►
From YouTube: IETF-SATP-20230815-1400
Description
SATP meeting session at IETF
2023/08/15 1400
https://datatracker.ietf.org/meeting//proceedings/
A
Foreign
all
right,
so
this
is
the
August
15th
version
of
the
set
P
working
group.
I
am
West
hardiker.
The
chair,
Claire
can't
make
it
today
so
I'm
in
charge.
Sorry
about
that
I
will
attempt
to
take
notes
along
the
way.
But
if
anybody
wants
to
help
the
note-taking
tool
is
always
appreciated.
A
These
are
sort
of
just
sort
of
generic
slides
that
everybody
should
already
know,
but
just
to
remind
everybody,
the
ITF
interim
meetings
are
covered
by
the
note.
Well,
so
hopefully
you
and
your
appropriate
lawyer
should
understand
it
appropriately
as
what
it
means
to
participate
in
the
ietf
and
how.
A
As
contributions
for
the
public
good,
we
have
lots
of
information.
Everybody
knows
all
of
this.
I
still
need
to
fix
that
list
of
drafts.
Those
still
aren't
the
official
ietf
ones.
Sorry
about
that,
and
everybody
knows
our
scope
so
with
that.
The
agenda
for
today,
as
you
know,
is
a
fairly
generic
one
that
we
use
for
the
interim
meetings
and
I
will
actually
stop
my
presentation.
A
So
the
first
step
on
the
agenda
is
really
just
introductions
which
we
just
did,
and
the
second
thing
on
the
agenda
is
really
diving
into
where
the
documents
are
and
any
problems
that
people
want
to
talk
about.
Thomas
has
some
slides
to
share.
Thomas
I
did
not
actually
see.
Are
your
slides
relevant
to
the
discussion
later
that
you
wanted
to
do
or
were
they
relevant
to
nowish,
where
you
want
to
talk
about
the
protocol?
Sorry.
A
A
The
second
button
to
the
right
of
the
hand
in
the
upper
left
looks
like
a
file
with
a
slash
through
it.
Oh
you're,
not
sharing
and
then
I
have
to
click
yes
and
then.
A
A
A
We
will
give
him
a
minute
to
come
back
in
the
meantime.
Does
anybody
else
have
there's
some
that's
actually
back
again,
while
we're
waiting
for
Thomas
Thomas,
you
can
go
ahead
and
share
your
screen.
I
think
it's
probably
the
way
around
that
at
this
point.
C
I
sharing
my
screen
this
time
because
I've
got
okay,
yes,
select
window
or
screen.
Okay,
let
me
just
do
guest
reader.
A
That
be
updates.
We
see
your
okay,
we
see
your
media.
D
A
No
problem
in
the
meantime,
however,
is
there
other
people
that
want
to
discuss
other
topics.
B
A
Besides
the
ones
that
updates
so
does
anybody
want
to
discuss
the
use
cases
updates
or
anything
else.
A
D
About
use
cases,
we
had
two
new
proposals
for
use
cases,
one
by
June
cheese
on
the
call
today
and
another
by
every
Victor
who
created
a
draft.
So
there's
some
a
brief
offline
discussion
happening
and
we'll
soon
take
it
to
the
main
list
and
then
propose
traffic.
Please.
So
that's
a.
A
Very
okay,
yeah
yeah
I
saw
those
and
it
looks
like
you
know,
they're
interesting
things
to
to
talk
about.
So,
if
you
want
some
time
today,
we
can
certainly
do
that
after
Thomas
goes
through
his
update,
slides
I'll.
Leave
that
to
you,
if
you
think
that
there's
content
today
or
if
it
should
just
be
resolved
on
the
mailing
list.
At
this
point.
A
C
Okay,
thank
you
so
so
there's
two
parts
of
these
slides
folks,
my
apologies.
The
first
part
is
just
a
quick
updates
on
the
architecture
and
and
the
issues
that
Jaron
had
brought
up
on
the
GitHub
next
next
slide.
Please
was
so
so
now
architectures
I
think
in
lockstep
with
sat
B
core
I
said
particularly
the
flows.
There
might
be
some
words
that
are
not
exactly
identical,
but
I
think
they're
pretty
much
identical
stage.
C
One
requires
some
specific
parameters
so,
for
example,
things
that
do
exist
already,
so,
for
example,
if
it's
originator,
identity
and
so
on
and
Gateway
owner
identity.
There
are
solutions
out
there,
such
as
x509
certificates,
verified
credentials
and
so
on,
which
is
out
of
scope
for
us,
but
is
there
and
in
fact
it's
probably
not
in
scope
for
sat
P.
However,
there
are
some
things
that
constructs
that
do
not
yet
exist,
which
is
this
one
of
them
being
asset,
Network
identification,
identifier
and
I.
C
Think
over
the
past
two
years,
we've
talked
about
this
many
times,
and
so
this
is
the
second
half
of
the
slides
and
it's
it's
good
I
see
wages
is
participating
because
this
is
kind
of
you
know
pretty
much
his
his
baby,
so
I'm
Only
Happy
to
to
help,
and
the
reason
is
because
number
one
gateways
will
need
to
identify
to
other
external
entities.
You
know
which
network
do
I
serve
and
it's
possible
that
a
Gateway
May
in
fact
simulate
simultaneously
be
serving
two
separate.
Even
unrelated
networks.
C
Okay,
I
know
I'm
I'm
pushing
this,
but
this
that's
probably
an
extreme
case,
the
more
realistic
one
and
I'm
thinking
of
you
know:
DLT
systems
whatever
is
Cosmos,
polka,
dot
and
so
on,
which
internally
have
actual
distinct
sub
Networks.
C
Using
our
phrase
they
call
it
I
can't
remember
what
they
what
they
call
it,
but
so
so
when
you
from
the
outside,
you
have
to
say
well,
which
one
are
you
actually
wanting
to
talk
to
which
subnet
right
and
it's
a
it's
akin
to
you
know-
maybe
an
IP
writing
using
masks
and
so
on
and
and
in
this
sense
using
the
IP
writing
example.
