Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
W3C / Multicast Community Group / 1 Dec 2021
W3C / Multicast Community Group / 1 Dec 2021
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: 2021-12-01 Multicast W3C Community Group Meeting

Description

Minutes: https://www.w3.org/2021/12/01-multicast-minutes.html
More about the cg: https://github.com/w3c/multicast-cg

A

Okay, so we're recording, um so I sent the agenda by email. I did not actually put together slides for today, uh so I'm not going to be sharing my screen or anything I'll just be chatting. But um what we have on the agenda is, uh I wanted to discuss whether it would be okay with those attending to uh move this meeting back by half an hour or 60 minutes.

A

I think we originally tried to accommodate as many people as responded, but some of the people that asked for it to be this early haven't actually been showing up, and this has impacted a few other people in california who said that they might have showed up, but 7 30 is too early, which I can sympathize with.

A

um So I guess chris. This is probably mostly your question, uh but uh for today, anyway,.

A

uh I I I don't like I'm able to keep doing it, but it would. uh It would be nice to me if we could move it back by by a short bit.

B

um Yeah, I'm okay. I there is another group that meets in the next hour that I would want to join. um Would two hours.

A

Later be okay, because that's.

B

That would be fine, yeah.

A

That would be fine, yeah yeah.

B

Actually,.

A

For you, but.

B

Yeah, I mean I'm kind of used to doing evening meetings anyway. So if you wanted to move it, you know even later in the morning, that would probably be okay, too. All right.

C

Yeah jake, I can't I can't do an hour later, but I could do two hours later, an hour later, like the next. The next hour slot for me is crutch's staff meeting, which is basically unmovable yep.

A

uh Casey any objections on your side. I think I'm going to float this by the list also and see if anybody raises objections, but I'm kind of going to um consider downplaying people who haven't managed to attend any yet at this time slot so yeah um and.

D

An hour and a half or two hours later would be fine.

A

With.

D

Me, okay,.

A

uh All right, so I will tentatively consider I'll I'll confirm that on the list and see if there's anybody uh else who raises objections, but I will uh look to to plan to move this two hours later. Then, um if that's uh that's, okay, um all right. So the the next uh item on the list was 20 minutes for a status update um last month was uh reasonably busy with both the so we, the last meeting we had was uh was the tpack meeting um that recording is up.

A

I apologize for being so late, uh sending it out, um but that recording is up and the notes are there. um I guess so. I reviewed it again yesterday. I guess my my takeaway on that was. um We aired some of the complexity in in getting the uh the kind of adoption we need to move forward.

A

um We had opinions from uh eric, especially that um that what we really need to do you know, is to get more people involved uh one way or another by you know getting them to feel the pain, particularly. I think the browser vendors.

A

But some of the isps are on board. I think you know, and casey here is- is uh coming from a network ops side which is great uh there's a few other people that are in the group that haven't really made it to these meetings, but but many of whom have been talking to uh separately from time to time.

A

But it's uh I take it that for most isp employees, it's it's a challenge to to do work toward browser implementation, sort of uh development.

A

um This is not usually in the in the sort of wheelhouse of of who they're employing, although it can depend on on who and where they want to invest, um but really it's about uh kind of getting the um uh you know if we can get it into the browser.

A

My take on this at this stage is getting it into the browser is the step that makes it most interesting to everybody, because then there's then there's a distributed receiver that anybody can use, um and so to that end is is. Can I I didn't hear anything that really changed my position on yeah. We have to get the security stuff ironed out and we have to get uh some level of consensus built so that the browsers would be potentially willing to take it.

A

um I guess anybody else who saw anything different do. Let me know that was kind of my summary takeaway on it. Is that we're on the right track? It's not an easy or short track, uh but uh but we're, um but we're trying to do the the right sorts of things based on the you know. Who needs to to be into this.

A

So uh as follow up on that, I guess there's no other questions or comments there.

A

um Yeah then.

D

I think you're right that getting it into the browser is critical to finding that break. Point um and you're also right that it's we're more than more than willing, actually enthusiastic about helping to provide relays and as soon as internet2 will allow us to build those overlays um we'll get ourselves back connected to others, so that that becomes more useful but yeah.

