep
specific
suit
example,
then,
which
document
should
a
teach
specific
suit
example
go
in?
Should
it
go
in
a
cheap
document
or
in
a
suit
document
and
I?
Think
at
the
time
like
a
year
ago,
I
think
we
said,
put
it
in
the
teeth
document,
because
it
could
have
gone
either
way
and
I
think
that
was
the
choice
they
made.
So
that's
why
it's
it's
in
here
now.
A
Okay,
if
not,
then
I'm
going
to
claim
that
the
consensus
continues
to
be
option
three
and
that
maybe
a
cure,
if
you're
willing
to
take
the
action
M
to
make
sure
that
the
CDL
is
correct.
Since
you've
been
doing
that
so
far,.
D
D
Say
that
it
there
there
should
not
be
a
faulty
cddl
and
suit
report,
so
I'm
going
to
make
sure
that
there
isn't
and
hopefully
that'll
resolve
the
issue.
D
B
A
B
Also
record
in
the
notes
that
option
three
was
the
preference.
Oh.
A
Yeah
I
see
it
okay,
it
and
if
it's
not
they're,
already
record
that
I'm
asking
Akira
if
he
can
take
the
XM
to
make
sure
that
the
T
documents,
the
example,
validates.
C
A
All
right,
this
is
the
one
that
I
said
in
the
last
presentation.
We
had
to
come
up
and
then
we
had
two
more
minutes
on
this
one.
A
Okay,
so
this
one
is
Ken
filed
the
fact
that
GCM
changed
the
CTR
and
T
needs
to
reflect
that,
and
so
Ken
is
proposing
that
we
just
replace
all
uses
of
GCM
with
CTR,
and
so
this
is
why
this
presentation
needed
to
be
after
the
previous
one,
because
now
that
you've
had
the
other
discussion,
the
proposal
from
the
TP
implementers
is
to
replace
GCM
with
CTR.
Are
there
any
objections.
C
A
A
A
On
the
call
here
right
between
you
know,
can
it's
obesan
myself,
I,
don't
see
Ming,
but
otherwise.
I
think
all
the
other
known
implementers
are
on
the
call
here,
except
for
me,
I.
J
Oh,
can
you
hear
me
yeah
yes,
yep
for
implementing
perspective,
currently
I'm
using
T,
cozy
library
and
it
doesn't
support
I
I,
don't
know,
but
I
is
a
CDR
mode,
so
I
have
to
check
it.
So
yeah
I.
C
J
It
it
is
it
It,
Now
supported,
but
I'm,
not
sure.
So
let
me
check
so.
H
Yeah,
it's
not
supported
because
we
just
we
just
defined
it
like
we
just
worked
on
it,
and
so
the
availability
in
libraries
may
be
a
little
may
not
be
great.
H
The
other
thing
is
I,
so
in
general,
the
attitude
towards
his
confidentiality,
only
ciphers
is,
as
some
of
us
or
some
of
you
have
seen
on.
Amelicus
is
not
great,
so
I
think
we
should.
It
would
raise
some
eyebrows
if
we,
if
we
use
that
sort
of
as
a
preferred
over
GCM,
even
though
we
include
the
signature
on
top
of
the
whole
thing,
it's
it's
so
it's
it's
definitely
worthwhite
to
think
about
it
twice.
In
my
opinion,
even
though
I
can't
see
it
an
attack
and
attack
either.
A
I'll
just
comment,
at
least
from
my
perspective
as
an
implementer
since
I
also
use
T
cosay.
You
know
the
T
cos.
They
didn't
support
things
that
we
already
put
into
T
protocol
in
the
past
and
we're
trying
to
get
T
Cosi,
adding
them
things
like
the
ecgsa
with
kosei
sign
right.
B
Just
to
touch
on
hanas's
comments,
too,
is
there
a
plan
to
implement
this
either
before
ietf
118
or
during
the
hackathon.
H
Yeah
so
well,
I
have
worked
with
Lawrence
on
RDR
encryption
functionality
as
well,
so
we
could
obviously
Implement
that
too,
so
that
that
shouldn't
be
the
show,
stop
at
least
for
the
Cozy,
not
sure
about
other
libraries,
though.
A
Sure
yeah
I
think
we
should
push
to
have
it
be
implemented
before
or
at
the
hackathon
or
whatever.