It's
like
the
gateways
is
a
not
net
box,
and
so
you
know
this
is
like
a
you
know.
C
If
you
guys
know
what
the
not
traversal
problem
is
so
so
that's
that's
why
we
need
identifiers,
but
we'll
talk
about
it.
You
know
later
on.
Oh
quick
question
is
it
hands
up?
Is
a
question
yeah.
D
Yeah
thanks,
it
could
come
last
Point
by
sub
Networks
you're
talking
about
an
internet
subnet
right,
not
about
necessarily
a
sub
Ledger.
C
Organization
could
run
a
DLP
that
does
two
separate
things
for
two
separate
sets
of.
You
know
communities,
for
example.
It
could
be.
You
know
yes,
shipping,
Logistics
and
and
finance
right,
and
so,
if
you're
from
the
outside
well,
I
want
to
talk
to
Rama
but
like
which
one
is
he
on,
like
which
transaction
does
do
I
want
to
do
today
with
Rama
which,
which
sub
DLP.
D
Right,
if
you
think
about
the
view,
addresses
that
we
are
trying
to
also
draft
pick
out
there,
we've
we're
trying
to
actually
allow
an
external
party
to
identify
a
one
of
the
internal
ledgers.
So
maybe
we
should
discuss
more,
whether
or
not
I
can
see
the
case
of
both,
but.
C
Yeah
great
great,
this
is
this
is
exactly
the
kind
of
discussion
we
will
need
to
have
because
the
use
cases
you
know
cuts
across
and
you're
right,
I
mean
if,
if
all
these
sub
dlts
the
sub
networks
are
hidden,
then
when
you
ask
for
a
views
report,
you
have
to
say
which
one
right
or
worse,
you
don't
know
which
one
so
you
just
ask
the
Gateway
yeah
right.
These
are
the
challenges:
yeah
yeah,
okay,
good!
We
could.
We
can
talk
about
it
in
this
in
a
few
minutes
Rama.
Thank
you.
A
Up,
yes,
thanks,
Wes
you're
next
okay,
so
some
of
this
doesn't
become
sort
of
Transport
dependent
because,
as
the
protocol
gets
solidified,
there
hasn't
been
much
discussion,
yet
at
least
that
I've
seen
on
what
transport
the
protocol
will
be
used
over
I
mean
we
also
haven't
talked
about.
The
structuring
of
it.
A
A
I've
always
forget
that
acronym
Paul
will
correct
me
in
a
minute
that
allows
you
to
say
this
is
the
entity
that
I
want
to
talk
to,
and
that's
used
specifically
for
cases
like
this,
so
why
I
guess
my
question
is
twofold:
right
is
the
requirements
that
that
fall
out
for
doing
this
inside
of
of
the
SAT
protocol
that
cannot
be
solved
by
one
of
these
other
things.
Note
that
the
other
in
in
the
case
of
TLS.
A
A
C
Thank
you
so
so
next
slide
is
a
set
of
this
is
now
the
still
the
architecture.
Draft
discussion
and
yaron
has
been
terrific
at
in
San
Francisco.
He
was
busy,
you
know,
while
talking
to
me
BC
is
setting
up
the
GitHub
repo
and
you
know
moving
all
the
stuff
to
this
new
GitHub
repo.
So
so
so
next
slide
I,
don't
know
if
you
slide
three,
which
is
a
set
of
questions.
C
So
if
you
yeah,
so
if
you
go
through
the
list
of
issues
there
most
of
it
may
be,
except
for
two
or
three
are
you
know,
text
clarifications
right?
So,
for
example,
a
good
one
is
that
we
we
Nev.
We
talk
about
the
architecture
document
about
device
attestations,
but
you
know
in
passing,
but
we
never
kind
of
say
this
is
mandatory
or
not
so
it's
it's.
We
have
to
I
need
to
fix
this.
You
know
it's
not
mandatory
to
implement,
but
it's
an
option
down
the
road.
C
If
Gateway
operators
want
to
do
that,
I
want
to
bring
everybody's
attention
to
two
in
particular
number
seven
and
number
ten.
So
so
in
number
seven,
the
question
was:
are
gateways
trusted
by
definition,
right
and
I.
Think
the
answer
is,
yes,
I
think
that's
an
assumption
that,
like
you
know,
if
you,
if
you're
participating
in
a
network,
then
the
assumption
is,
you
trust
the
gateways
and
so
the
word
trust
needs
to
be
qualified
qualified,
of
course,
but
in
in
real
life
deployments.
C
E
A
You
need
to
collect
the
little
microphone
and
sort
of
the
upper
left
portion
and
you
should.
A
Oh,
while
we
are
waiting
for
I
haven't
read
issue
seven
recently,
but
there's
there
there's
elements
of
trust
right.
That's
that
is
almost
a
little
bit
too
generic,
because
there's
many
parties
in
these
conversations.
In
other
words,
you
mean
the
gateways-
are
trusted
between
the
gateways
by
other
gateways
right
not
by
clients
of
the
Gateway.
C
That's
a
good
one,
yes
get
waste
the
gateways,
but
if
it's
a,
if
it's
a
private
Network,
which
is
a
closed
Network,
which
is
a
what
are
the
core
assumptions,
why
we
need
gateways
then
sort
of
implicitly?
Maybe
it's
you
know
by
yeah
implicitly.
Well,
you
know,
if
you're
willing
to
have
your
asset
in
that
Network.
That
means
you
trust
some
of
the
entities
and
roles
in
that
Network.
A
It
does
thanks.
You
want
to
try
speaking
again,
if
you're
not
able
to
you
could
always
put
it
in
the
chat
as
well,
and
we
can
read
it
out.
A
Microphone
Rama,
you
want
to
go.
D
Your
question
is
I
think
your
question
is
right
that
we
have
to
figure
out.
These
are
exactly
what
aspect
of
trust
we
are
dealing
with
here
and
can.
D
For
satp
for
the
purpose
of
secure
asset
transfer,
I
think
the
question
that
we
have
to
ask
is
whether
G1
trusts
G2
to
be
an
honest
person
for
the
network
behind
G2
and
vice
versa.