D

You know you're also right that it's it's difficult for us as a network to help on the browser.

A

Development side, because we don't have staff that.

D

Really work in that area, but yeah yep still still willing to help and- and I think you're on the right track. Okay, good! Thank you.

A

uh Great um yeah, so to that end, then uh the uh the other big uh event of the month was uh ietf was the what a a couple weeks after the tpack, um so I presented in both sect dispatch and m-d.

A

uh The summary from sec dispatch was that we are um dispatched to the msec mailing list for further discussion. Msac is a um is a working group that that got closed uh four or five or six years ago. I think, um but the mailing list is still there uh still present.

A

I haven't followed up yet, but I will be I mean I haven't followed up seriously. I did get. uh I did ping the msec list uh to verify that during the session there was some question: should it be msec, or should it be a new mailing list, um a pangdem sect to ask? I got uh unanimous responses from two people that um that msac seems like a good place for it uh for the discussion about the security considerations for multicast.

A

um Likewise, I heard from uh from one of the area directors uh that that that seems like a good place, so I'm gonna go ahead and send out an invite on um on the sac dispatch list uh asking people to please join and start the discussion off there.

A

uh Any of you that are willing and able please do uh consider joining the msec uh ietf list for uh discussing the security properties and and see what kind of people bring up.

A

There was some discussion on the sec dispatch list from ecker.

A

That was kind of after the tpac meeting, mostly I think and and then some some good discussion during the session. I think um I guess my my summary is that people who are into security are skeptical of this, which I think is.

A

Not entirely unjustified, but I think that um so ecker did a review of the draft and uh he seems to think it's not a good idea, but he didn't have any technical objections that he maintained throughout uh during that discussion that we had um he. He ended up in the position that well browsers aren't interested in this. So why should we bother looking at it?

A

um You know which, uh which I think matches with with our current goals, uh except that um you know I think echoer is associated with some browser work and I tend to get similar responses from other people who who are in the browsers.

A

I had some offline communications, um they're, not public, and I don't want to name any names, but but some of these have contributed to my view that the people who are into browser security tend to be skeptical toward this, um the I think it will help to get the uh the sort of web transport integration running so that there's a an actual.

A

This was also one of the comments in the chat during the sec dispatch presentation, uh um I think from martin uh another luminary in the sort of security and browser space um martin thompson, and that was um uh that we needed a.

A

We need to have a uh an actual protocol with actual security properties before we can meaningfully discuss this, um and I think that's not an unreasonable position, um and so I I I don't entirely agree because I do think that the the security consideration stock lays out a lot of things that we that we need to hit in that protocol and has a good framework for sort of um for sort of thinking about it and, I think, is appropriate as a separate doc.

A

But in addition, I think they're saying that we're going to need to get something running. That would be.

A

um That would be a a sort of first stage proposal uh at how to do the secure transport um with web transport uh or or something else. um But I think that uh you know to go along with that. One of the other notions was like a sort of origin linked authentication of the objects that were delivered.

A

The suggestion was to dispatch to to cdni, but.

A

That that might be worth exploring in some sense to sort of see whether the origin uh can actually provide a response that validates the total receipt of everything. I'm not sure it's necessary, the way we're doing the authentication.

A

But um uh but it's I wouldn't say it's entirely off the table, um but I'm gonna see if, if we can do something just with datagrams and web transport first, um I started setting up like a local web transport, uh the web platform tests to run web transport against some browsers and then I'll be hacking on that. um I got sidetracked with ip6 dual stack work, which of course took much longer than I was expecting um so I'll speak about that a little bit.

A

But let me first pause and ask if there's any comments or questions on the sect, dispatch and tech sorts of things.

B

Do you think it's likely that in doing this, we will gain the browser vendors support? I I kind of worry that, if they're saying well we're not interested in this, like.

B

At what level is it we're not interested in this? Because we think that the security properties that, like that's too hard of a problem to solve or is it like, even if we were to develop a solution there, that we think is acceptable? Then there then there there are other reasons, perhaps that they're not yeah.

A

So we're interested.

B

To take this out.

A

Nobody yet privately or publicly has given me any indication that this problem is unsolvable, um that they believe this problem is unsolvable. I've asked that question explicitly to a number of people. All of them have declined to.