So
we
can
get
some
implementation
experience
but,
like
I
said,
I,
don't
consider
that
to
be
a
blocker,
but
that's
my
opinion,
but
I
am
an
influenter
and
I
and
I
do
have
the
same.
You
know
dependency
that
you
can
mention
so.
D
Brendan
was
in
the
queue,
yes,
so
just
two
notes.
The
first
one
is
that
AES
GCM
is
AES
CTR.
So
as
far
as
making
AES
CTR
payloads
just
delete
the
tag
when
it
comes
to
verifying
them.
Of
course,
it's
more
complex
and
it
depends
on
your
library
how
it
handles
a
non-verification.
D
D
C
B
E
Said
about
CCM
and
GCM
is
you're
not
supposed
to
return
any
plain
text
if
the
Integrity
check
fails,
and
so
the
libraries
that
do
all
that
are
are
structured
so
as
to
comply
with
that
part
of
the
spec.
And
so
the
ability
to
break
a
image
up
into
chunks
is
an
important
aspect
here
and
it
doesn't
fit
with
a
GCM
and
CCM.
A
I
Yes,
isn't:
oh,
yes,
honestly,
the
initially
when
the
we're
working
which
organism
to
use
in
the
teeth
message
was
so
there
was
no
other
draft
specifying
using
which
organism
to
use
for
the
iot
or
embedded
in
usage,
and
that's
why
yes,
I
jumped
on
on
MTI
MTI
graft
when
was
coming
out
in
in
in,
and
we
going
to
have
what
which
is
AES
or
ecds,
ecdsa
or
eddsa,
to
use
and
for
the
suit
or
iot
device.
I
Then
yeah
deleting
the
what
we're
writing
in
the
tip
message
will
be
redundant.
So
I
thought
it
would
be,
might
be
good
to
delete
in
the
deep
side
and
then
refer
only
refer
an
MTI
MTI
side.
So
I
don't
really
have
more
further
preference
for
me.
A
Okay,
so
what
I
haven't
heard
is
I
haven't
heard
objections
unless
I
missed
them
to
the
authors
or
the
editors
at
the
T
protocol,
spec,
making
the
change
that
Ken
proposes
here.
So
we
can
ask
again
on
the
list,
but
here
I've
heard
of
a
implementation
questions
and
can
get
stuff
done
and
and
so
on.
But
I've
only
heard
technical
reasons
why
to
make
the
change
and
so
I
think
we
can
go
ahead
and
do
this
in
the
next
one
unless
people
object
so.
C
The
list
there
was
a.
B
There's
a
placeholder
in
the
notes
around
providing
a
link
to
the
cozy
discussion.
Brenda
and
honest.
Could
one
of
you
plug
that
link
in.
A
All
right
so
then
there
was
a
question
about.
Is
there
anything
else
to
be
to
be
done
because
our
goal
was
to
be,
you
know
done
by
iagf
118
meaning,
so
we
can
discuss
any
less
things
in
that
meeting
and
so
I
guess
here:
I
wanted
to
open
up
to
Hana.
Since
honest
you
filed
a
couple
of
issues
here.
Is
there
anything
else
you
think
needs
to
be
discussed
in
the
meeting
now
or
is
just
doing
stuff
over
the
list
sufficient
for
the
ones
you
just
found
yesterday
since.
H
So
I
I've
re-read
the
document
very
carefully,
specifically
with
a
focus
on
how
to
do
the
formal
analysis
which
Cory
and
I
volunteered
in
in
another
in
an
irdf
group,
to
pick
some
examples
and-
and
we
picked
the
the
Deep
protocol
because
it's
kind
of
an
interesting
protocol
in
the
way
how
it
works,
and
so
yeah
I,
probably
should
have
noticed
some
inconsistencies
earlier,
but
I
think
the
fact
that
I
was
looking
for
a
very
specific
sort
of
how
should
I
say
that
for
specific
items
in
in
the
description,
that's
why
I
spotted
a
few
inconsistencies?
H
H
Let
me
give
me
the
the
link.
This
was
GitHub.
A
I
didn't
know
if
there's
anything
that
needed
to
be
discussed
in
a
meeting
in
order
to
make
rapid
progress,
because
if
it's,
if
everything
is
just
editorial,
then
we
can
probably
do
that
on
the
list.
But
if
there's
things
we
want
to
verify
consensus
if
there's
open
questions
how
to
deal
with,
but
since
they
were
opened.
What
you
know
24
hours
ago
or
less
or
whatever
I
haven't
had.