So
that
is
primarily
the
question.
I
think
you
have
to
deal
with
here,
because
yeah.
If
G2
and
G1
are
just
acting
of
their
own
Coalition,
then
they
they're
not
being
honest,
transmitters
of
the
Network's
instructions
or
the
network
State
then
we're
going
to
have
a
problem.
I
mean
G1.
D
G2
can
still
conclude
an
satp
instance
after
respect,
but
that
won't
necessarily
fulfill
the
whatever
state
changes
are
needed
in
the
network,
so
I
think
something
we
did
in
our
system
a
few
years
ago
was
we.
We
try
to
figure
out
what
are
the
aspects
of
trust
that
Gateway
absolutely
needs
to
be
invested
with
and
which,
which
parts
Network
can
actually
handle
and
overcome
malicious
Gateway,
and
if
you
take
the
CIA
model,
the
confidentiality
Integrity
availability
model
of
security.
D
We
came
to
the
conclusion
that
it's
possible
for
a
network
to
ensure
that
the
malicious
Gateway
cannot
interfere
with
or
cannot
hamper
confidentiality
and
integrity.
But
whereas
the
Gateway
needs
to
be
trusted
for
availability
purposes,
that
is
just
that.
Then
again,
we
can
mount.
It,
then
also
with
the
rack
on
the
networks.
So
those
are
some
of
the
thoughts
I
had
on
on
what
aspects
of
trust.
D
A
Yeah
I
mean
the
the
other
text
to
look
for
right
is
early
on
when
the
way
back
in
the
Buffs.
You
know
portions
of
this
working
group.
There
is
discussions
about
what
sort
of
relationship
existed
between
gateways
and
is
there
a
legal
agreement
or
something
to
fall
back
on
right?
That
was
the
foundation
of
the
test,
trust
that
we
talked
about
in
the
past.
Now
it's
an
interesting
case
where
you
know
you
don't
have
a
legal
agreement
and
then
you're
still
expecting
the
other
party
to
behave
appropriately.
D
C
Okay,
no
that's
right:
Thank,
You,
Wiz,
okay,
the
other
thing
that
that
I
thought
I
thought
stoodat
from
yaron
said
of
comments
is
number
10,
which
is
essentially
a
question,
but
it's
like
if
we
were
to
take
the
primary
backup
strategy
as
the
as
the
backup
strategy.
Does
that
mean
that
for
a
Network
that
has
n
gateways,
you
know
10
gateways,
there's
actually
another
10?
That's
just
Shadow,
that's
passively
sitting
around
doing
nothing
literally
or
or
do
do
we
mean
well
out
of
those
10.
C
Each
Gateway
will
have
to
nominate
another
Gateway
amongst
the
remaining
nine,
regardless
of
how
busy
those
remaining
nine
are
in
terms
of
handling
transactions.
So
this
is
that's
a
you
know.
Yaron!
Thank
you
for
that.
That's
a
I
thought
it
was
a
good
question
since
Raphael
is
online
Raphael.
What
are
your
thoughts
about
this
question?
Issue
number
10.
C
A
Well,
of
course,
everything
can
be
done
on
the
mailing
list,
so
that's
always
a
good
thing.
The
trick
is,
you
have
to
lean
in
to
start
the
discussion,
and
hopefully
people
will
answer.
You
know
again.
This
this
to
some
extent
also
comes
back
to
some
notion
of
what
transports
you're
going
to
pick,
because,
if
you're
picking
a
transport
that
allows
load
balancing
and
things
like
that,
you
know
there's
again.
A
Right,
there's
the
external
versus
internal
aspect,
of
how
many
gateways
you
have
from
an
external
aspect.
It
has
to
be.
You
know
some
mechanism
to
to
reach
the
other
one
over.
A
protocol
like
TLS
would
require
a
DNS
name
or
something
like
that
that
points
to
an
IP
address,
and
then
there
may
or
may
not
be
a
load
balancers
and
it's
all
sort
of
a
ambivalent
to
to
the
the
remote
party.
Unless
there
are
two
records
associated
with
a
particular
entry.
A
What
not
everybody
realizes
is
that
www.example.com
can
have
two
IP
addresses
and
you're
supposed
to
randomly
pick,
which
one
you
use
when
you
get
more
than
one
record
back
like
that,
that's
sort
of
designed
that
way
and
and
some
entities.
In
fact,
if
you
look
up
www.google.com
I,
believe
you
get
multiple
addresses
back
and
the
client's
just
supposed
to
pick
one.
But
then
you're
also
talking
about
voting
mechanisms
on
the
inside
of
the
Gateway.
And
how
do
we
determine
which
one
is
sort
of
the.
B
A
And
the
rest
are
all
backups,
so
I
would
make
sure
you
split
that
discussion
into
two
and
to
some
extent
there's
almost
two
separate
issues.
There.
C
Okay,
no
good
good
point
good
point
thanks
thanks
Rose,
because
so
yeah
I
think
this
is
a.
This
is
a
mailing
list
thing.
So
let
me
let
me
take
the
initiative
and
post
the
question
to
the
mailing
list.
C
Okay,
any
yaron
out
of
the
list
of
issues
there
in
any
more
that
we
should
discuss
now
like.
B
Yeah
I
apologize
for
my
audio
problems,
I'm,
not
sure
how
much
of
my
rent
you
asked
you
you
actually
heard
so.
I
was
going
on
about
the
need
for
a
legal
considerations
subsection
and
tying
that
to
to
both
number
seven
in
the
the
ownership
question,
and
then
there
was
actually
one
other
issue:
the
issue
about
stage
zero.
B
Where
I
was
saying,
this
is
a
stage.
Zero
is
important
enough
for
interoperability,
that
it
needs
to
be
standardized,
like
other
components,
needs
to
be
covered
to
the
same
level
of
depth
and
standardized
to
the
same
degree
as
the
rest
of
the
protocol
and
I
think
you
Thomas
had
a
good
response
to
that.
One.