H
Yeah
right
there's
one
issue
that
maybe
useful,
like
we
talk
about
encryption
of
three
different
things.
H
One
is
the
the
Manifest
payload
specifically,
and
that
was
the
prime
example
and
that's
already
covered
in
the
suit
firmware
encryption
document,
but
then
there's
encryption
of
the
suit
report,
potentially
and
also
of
the
Eid
and
there
we
can't
directly
use
the
the
the
work
that
we've
done
in
the
suit
firmware
encryption
document,
because
that
relies
on
on
the
on
the
Manifest
and
so
but
the
text
is
what
some
text
India
is
also
applicable.
So
I
created
a
br
to
add
that
text.
H
What
changes
is
is
the
context
information
structure,
because
we
are
encrypting
different
things,
so
I
believe
I've
covered
the
respective
text
for
the
eat
in
the
Deep
document,
but
the
for
the
suit
report.
That
text
would
have
to
be
copied
and
adjusted
in
the
suit
report
document.
Ideally,
that's
my
understanding,
because
I
think
the
it
itself
doesn't
explain
how
the
encryption
really
works.
A
It's
the
last
link,
I
just
pasted
in
I.
Don't
know
if
you
want
to
project
it
on
the
screen.
Just
briefly,
I,
don't
know
how
much
time
we
want
to
spend
on
this
compared
to
the
other
suit
ones.
But
since
this
is
a
joint
interim
and
this
is
we
thought
that
all
technical
issues
were
closed
and
we're
just
doing
editorial
passes
here,
but
if
there's
any
technical
ones,
then
this
is
the
T
part
of
the
meeting
before
Nancy
drops.
B
C
H
Yeah
chat
window
I.
H
H
Yeah,
it's
it's
369
X
for
esth,
go
to
the
top.
C
H
Yeah,
it's
not
a
dramatic
amount
of
text,
but
you
need
to
say
something:
I.
H
I
I
so
I'm
happy
to
like
to
adjust
the
deck
stores
to
cover
suit
report,
but
since
we're
working
on
in
the
group
on
suit
report,
I
think
it
best
fits
there
and
they
are
in
this
text.
I
for
eat
and
I.
Think
the
same
is
applicable
to
suit
reports
as
well
is
is
just
to
focus
on
a
key
exchange
that
uses
public
key
encryption
and
we
have
EST
for
that.
So
why
not
reuse
that?
D
So
I
I
have
added
more
text
regarding
encryption
in
the
suit
report
and
some
cddl
to
back
it
up.
I'm,
not
sure
if
this
is
going
to
to
cover
the
situation
that
honest
has
encountered
or
not.
Essentially,
what
I've
done
is
reused.
The
suit
MTI
profiles
to
to
construct
a
suit
report-
that's
Integrity,
protected
and
confidentiality
protected
are
all
optionally
confidentiality
protected,
I'm,
hoping
that
that
will
help
for
this
situation,
but
it
might
not
so
I'm
sure
we'll
get
to
that
in
a
few
minutes.
A
Yep
so
I
guess
just
a
call
for
T
folks
to
review
the
mostly
editorial
prayer
request
that
Thomas
just
posted
I'll
take
an
exam
to
do
that.
A
But
anybody
else
is
welcome,
but
that
unless
there's
any
other
comments,
then
maybe
you
want
to
go
back
to
the
suit
part
of
the
agenda
to
go
through
the
slides.
If
we
finally
get
to
the
end
and
there's
bills
still
spare
time
which
I'm
guessing
there
won't
be.
But
if
there
is
then
we
can
always
come
back
and
look
at
some
of
the
editorial
prayer
requests
from
honest.
So
is.
B
This
yeah
I'm.
B
Slides,
do
you
want
me
to
Advance.
A
B
B
H
Okay,
next
slide,
so
talking
about
the
suit
manifest
honestly,
you
want
to
turn
on
any
video
I
could
I
could
indeed.
H
You
can
see
me:
okay,
perfect,
yeah,
so
quick
update
on
this
so
Roman
in
case
you
missed
it,
provided
a
very
detailed
review
of
the
suit
manifest
and
I
guess.
We
have
to
be
quite
thankful
for
his
in
detailed
comments.
H
H
Here's
a
kind
of
a
screenshot
on
some
of
the
issues.
It's
nothing
there's
nothing,
no
sort
of
stopping
comments
in
some
sense,
I
think
he's
asking
for
more
text
clarifications
in
most
parts.
H
So
that's
definitely
after
addressing
all
of
those
I
think
we'll
have
a
much
more
readable
document
in
the
end,
they
are
also
what
I
noticed,
and
we
also
have
a
few
old
comments
and
if
there's
time
in
the
meeting,
we
should
have
a
quick
look
at
them,
or
or
at
least
Dave
and
Ken,
just
double
check
whether
you
still
find
these
older
comments,
they
were
from
last
year
whether
they
are
still
relevant
and
if
not,
we
should
sort
of
clean
up
the
GitHub
issued
list.
Essentially,
okay,
next
slide.
B
Can
tape?
Are
you
willing
to
volunteer
to
do
that.
F
H
All
right,
thank
you,
yeah,
so
I
think
what
what
is
still
needed
is
to
address
the
other
open
issues.
Brightness
on
the
call
had
spoken
to
him,
Hank
and
and
in
the
orbit
is
not
they
are
not
on.
The
call
unfortunately
haven't
been.
They
haven't
been
active
for
a
little
while
now
didn't
respond
to
my
emails
on
this
issue.
So
I,
don't
know
so
we'll
have
to,
among
the
authors,
make
sure
that
we
get
those
issues
resolved
and
and
make
the
document
more
readable.
H
Okay,
next
one
so
I
was
trying
to
find
out
whether
there's
anything
specifically
I
could
present
and
discuss
during
this
meeting,
but
there
wasn't
really
anything
besides
wording
improvements,
okay,
but
that
doesn't
mean
it
takes.
No
time
like
you
can
easily
work
a
day
on
on
improving
the
the
wording
of
the
document.
H
B
H
Yeah,
so
we
had
last
at
the
last
IDF
meeting,
we
talked
about
this
document
and
we
decided
that
we
want
to
change
the
context.
Information
structure
and
Lawrence
and
Ken
have
worked
on
on
the
implementation
path,
learns
on
the
update
in
the
D
cozy
library
and
and
Ken
on
the
Lipsy
suit
Library.
So
we
actually
can
update
the
examples.
I
had
email
exchanges
with
Ken
and
he
provided
they
were
posted
the
description
of
what
he
has
been
doing
on
the
mailing
list.
H
Let
him
speak
in
a
in
a
second
in
the
meanwhile,
with
the
JSF
issued.
The
working
group
last
calls
and
we
reached
out
to
reviewers,
because
if
such
a
document
is
always
complicated
to
get
reviewers,
it's
a
very
specialized
field,
and
so
luckily
we
got
a
few
people
to
volunteer.
Marco
is
on
the
call,
for
example,
Michael
as
well:
Who
provided
excellent
feedback
and
I
included.
H
The
links
here,
I
believe
I
have
addressed
those
comments,
at
least
to
to
a
large
extent
that
Michael
is
really
the
only
came
in
today.
I
just
submitted
the
draft
update
and
and
I
I
hope
it
made
it
to
the
list.
That's
why
and
I
need
to
think
a
little
bit
more
about
how
to
better
summarize
some
of
the
key
points
that
he
raised,
but
I
think
with
version
15
I
think
there's
a
much
better
readable
version
based
on
those
leave
your
comments,
so
it
was
really
good.
H
H
H
Yeah
yeah
I
wanted
to
get
this
moving
forward
because
it
has
been
a
while
already
we've
been
changed
it
many
times.
We
worked
on
implementation,
so
it's
good
to
get
it
done.
Ken.
Do
you
want
to
talk
a
little
bit
about
the
updates
you've
made
on
the
examples
and
the
implementation.
J
Okay
and
not
so
much
but
I,
want
to
provide
a
YouTube
verify
the
example
manifest
so
because
my
my
code
is
so
complicated
because
it
includes
a
lot
of
features,
so
I
want
to
focus
on
so
anyone
can
verify
the
example
so
give
me
a
time
to
implement
it.
Yeah
I
want
to
create
simple
code
to
verify
the
Manifest
yeah.
H
Thank
you,
yeah.
That
would
obviously
be
be
excellent.
Yeah
there's
one
change
that
Ken
has
been
making
we've
been
discussing
this
off
list,
which
was
related
to
the
as
key
wrap
example
yeah,
be
in
the
complete
example.