C
Yeah
I
agree
with,
to
be
honest,
we're
slowly
creeping
through
some
of
the
issues
in
stage
zero
right,
like
this
whole
network,
identify
I
think
is
part
of
stage
zero,
because
if
you
don't
know
what
network
your
assets
on,
you
can't
even
find
it
and
so
and
yeah.
No
that
that's
good!
Thank
you.
Thank
you
Ryan.
So
right
now
correct
me.
Whereas
it's
it's
a
out
of
scope,
but
I
know,
for
example,
Dennis
has
got.
This
is
working
on
the
context,
ID
setup
between
applications
and
that's
a
stage.
Zero
thing.
C
You
know,
asset
verification,
you
know
is
also
stage
zero
thing
and
and
the
the
views
draft
that
that
Rama
is
working
on
is
also
relevant
there,
because
you
might
just
you
might
want
to
query
a
network
to
find
out
some.
You
know:
does
the
asset
actually
exist?
Is
it
in
you
know,
does
this
person
actually
own?
It
does
Alice
actually
own
it,
and
it's
not
a
transaction.
C
It's
more
like
a
query
and
that's
part
of
I
would
say
a
setup
of
stage
zero
as
well,
so
so
yeah,
it's
I
personally
agree
with
you
yarrow
and
we
have.
As
I
said,
we
had
three
broccolis
on
our
plate
that
that
the
chairs
are
asking
us
to
finish
the
broccolis
before
we
can
eat
the
carrots
and
the
ice
cream.
A.
A
Good
good
way,
to
put
it
so
speaking,
you
know,
with
my
chair
hat
on
I,
think
what
I
wrote
to
the
road
to
somebody.
You
know
the
other
day
is
the
way
to
think
about
it
is
the
working
group
is
tasked
with
getting
the
basic
protocol
up
and
working
there
are.
There
are
a
lot
of
other
ice
cream
and
you
know
related
bits
that
that
we
would
like
to
solve
at
some.
D
A
If,
if
there
is
something
so
stage,
zero
is
being
used
generically
to
speak
to
a
lot
of
different
elements
of
setup
or
trust
or
whatever.
A
If
some
of
those
are
required
in
order
to
even
get
the
protocol
up
and
running
right,
you
can't
you
know
you
can't
do
it
without
establishing
who
the
remote
entity
is
and
whether
you
trust
them
or
not,
although
I
trust
is
probably
a
bad
example,
because
I
think
we're
Outsourcing
trust
to
a
large
extent,
but
so,
if
there's
some
element
of
setup
that
is
required
for
the
protocol
to
work,
that's
no
longer
out
of
scope
right
now,
and
you
know
Paul's
here
and
could
actually
speak
up
and
yell
at
me
too,
but
in
order
to
develop
a
functional
system.
A
So
the
original
charter
lists
the
starting
documents
that
we
are
allowed
to
sort
of
create,
whether
some
elements
of
stage
zero
need
to
be
put
into
the
architecture
of
the
protocol
document
or
even
be
a
you
know,
a
separate
draft.
If
they
really
need
to
be
separate.
That's
all
fine.
If
you
know,
we
need
to
add
a
fourth
piece
of
broccoli
in
order
to
make
it
so
that
the
protocol
can
actually
function
in
in
you
know
the
first
pass
out
the
door.
That's
fine.
C
C
Okay,
any
anything
else
before
I
switch
gears
and
talk
about
the
identifier
proposal.
C
A
A
C
Discussions
yeah,
so
this
is
out
of
Scopes
and
that
next
slide
so
we've
had
discussions
about.
C
You
know:
asset
Network,
you
know
DLP
identification
schemes
for
the
last
two
years
and
and
you've
heard
me
complain
probably
like
why.
Why
is
it
that
you've
got
these?
You
know
almost
billion
dollar
industry
and
no
one's
figured
out
like
how
to
standardize
this,
and
lo
and
behold,
of
course,
the
ethereum
Enterprise
Foundation
has
in
indeed
worked
on
this
and
and
that's
why
we
had
wagya
come
and
present
to
us.
C
I
think
earlier
this
year
over
the
last
year
this
year,
I
guess,
and
so
the
question
is
many
of
these
DLT
networks
have
their
own
already
have
their
own
numbering
scheme
and
identification
scheme.
So
you
know
taking
ethereum
as
an
example.
They
already
have
this.
They
call
it
chain
ID,
and
the
problem
is
many
of
these
networks.
When
deciding
on
identifier
schemes,
they
don't
think
you
know
globally
and
they
don't
think
about
interoperability
and
they
don't
think
about
namespaces
okay.
C
So
this
is
kind
of
interesting
I
won't
comment
on
this
any
further.
You
know
don't
want
to
offend
anyone,
but
but
let's
say
we
had
to
work
on
a
you
know:
an
identification
scheme
that
works
globally.
You
know
what
things
would
we
need
to
satisfy,
and
this
is
what
this
slide
is
trying
to
show.
So
it
has
to
be
Backward
Compatible
in
the
sense
that
well
it
has
to
be
able
to
be.
We
can't
ask
the
the
existing
networks
to
change
their.
C
You
know,
identifier,
the
the
immediate
answer
would
be,
you
know,
go
away
number
two.
It
needs
to
support
this
problem
of
well.
Maybe
there
are
multiple
sub
networks
right.
So,
for
example,
some
dlts
have
experienced
Forks
internally,
they
might
be
able
the
transaction
might
be
able
to
be
routed
to
the
correct
Fork,
assuming
there's
two
Force,
but
from
the
outside.
C
C
Then
there's
the
issue
that,
given
this
decentralization
sort
of
spirit,
let's
say
there
might
be
cases
where
you
know
somebody
somewhere
on
different
part
of
the
planet,
decides
to
create
a
new
network
and
they
just
pick
a
number
you
know,
and
so
how
do
we
provide
some
kind
of
a
guidance
that
reduces
the
chances
of
Collision
in
terms
of
the
namespace
right,
and
this
is
assuming
that
we
don't
have
a
organization
like
Aaron
to
do
this
or
if
you
guys,
are
aware
of
the
DOI,
you
know
Bob
Khan
and
the
in
the
handle
system.