H
We
had
the
as
key
wrap,
but
it
was
protected,
Integrity
protected
using
a
digital
signature
which
is
kind
of
maybe
a
little
bit
odd,
because
the
MTI
algorithm
is
as
key
wrapped
with
with
a
Mac
I'm
protecting
it,
so
that
that
was
the
next
update,
the
other
one
on
the
esch,
of
course,
the
based
on
the
changes
in
the
context,
information
structure
we
and
the
updated
code
in
decode,
so
that
those
examples
had
to
be
regenerated
as
well.
So.
H
It
would
be
good
if,
if
there's
an
easy
way
to
create
the
example
and
verify
them
without
a
lot
of
hassle,
but
yeah
I,
don't
know
how
long
you
need
need
to
have
a
need
for
this.
H
C
H
If
we
also
have
to
the
CDI
implementation
done
and
included.
H
Yeah,
just
as
a
reminder,
what
we
came
up
with
from
is
with
the
context
information
structure
was
essentially
we
had
this.
If
you,
if
you
can
see
the
string
suit,
payload
encryption,
that's
the
part
that
is
tailored
according
to
the
usage
protocol,
so
for
for
the
payload
encryption
using
for
suit
manifest.
This
is
the
the
problem
or
the
string
you
are
using,
but
for
it,
for
example,
or
for
a
suit
report.
H
This
would
be
different
so
to
have
some
distinguishability
and
we
asked
the
identities
from
the
partisan
info
sender
and
the
recipient
as
we
discussed
already
last
time.
So
that
should
be
all
all
great
implementation,
wise
and
also
description,
wise
and
I.
Don't
think
I
messed
it
up,
and
there
was
no
comment
on
on
that.
So,
okay,
next
one.
H
Yeah
address
remaining
working
group
plus
call
feedback.
So
as
as
mentioned
earlier,
that's
on
track.
It
just
got
a
private
review
from
from
synopsis
who
have
been
working
with
in
the
in
Embassy
in
the
in
this
micro
process
of
benchmarking
organization,
and
he
provided
some
further
feedback
which
I
just
received
right
before
the
call
so
I'll
I
will
forward
it
to
the
to
the
mailing
list
and
will
addresses
it
while
I
haven't
read
through
it.
Yet
there
was
no
time
and
so
yeah.
C
H
B
B
B
B
F
Hi
Hannah's
thanks
yeah
I
I'm,
sorry
to
slide
that
in
last
night,
at
the
last
minute,
so
I
guess
I
just
wanted
to
emphasize
one
comment
which
I
think
was
the
only
really
important
comment
that
I
think
others
should
should
think
about.
Is
that
I
think
you
described
five?
F
Maybe
six
I'm,
not
sure
ways
of
encrypting
things,
whether
you
use
common
ceks
or
different
ceks
or
different
keks
per
device
or
not
per
device
or
whether
you
derive
them
from
the
pH
thing
and
on
whether
that's
common
across
devices.
The
other
side
of
that
piece.
F
So
I
I
there's
one
piece
where
I'm
not
sure
if
you're
describing
a
profile
or
not
but
anyway,
there's
there's
between
five
and
six
of
of
kind
of
methods,
and
what
I'm
really
saying
is
that
I
really
think
that
it
would
be
worth
naming
them
clearly,
so
that
people
can
pick
one
I'm,
picking
the
red
one,
the
orange
one
whatever
and
I
think
that
will
help
a
lot
for
the
eventual.
You
know
Security
reviews
who
will
be
you'll,
be
able
to
say
also.
F
F
H
Yeah,
that
was
that
was
a
good
idea.
It
didn't
on
names,
didn't
jump
to
my
mind
instantly,
so
I
I
think
I
have
to
think
about
that
a
little
bit
more.
Also,
the
the
comparison
that
you
were
asking
for
in
a
kind
of
a
comparison
table
for
the
security
consideration
section.
That's
also
something
I
need
to
think
about
a
little
bit
more
I.
H
F
F
If
you
compromise
one
device
right,
you
have
the
encryption
kit
for
everybody
and
and
that's
really
easy
to
State,
and
it
may
be
the
idea
that
we
we
hate
that
thing,
but
actually
it's
an
okay,
that's
okay,
for
some
environments
right
and
for
other
environments,
and
we're
not
talking
about
the
about
the
we're
not
talking
about
having
a
a
symmetric
signing
key
for
the
for
the
the
firmware
right.
F
So
we're
not
gonna
like
we
know,
there's
been
problems
with
certain
vendors
at
one
point
where
you
know
you,
you
basically
took
apart
one
firmware
and
you
got
the
signing
key
for
the
firmware
and
you
could
spread
it
through
their
entire
mesh
Network
right.
So
we're
not
talking
about
that
kind
of
thing.
It's
just
the
Privacy
that
we're
dealing
with
and
there
so
I
think
that
anyway,
that's
what
my
suggestion
is.
H
Yeah
I
know
what
you
mean
yeah,
but
thanks
thanks
for
the
feedback
in
the
second
bullet
on
the
slide
is
about
the
examples
based
on
on
the
new
updated
code.
That
was,
we
were
just
talking
about
with
Ken,
okay,
that
was
this.
B
One
great
I
just
wanted
to
say:
if
anyone
else
has
any
additional
feedback,
please
get
that
in
as
soon
as
possible
within
the
next.
You
know
a
few
days
today,
if
possible
and
honest,
do
you
have
a
sense
of
when
you'll
have
the
remaining
updates
done
and
the
examples
updated.
H
Because
he's
so
like
there
are
two
two
updates
one
is
the
so
the
updates
of
the
examples
based
on
hearing
a
response
test.
Can
you
hear
me,
can
you
hear
me
now?
Does
it
work.
A
A
All
right,
okay,
so
we
should
probably
move
on
to
Brendan's
presentations.
Then.
A
See
Dave
was
the
one
that
had
all
the
slides
loaded
I
don't
have
Brennan
your
slides.
If
do
you
have
them
handy.
D
B
H
So
so
the
examples
I
it's
a
question
to
Ken
I
think
Ken
should
answer
that
and
on
the
on
on
the
feedback,
it
depends
a
little
bit
on
what
further
feedback
will
arrive.
So
Roots
feedback
is,
is
the
next
one,
but
then
there
may
be,
like
other
people
may
have
additional
feedback
which
I
still
need
to
address.
So
if,
if
it's
only
put
feedback,
I
think
I
can
wrap
that
up
this
week,
but
yeah.
B
Okay,
but
within
the
next
few
weeks
it
sounds
like
can
any
thoughts.
B
Was
I
was
asking
about
updating
examples?
Honest
referred
to
you.
J
Oh,
maybe
I
don't
need
to
update
the
current
example,
but
if,
if
we
use
as
CTR
mode,
it
may
take
more
than
two
weeks
so
yeah,
maybe
after
that
I
I
can
get
some
reviews.
J
B
Looking
at
like
end
of
September
ish,
yes,
okay,
all
right!
Thank
you,
Brendan.
B
C
D
C
D
So
Ken
created
a
delegation
example
which
We've
added
in
we
got
reviews
from
harness
and
David
Brown.
There
was
a
question
raised
around
the
title
specifically.
Is
this
really
about
trust
domains?
I?
Think
honestly,
that's
mostly
a
philosophical
distinction.
D
I
think
that,
depending
how
you
look
at
it,
trust
domains
can
mean
more
than
one
thing
and
I
was
trying
to
to
group
the
various
extensions
to
the
suit
manifest
around
common
cases
and
and
that
the
the
contents
of
this
document
were
mostly
around
trust
domains
being
whether
those
are
trust,
domains
on
device
or
trust
domains
of
authors.
I,
guess
that's
essentially
the
difference.
D
If
there's
a
possibility
for
a
clearer
title,
I'm
happy
to
change
it,
but
I'm
not
really
sure
what
that
would
be.
Be
hannes
pointed
out
that
the
the
information
around
use
cases
was
really
important
and
needed
to
be
up
at
the
beginning
in
the
introduction,
so
that
people
could
understand
what
this
draft
was
for.
D
So
so,
specifically,
these
are
the
the
questions
around
the
use
cases
for
dependencies,
so
I've
moved
that
up
to
the
introduction
now
and
and
put
a
reference
in
in
the
dependency
section,
I
think
there's
there's
one
outstanding
question,
which
is
whether
the
delegation
chains
are
adequate
and
whether
they
are
overlapping
properly
with
cwt
and
x509
delegation
chains.