C
Assuming
such
things
don't
exist
in
this
asset
space.
Well,
how
could
you
provide
guidance
in
a
document
that
reduces
this
chance
of
collision,
but
but
not
to
zero,
because
there's
always
a
chance
of
collision
and
I?
Think
I've
mentioned
Forks
and
next
actually
next
slide?
Actually,
could
you
move
two
slides
forward
to
the
diagram
where's
I
I
placed
it
in
the
wrong
place
in
the.
C
C
Yeah,
so
this
is
kind
of
the
example
that
I
was
trying
to
explain
that
we,
the
ITF
and
sapi,
we
have
no
control
over
what
a
network
will
do
internally,
because,
unlike
the
the
internet,
you
know,
and
so
on,
you
know,
you
know
where,
where
you
know,
there's
too
many
networks
too
many
designs
and
so
on.
C
However,
for
gateways
There's
an
opportunity
for
us
to
say
well,
you
know,
if
you
want
to
implement
this
at
the
gateways,
then
your
gateways
need
to
understand
this
32
byte
scheme
that
we
are
proposing
and
how
the
Gateway
you
know
connects
internally
to
its
Network.
That's
out
of
scope
for
us,
you
know,
Gateway,
you
figure
out
I
mean,
but
we've
always
said
that
you
know
facing
inwards.
The
Gateway
needs
to
understand
how
to
work
with
his
own
network.
C
That's
always
a
given,
what's
in
scope
for
us,
is
between
G1
and
G2,
and
so
this
is
what
this
diagram
is
trying
to
to
portray
is.
Is
this
this
this
thing
where's
go
ahead?
You've
got
a
question.
A
So
it's
an
interesting
problem,
space
in
in
multiple
folds,
right
and
so
to
come
back
to
this
even
comes
back
into
scoping,
so
I
would
say
some
of
this
is
out
of
scope,
and
some
of
this
is
in
scope,
which
you
said
all
of
it
was
out
of
scope,
so
I'm
actually
giving
you
a
little
bit
of
broccoli
here.
A
E
A
A
There's
the
aspect
of
making
that
connection
and
getting
to
that
end
point
that
may
be
a
globally
unique
namespace
within
the
DNS
or
something
because
you
have
to
figure
out
how
to
make
that
connection
or
you
have
to
pull
an
IP
address
from
something
else.
In
order
to
make
that
connection
and
and
whether
so
the
interesting
thing
is
in
a
distributed
environment,
you're
actually
running
into
the
the
quintessential
case
of
why
distributed
environments
are
hard
right
because
you
need
a
global,
unique
namespace
and
yet
a
decent
in
a
decentralized
way.
C
Yep
yeah,
so
so
I
think
that
from
the
beginning,
we
kind
of
assumed
that
the
the
Gateway
has
a
an
IP
address
in
in
the
usual
sense
of
the
word,
and
so
you
can
always
connect
it,
and-
and
you
know
you
can
think
of
Gateway
as
kind
of
a
server
that
in
the
traditional
you
know
model.
So
there
is
an
IP
address
and
so
on
it's
B4
B6,
it's
it's
reachable
and
and
because
we've
been
talking
about
a
rest,
API
then
there's
also
a
defined
endpoint.
C
The
end,
the
rest
endpoint
that
you
want
to
reach
in
a
Gateway
implementing
sat
beam.
Well,
sad
people
will
will
have
multiples
in
in
the
set
core
I.
Think
we've
got
several.
The
the
bigger
question
actually
is
this
identifier
is
an
application
layer,
identifier
right
and
so
once
you
connect
to
a
gateway,
then
you
say
we're
like
okay,
you
know,
I,
are
you
serving
this
32
byte,
you
know
organization.
Oh
here,
wait,
wait:
yeah,
yeah
wanna,
you
have
your
hands
up,
go
ahead!
Yeah
yeah!
Maybe.
E
I
I
give
some
more.
Thank
you
for
all
the
questions.
I
think
also,
thank
you.
So
much
for
the
answers.
I
just
want
to
describe
a
little
bit
background
and
compare
this
with
TCP.
Okay.
First,
this
identifier
is
for
blockchain
for
Ledger
and
also
for
sub
Badger
as
Thomas
mentioned.
So
this
is
a
new
thing
because
it
was
TCI
VIP.
You
have
mac
address
your
IP
address
your
UI,
your
DNS.
E
You
have
a
domain
name
different
things
right,
but
none
of
these
address
the
issue
of
blockchain
blockchain
is
another
entity
that
need
to
have
an
identifier,
and
in
the
past
there
was
no
chain
identifier
at
all.
When
you
have
Bitcoin,
nobody
had
a
chain
identifier,
because
this
is
only
the
Bitcoin
blockchain.
E
Nothing
else
right,
there's
no
need
for
identify
and
then
ethereum
came
around
and
then
ethereum
had
the
2016
hack
and
is
split
into
Etc
and
eth,
and
at
that
time
there's
a
double
signing
a
spent
attack,
because
you
can
sign
the
same
transaction
and
send
to
send
it
to
eth
or
send
it
to
Etc
they're.
Exactly
the
same,
so
the
same
spending
can
be
spent
on
both
chains
and
then
they
realize
hey,
there's
a
need
to
identify
these
two
blockchains.
So
at
that
time
there
was
eip155
proposed
by
biptonic.
E
Basically,
what
he
was
saying
is
that
I
have
issue
a
chain
ID
equal
to
one
and
then
my
test
net
is
equal
to
3
and
then
another
test
net
equal
to
five
and
nonetheless
you
figure
out
yourself.
So
when
you
have
a
new
blockchain,
you
just
need
to
tell
people
an
integer
number
that
you
take
as
the
chain
ID
for
that
blockchain
and
that
chain
ID
is
sent
to
the
GitHub
address,
to
avoid
condition.
E
Look
that
is
okay
for
a
couple
of
years,
but
now
we
have
more
and
more
blockchain
coming
in
both
for
public
blockchain
and
private
blockchain.