D
Now
Hannis
mentioned
that
the
the
x509
one
is
in
particular
contains
quite
a
lot
of
text,
whereas
what's
in
this
draft
is
extremely
abbreviated
by
comparison,
the
intent
here
was
that
this
should
just
be
a
list
of
certificates,
whatever
certificate
means
in
this
particular
case,
where
each
is
authenticated
by
the
next,
so
it
wasn't
intended
to
be
a
complicated
thing
and,
and
if
this
isn't
appropriate,
then
I
think
we
need
to
address
that
now.
D
D
D
As
I
said,
it's
just
a
list
for
each
certificate
authenticates,
the
previous
one
up
until
you
find
a
trust
anchor.
If
there's
any
feedback
on
that,
that
would
be
really
good.
I
think
that's
the
end
of
what
I've
got
for
trust
domains
at
the
moment.
So
if
that's.
H
B
All
right,
I
don't
hear
any
I
guess
Brennan.
We
need
to
take
that
question
to
the
list.
B
All
right
next,
we
have
suit
reports.
B
B
No
one
Minds
I
would
like
to
talk
about
that
since
there's
a
teeth
requirement
on
that
we'll
do
update
management
next.
D
That
sounds
good
to
me
all
right.
So
again,
Hannah's
had
a
a
comment
on
this,
which
was
that
there's
not
enough
information
in
there
to
ensure
interoperability.
If
the
report
containers
so
I've
added
a
cozy
profile
for
containing
reports,
what
I
mean
by
a
cozy
profile
is
essentially
this
thing
where
you
and
two
cozy
structures
together
and
I,
think
this
is
where
I
I
mentioned,
that
suit
MTI
is
probably
missing
a
unifying
declaration
for
all
the
profiles.
D
Next
slide.
Please.
D
Oh
wow,
that's
incredibly
small
I
thought
it
would
be
bigger
so
that
that's
just
the
the
definition
there
that
I
had
mentioned,
but
essentially
all
that
it
says,
is
that
the
there's
a
cozy
sign,
one
I,
I
I'm,
not
sure
I
couldn't
come
up
with
an
a
reason
for
having
more
than
one
recipient
available
for
a
a
cozy
signature
or
a
oracosem
Mac.
It
only
made
sense
to
me
to
to
to
sign
up
for
the
verifier
if
that
makes
sense.
D
So
that's
what
I've
done.
If
there's
an
objection
to
that,
then
it
would
be
good
to
know
that
there's
a
use
case
for
using
cozy
sign
rather
than
cozy
sign
one
or
for
using
cozy
Mac,
rather
than
cozy
Max
zero.
D
What
I've
done
here
is
essentially
just
said
that
the
payload
has
to
either
be
a
a
b
string,
wrapped
suit
report
or
a
b
string
wrapped
cozy,
encrypt
and
I
put
clarifying
text
in
the
draft
to
explain
that
the
Cozy
encrypt
0
should
only
contain
a
b
string
wrapped
suit
report,
as
it
the
well
the
encrypted
version
as
its
ciphertext.
D
A
Okay,
are
there
any
comments
or
anything
else
on
suit
report?
I
think
that
was
your
last
latency
report
right,
yeah.
D
Has
any
commentary
on
whether
this
would
be
helpful
in
resolving
the
issue
that
he
raised
against
Heat.
H
Yeah,
hey
Frank,
that's
definitely
better,
but
I
still
think
you
need
to
copy
that
text
in
the
happy
to
create
a
pull
request
to
your
repository.
To
specifically
like
it's
it's
not.
This
is
not
a
huge
amount
of
text
like
we're
talking
about
maybe
two
paragraphs
here
to
just
add
the
necessary
text,
to
get
the
to
sing
out
the
the
use
of
esdh
and
to
change
the
context,
information
structure
and
then
I
think
you
are
done
because
yeah.
D
You're
right,
I,
don't
have
the
context,
information
structure,
I
do
effectively
have
esdh
and
the
reason
I
say
that
is
because
I'm
pulling
in
the
suit
MTI,
which
means
you'll
already
get
ESD.
D
D
The
does
the
ask
to
share
slides
system
work
in
this
scenario,
or
do
I
need
to
share
my
screen.
D
Answers
my
question:
brilliant
that'll,
be
it
perfect?
Now
we
have
to
find
where
it
starts.
Let's
see
there,
it
is
okay,
good,
so
yeah.
This
is
a
really
short
one.
There
were
a
couple
of
missing
keys
for
override
multiple
and
copy
params
I'm,
hoping
that
this
will
resolve
the
remaining
outstanding
issues.
I'm,
not
aware
of
any
further
ones.
So
I'm
happy
to
have
this
progress
to
working
group
last
call
if
no
one
has
anything
else
to
add.
A
A
So
maybe
we
should
ask:
have
people
read
this
draft
because
you
know
we
we
could
be
done,
but
we
did
the
working
group
last
call
house.
We
get
people
to
read
or
to
say
yes,
I,
think
it's
ready,
so,
okay,
if
we
can
get
a
a
person
or
two
to
just
say
yes,
I,
think
it's
ready
nothing
to
discuss.
Somebody
well.
D
How
about
I
turn
that
around
instead
and
say
Dave?
You
already
reviewed
this
and
we
made
changes
based
on
your
review
to
add
additional
file
permissions
in
addition
to
that
Akira
I.
No,
it
was
The
Cure.
No,
it
was
Ken.
Ken
reviewed
this
one
as
well,
and
Ken
looked
at
it
and
said
spotted
the
missing,
override,
multiple
and
copy
params
keys
and
I
think
he
spotted
a
couple
of
other
things
and
I
fixed
those
in
response
to
his.
Oh,
no.
He
made
pull
requests
which
I've
merged
as
a
result
of
that
review.
D
So
I
know
that
there
there
have
been
review,
but
those
were
a
while
ago.
A
So
I'm
the
document
Shepard
on
this
one,
which
is
why
I'm
kind
of
poking
here,
because
I'm
going
to
do
a
document,
Shepard
write
up
I,
don't
think
I've
done
that
one.
Yet
on
this
one
I,
don't
think
I've
done
the
document,
Shepard
right
up
yeah
so
that
yeah
yeah
I've
not
done
the
write-up
yet
so
that
is
my
next
step.
Is
I'm
going
to
do
the
document
Shepard
right
up
so
I
have
the
action
on
this
one.
A
If
there's
anybody
else
that
can
comment
that
says
yes
I've
addressed
that,
and
that
will
help
me
in
doing
the
document
Shepard
right
up
because
I
don't
want
to
say
there
was
working
class
called
and
it
was
complete.
Silence
right,
I
want
to
say
something
better
than
that
when
I
did
the
document
Shepard.
That's
why
I'm
poking
on
this?
So.
A
So
Brandon,
can
you
remind
me
again
who
was
it
that
you
got
comments
from
on
past
versions?
It
was
me
I
know,
but
who
else
yeah.
A
A
B
A
Anyway,
I
have
the
next
action
item
on
this
one
as
far
as
the
document
Shepard
right
up,
but
anybody
else
that
wants
to
weigh
in
and
says
yes,
it
looks
good
would
be.
Would
help
would
help
me.
A
B
A
Okay,
Ken
you're
still
on
do
you
have
any
thoughts
on
this
one
right
now,
I
mean:
do
you
think
it's
good
I
mean
you
had
comments
before?
Have
you
had
a
chance
to
look
or
should
I
give
you
time
to
just
spot
and
verify
that
your
previous
comments
have
been
addressed.
Comment
question
to
Ken.
J
Hi,
okay,
yeah
I've
tested
the
features
in
this
document.
So
for
for
an
implementer,
the
document
is
okay,
but
I.
Think
okay,
but
there
might
be
some
need
to
be
updated,
so
I
mean
we'll
check
it
precisely
again:
okay,.
D
I
I
guess
I
should
clarify
on
this
one
I,
don't
think
it
can
be
complete
at
this
stage.
I
I
strongly
suspect
that
there
will
be
things
it's
missing
discovered
in
the
future
and
and
if
that
does
indeed
happen,
that's
actually
a
good
thing.
It's
a
sign.
People
are
using
suit
quite
a
lot,
because
you're
not
going
to
find
things
that
are
missing
from
it.
D
If
you
don't
use
it
so
that
that's
I
I
would
not
believe
for
a
second
that
it
is
complete
or
that
we
could
guess
what
it
will
need
to
be
complete
at
this
stage.
A
Is
there
any
reason
to
hold
up
publication
because
you
can
always
do
you
know
addendums
or
you
know,
deltas
and
things
in
a
separate
document
right:
okay,.
A
C
B
E
B
All
right,
well
great
everyone
I'm,
not
hearing
any
other
business
I.
Think
that
concludes
the
meeting
for
today.
Thanks
again
for
everyone
working
on
drafts
and
participating
today,
we'll
probably
talk
with
you.
The
next
ietf
take
care.