So,
there's
a
need
for
this
identifier
to
identify
different
blockchains,
so
no
so
that
you
know
which
transaction
you
want
to
send
to
which
one
where
you,
where
you
want
to
send
the
transaction
to
and
and
then
how
do
you
identify
the
chains.
E
So
there
have
been
different
proposals
and
and
I
think
we
discussed
that
before,
and
this
proposal
is
has
some
differences.
Okay.
First,
we
make
itself
verifiable
because
we
are
in
decentralized
environment,
there's
no
way
that
you
are
going
to
do
light
on
your
centralized
registration
to
identify
every
node
in
the
system.
So
for
somehow
some
reason
this
chain
ID
should
be
self-verifiable.
Network
ID
is
to
be
saved
by
a
fiber.
E
So
it
should
be
self
verifiable,
and
you
should
also
I
think
this
is
from
Thomas
address
the
the
subnet
case,
which
is
I
when,
in
my
proposed
I,
did
not
mention
my
Subnet
and
I
think
this
is
this
from
from
Thomas
saying
that,
yes,
there
are
cases
where
we
have
changed
on
Chain
by
one
blockchain
one
there
can
have
sub
Ledges,
and
this
has
like
six
bytes
for
that,
and
also
you
need
to
be
have
to
have
a
backward
compatibility.
So
so
and
then
from
there
from
there
you
can.
E
You
can
build
metadata
on
top
of
this
unique
ID,
so
that
could
be
a
separate
layer
which
is
at
the
application
layer.
You
can
write
smart
contract
to
look
up
the
other
metadata
for
this
something
for
this
network
ID.
So
that
is
the
the
purpose
of
this
network.
Id
and
I.
Think
it's
very
important,
because
I
would
think
this
is
when,
when
we
were
thinking
about
thinking
about
interbility,
this
is
one
of
the
first
things
we
we
think
about.
E
You've
got
to
be
able
to
identify
each
Ledger
each
blockchain
in
a
unique
way
and
make
yourself
very
viable,
and
also
there
are
cases
where
you
Fork
one
blockchain
into
two
forks
and
both
believe
they
allowed
legitimate.
How
do
you
how?
How
can
we
verify,
which
one
is
legit,
which
one
is
forked,
so
they
should
be
making
for
that
as
well?
So
that's
that's
the
background
of
this
proposal.
I
just
yeah.
If
there
are
more
specifications,
I
can
I
can
help
answer
those
questions.
A
I
I
do
yes.
First
with
my
chair
hat
on,
I
will
remind
everybody
that
the
the
SAT
protocol
is
not
blockchain
specific.
We
are
chartered
to
be
agnostic
where
we
have
different
types
of
systems
that
we
can
transfer
digital
assets
between,
and
so
it
may
be
that
on
the
left
hand,
side
of
this
diagram
is
a
blockchain
and
on
the
right
hand,
side
of
the
diagram
is
a
traditional
banking
Network
or
something
like
that,
and
we've
always
included
those
in
scope.
A
So
do
Please
be
aware
that
anything
that
is,
a
technology
that
is
specific
to
a
type
of
storage
mechanism
such
as
a
blockchain
based
Network,
cannot
necessarily
be
used
globally,
and
so
the
real
question
is
we,
you
know
I
just
break
this
problem
into
two
parts
that
you
have
one
is:
how
do
you
identify
the
ability
to
get
to
the
other
Gateway
and
then
the
the
second
part
of
that
is.
How
do
you
do
identify
the
component
within
that
system,
which
may
be
a
blockchain
on
one
side?
A
It
may
be
a
completely
different
blockchain,
with
a
completely
different
way
of
of
you
know
talking
to
it
subnets.
It
may
be
a
Traditional
Bank,
I
can
imagine
something
in
between
where
a
bank
has
branches
and
the
assets
are
actually
kept
independently,
not
in
a
global.
You
know,
system
within
an
integrated
bank,
but
rather
I
need
to
talk
to
this
bank
to
this
Branch.
To
this
account
in
that
Branch.
A
A
You
know,
independent
and
so
I
think
that's
sort
of
like
what
did
probably
one
of
the
things
that
should
be
looked
at
for
doing
this,
because
gids
already
have
a
sort
of
global
part
and
a
an
internal
part
that
can
be
you
know,
separated
the
forking
problem
is
is,
is
a
nasty
one?
That's
true!
On
the
business
side
too,
where
even
a
bank
can
split
into
and
half
the
customers
go
one
way
and
half
the
customers
go
another,
and
how
do
you?
How
do
you
re-establish
the
connection
protocol?
F
E
I
think
you're,
Wes,
I
I
think
the
actually
let's
go.
We
propose
it's
even
bigger
than
what
I
saw.
The
original
thought.
I
thought
Ledger
is
a
big
enough
or
change
big
enough
already.
If
you
want
to
make
it
globally
kind
of
applicable,
I
think
the
guid
some
of
the
proposed
some
of
the
guid
mechanisms
so
that
it's
it's
a
unique
identifier
and
then
you
interpret
the
meaning
of
the
tuid.
B
E
Blockchain
with
that
in
mind,
it's
possible
that
we
can.
We
can
kind
of
modify
this
a
little
bit,
because
in
this
for
this
proposal
we
have
the
first
16s
as
the
the
hash
of
the
Genesis
block
for
blockchain
and
that
uniquely
identify
a
blockchain,
a
test
for
16,
bytes
and
technically
you
can.
You
can
make
that
16
byte
to
be
less,
maybe
eight
byte
enough,
and
then
you
can
use
the
other
buys
to
identify
different
systems
that
can
be
assigned
by
by
The
Entity
themselves.
E
C
E
Yes,
I
think,
that's
a
that's!
That's
the
kind
of
a
kind
of
improvement
already,
because
some
of
the
banking
system
may
not
have
allegedly
have
Genesis
block
and
they
can
Define
it.
So
we
need
to
there's
a
hard
requirement
right
now,
since
the
first
16
byte
is
the
Genesis
Book
hash.
But
we
need
to
do
is
that
that
kind
of
a
constraint
I
just
that
can
make
it
customizable.
C
Okay,
I
mean
yeah;
no,
it's
it's
good
60
by
because
I've
seen
other
like
in
the
vasp
in
the
exchange
sort
of
discussion
a
couple
of
years
ago.
There
was
a
a
Swiss
proposal
where,
where
all
the
entities
get
like
256.6
bits
and
and
they
had
all
sorts
of
mappings
internally
but
but
my
point
is
that
yeah
somebody
has
to
do
this
mapping
and
I
think
it's
going
to
be
the
gateways,
but
but
you're
right,
you
know
it's
I
mean
we
have
to
find
out.
C
A
B
So,
first
of
all,
I
think
we
should
be
discussing
bite
sizes
at
all,
I,
don't
think
we're
we're
limited
in
the
size
and
and
we
can
actually
adopt
the
variable
length
solution
here.
B
I
think
we're
with
respect
wasting
our
time
debating
16,
verses,
32,
and
then
someone
mentioned
the
caip2
on
the
list.
That's
a
chain
agnostic
proposal
for
for
solving
this
thing,
I'm
not
married
to
that
one,
but
I
do
like
that.
They
have
a
namespace
spot,
which
is
a
short
string
just
like
HTTP
method,
and
then
you
can
have
basically
anything
on
the
local
part.
So
it's
a
two-part
identifier
and
you
can,
for
example,
have
to
follow
on
on
West.
B
C
No,
that's
a
that's
a
great
idea.
No
thank
you.
Thank
you.
That's
a
that's
a
that's
a
good
idea!
That's
this
is
folks.
This
is
exactly
the
kind
of
input.
I
think
that
that
widget
and
myself
are
looking
for,
because
I
think
I
think
everyone
agrees.
There
needs
to
be
some
solution
and
I.
Think
it's
it's
a
good
thing
that
the
ITF
is
at
least
talking
about
it,
and
maybe
we
can
make
it
like
a
real
proposal.
C
D
Again,
how
to
how?
How
do
we
locate
a
Gateway
that
represents
a
network.
C
That's
one
of
the
questions
that
that
Wes
was
saying
that
you
know
I
I
know
Bob
is
in
that
network
over
there,
I
I
just
know
the
colloquial.
You
know
name
of
that
network,
but
I,
don't
know
the
actual,
how
to
get
it.
What
do
I
type
into
my
application
and
how
does
my
you
know,
Gateway
find
one
of
the
gateways
in
this
remote
Network
yeah?
That's
that's
one
of
the
challenges.
C
E
Yeah
I
I
have
a
comment
about
this.
This
URL
base
that
URI
base
the
versus
this
byte
based
because
I
was
the
one
of
the
first
guys
who
look
at
this
problem
as
you,
devoid
the
camera
problem,
and
when
I
look
at
different
schemes
and
and
you
can
have
a
UI
based,
but
that
should
be
at
the
second
day,
not
at
the
at
the
kind
of
embed
in
the
year,
because
this
this
identifies
almost
like
a
MAC
address.
It
just
specifies
certain
bytes
to
identify
the
chain,
and
then
you
can.
E
You
can
have
different
scheme
that
URI
and
other
ways
to
to
describe
it,
but
once
you
have
UI,
you
cannot
ask
the
machine
to
verify
by
yourself,
because
you
need
it
to
be
yourself,
verifiable
and,
and
that's
why
you
need
to
have
something
that's
with
a
fixed
lens,
because
you
also
have
detailed
issues
like
assigning
a
transaction.
This
thing
this
ID
need
to
be
signed
into
transaction
and
that's
why
the
size
I'm
talking
about
32
byte
I'm
talking
about,
but
the
first
16
could
be.
E
The
Genesis
from
Cache,
so
I
think
32
byte
is
is
a
reasonable
lens.
If
it's
too
big
and
then
your
the
size
signature
become
too
big
and
when
you
go
to
blockchain
is
going
to
cause
a
lot
of
gas
and
then
they
have
been
study
on
this
already
on
on
how
how
big
that
that
thing
should
be-
and
you
enter
256
bit-
is
a
good
good
lens
for
it.
E
But
I
just
want
to
say
that
there
are
different
proposals
already,
but
this
is
the
one
that
addressed
the
issue
of
self
verification
and
also
anti-fault
the
others.
Other
specs
rely
on
some
that
situation,
and
this
one
does
not
so
I
just
want
to
point
out
the
differences.
A
A
A
I
think
so
wish
you
were
done
right
and
I.
Think
Rama
is
next.
D
Question
can
we
precisely
Define
what
self
verifiability
means
in
this
conference
in
their
CDP
context,.
E
Yeah
yeah
I
can
definitely
describe
that
because
decentralized,
a
decentralized
blockchain
is
a
different
thing
right
in
in
in
TCP,
you
can
identify
every
server
and
you
can
say:
This
Server
is
trusted
or
Not
Right
But
decentralized
blockchain
is
in
the
is
to
some
extent
is,
is
a
land
trust
environment
because
you
can
have
a
server,
but
you
can
run
a
fake
blockchain
and
the
real
blockchain.
At
the
same
time,
right
and
and
this
hour,
you
can
run
the
real
blockchain
next
hour.
E
You
can
run
a
fake
blockchain
and-
and
this
is
normal-
this
is
normal.
Like
and
self
verifiable
means
that
once
I
get
the
transaction
cross
change
transaction
into
operable
transaction
I
should
be
able
to
kind
of
clarify
or
verify
whether
this
transaction
is
burned
by
this
node
as
a
real
blockchain
right,
blockchain
or
a
fake
blockchain,
because
I
know
the
Genesis
block,
because
I
encode
the
Genesis
Book
hash
into
my
my
ID
here.
E
If
the
Genesis
block
of
your
blockchain
does
not
match
I
know
you're
running
the
fake
one,
because
hackers
can
easily
Run
Two
blockchains.
At
the
same
time,
one
real
one
fake,
but
to
hack
and
cell
verifiable
means
that
once
I
get
the
chain,
ID
I
can
verify
the
chain
ID
independent
of
any
third-party
registration
service.
A
I
mean
this
is
a
problem
that
I
actually
went
to
allude
to
earlier,
but
but
there
is
a
there's,
been
huge
issues
in
in
the
internet
at
large,
with
the
security
of
knowing
that
you're
trying
to
talk
to
some
entity
and
actually
getting
to
a
different
one
and
them
purporting
to
be.
You
know
the
the
real
identity
that
where
it
was
just
pointing
at
it's
a
nasty
one,
and
we
need
some
sort
of
typically
one
of
the
things
that
happens,
that
we'll
have
to
look
into
is
protocol
binding
to
ensure
that
this
happens.
A
So
you
get
to
a
trusted.
Source
TLS
itself
has
been
plagued
with
this
because
there
are
so
many
certificate
certificate
authorities
that
are,
you
know
anchored
as
roots
of
stuff.
You
could
believe
you're
talking
to
you,
know
google.com
and
you're,
actually,
not
because
you
hit
a
security
certificate
that
was
issued
by
something
else
fraudulently
and
the
for
those
that
are
not
familiar
with
it.
The
certificate
transparency
project
within
the
ATF
actually
is
sort
of
the
global
Ledger
actually
is
using.
A
You
know
a
blockchain
like
Ledger
Merkle
tree
specific,
but
to
record
who
is
issuing
what,
in
order
to
ensure
uniqueness,
occurs
across
all
of
these
identifiers
and
stuff.
So
that's
going
to
come
back
to
bite
everybody
at
some
point.
It's
like
how
do
you,
when,
when
you're
bootstrapping
this
protocol
being
able
to
bind
the
fact
that
you
believe
you're
making
this
network
connection
to
talk
to
something?
And
how
do
you
bind
that
with
the
internal
notion
of
them
being
able
to
prove
that
you're
actually
in
the
right
place?.
B
F
I
agree
with
Wes
it's
a
very
important
problem,
but
I
mean
I
think
we
actually
discussed
this
I
mean
week
months
ago
that
it's
I
mean
that
this
protocol
is
you
know,
has
to
make
some
assumptions
has
to
make
some
assertions
that
okay,
it's
just
describing
the
transfer
of
this-
we
don't
know
if
the
object
that's
being
transferred,
is
actually
valid.
You
know
at
either
place.
We
can't
we
can't
verify.
As
you
said,
the
gateways,
we
can't
verify
this.
F
It's
saying
you
know
we're
assuming
we're
asserting
that
all
of
these
other
connections
are
correct
and
that
you
know
the
object.
That's
claimed
to
be
transferred
really
exists
that
the,
as
you
said,
that
this
network
is,
is
valid,
we're
connecting
to
the
appropriate
gateways,
appropriate
clients
and
it's
very
important
issue,
but
I'm,
not
certain
that
is
that
really
Germaine
or
I
mean
I,
don't
know
how
weak
you
know
it's
really
in
our
our
Wicked
to
try
to
solve
it.
A
Yeah
very
good
point:
David
thanks
for
bringing
that
up,
yeah
one
one
important
thing
to
note
is
a
past
security
area.
Director
20
years
ago,
I
was
riding
in
a
taxi.
You
know
around
to
go
to
dinner
with
him
and
a
few
other
people,
and
his
point
to
me
was
very
valid.
He
said
you
can
do
anything.
You
want
just
document
it
right.
A
If
you're
going
to
make
assumptions
on,
you
know
what
is
acceptable
and
what
is
not
as
long
as
you
document
it
well
in
the
security
considerations
section,
essentially,
you
can
do
anything
you
want,
and
it's
important
that
when
these
issues
come
up,
we
very
much
outline
what
are
the
assumptions?
What
are
the
basis
of
trust
that
the
protocol
isn't
handling
and
then
and
then
you're
absolutely
right.
That
can
be
completely
out
of
scope.
A
Now,
whether
you
know
people
want
to
use
it
as
a
trustable
system,
that's
where
you
have
to
very
carefully
find
that
line
of
of
what
needs
to
be
included
and
what
can
be
a
basis,
and
you
know
going
back
to
the
very
beginning.
Discussion
of
the
day
does
Gateway
G1
trust,
Gateway
G2,
and
is
there
a
legal
relationship
or
something
else,
that's
outside
of
scope,
or
are
we
making
an
anonymous
connection
that
is
unknown
so
Thomas?
It's
probably
time
to
think
about
wrapping
up
because.
C
Yeah
I
think
that's
the
last
side,
the
previous
slide,
that
this
is
just
the
table
that
that
people
can
look
up
in
the
draft
yeah
it's
just,
and
this
is
probably
going
to
change,
but
I
was
thinking
you
know.
If
this
is.
We
have
the
architecture
sub
group
discussions
in
the
past.
You
know
side
meeting.
If
I
don't
know.
If
people
are
those
who
are
interested,
you
know
we
could
have
another
follow-up
call.
C
You
know
in
a
couple
of
weeks
just
just
on
this
topic
because
there's
this
question
of
dids,
we
we
discussed
in
the
past.
How
does
that
fit?
Does
the
question
the
banking
identifiers
I
have
a
question
that
is
32
bytes
enough
right,
so
maybe
we
need
more
I,
don't
know
more,
more
is
good,
I,
don't
know,
but
yeah
if
I'll
send
out
an
email
to
the
mailing
list
proposing
a
date.
If
that's
okay,
and
if
people
want
to
continue
discussing
just
this
particular
identifier
question
you
know
we
could
have
that
subgroup.
A
A
Or
things
like
that,
because
we
have
the
space
David,
you
get
the.
D
A
C
Okay,
so
that's
that's!
The
my
slides
was
okay.
A
All
right,
fantastic,
that
brings
us
right
to
time,
which
is
good.
Actually
I
do
have
another
meeting.
I
need
to
go
jump
to,
but
thank
you
all
for
coming.
I
think
this
was
a
great
discussion
and
Thomas
I.
Look
to
you,
especially
to
as
kickoff
discussions
around
issues.
Seven
and
ten
on
the
mailing
list.
I
describe
them
fairly
well,
so
people
can
jump
in
and
have
a
good
conversation
about
them.
Sound
good.