A

To take that position yet.

C

um Might if I can speculate a little bit, my guess is that it just doesn't fit into their mental model at the moment of how the web works, that they just haven't, put a lot of thought into it, and so they're unwilling to um commit one way or the other, because they just don't know enough yet yeah and.

A

That's also the audacity.

C

Of hope saying that as well.

A

So, uh with with that said, I I should say that um you know they that there is a position that it's going to be a high effort to update the web security model. To allow for this um that you know there there's.

A

You know this seems to be the default position of uh this is part of why I, I think uh the the people who've done a lot of web security. Work tend to be skeptical. Is that this is um they view this as as challenging, because it's different uh and their default position is that it's probably not worthwhile.

A

um You know in particular not worthwhile for them. uh I think most of them have not commented yet on the the sort of claim.

A

As about how much traffic could be saved, how much uh energy usage could be saved, so I I really think that to me it looks like they. They have not considered this problem uh seriously, yet yeah um and uh it might uh you know, is it likely that they will come around once they do consider it.

A

I tend to think so, but you know that might be my own biases speaking here. um This is.

A

You know the the alternatives do not help, in my opinion, with uh with user safety like what they're saying is this can't be in browsers not that users will be safer by keeping it out of browsers, um and this is, uh and the reason is because users end up doing something that scales anyway, because that's their only option for some of the content they want to receive um and the things that scale have the same exact privacy problems.

C

Can you can you restate that I didn't, I didn't understand what you what you meant by that.

A

So uh yeah yeah, um for example, the uh you know when you can't deliver it to a browser and it's a it's a high uh volume sort of event. What you end up doing is in order to deliver the high volume event. You use a a tv station kind of approach right, you send it to the isp who sends it to their to their customers and now what you've done?

A

You know the net effect of saying. Well, it can't be delivered over the web. It's too big.

A

The net effect that you end up with now is okay, so we deliver it through the isp uh by handing it to them explicitly, and then they give it to their customers as part of service, offering.

C

Right, the alternative is, the alternative is not oh well, I guess we're not going to do it because we're not going to view this content the content's going to get delivered. It's just going to get delivered in a proprietary and probably less.

C

You know a proprietary manner that has not undergone the kind of privacy review that uh we would expect from a standardized uh ietf w3c uh collaboration, yeah.

A

And, in fact, I I hope to do exactly that with the game blender for me, for example, so this wouldn't be done through a browser. This would be, you know, integrated into gaming platforms and start receiving game delivery.

A

You know likewise, I hope to do this with with the sort of smart tv devices um in some some of the specific ones, for some of the specific content owners that need to to do some delivery god. I hope.

C

Nobody finds out that I'm playing stardew valley, no just kidding.

C

um

A

Yeah I mean uh you know it's. uh It is a concern that that that people would find out what content is being delivered. That's one of the ones that's been raised. um Part of the response is that it's well a when it's popular enough, then that that's very discoverable anyway, through traffic analysis. This is even mentioned in the tls specs.

A

As a as a thing that tls is vulnerable to um and there's you know a never-ending stream of papers about how that works, you can defeat it, but only by making all the content look identical, which has a very high overhead, because everything has to be be it the size of whatever you're trying to hide it within.

A

So you have to have everything, be it the same size as the biggest thing you're sending essentially- or you know, a large volume of stuff being being at that size um and people aren't willing to do that right. It's like well. Are we gonna you're, saying we're gonna triple the traffic that we're gonna? Send um you know so that we can protect our users from discovering that from their isp discovering if they bother to look uh that their that they're downloading call of duty, um you know what are they gonna do with that information?

A

Why is this a threat model? We have to pay three times as much for delivery. To actually uh prevent you know, and and the answer is they don't do it today and there's no reason to think that they're gonna do it for the popular content?

A

And yet um you know ins like by telling them we can't use multicast while we're telling them that no, you have to do 30 times as much traffic instead um and I'm not sure why this is a different answer exactly, except that I think people haven't really thought through all the implications.

A

Yet, as far as I can tell there's this sort of getting people to take it seriously problem that multicast has that, I think is, is each new group that encounters it has to overcome that um and yeah all the web security stuff over the last decade has been done without any considerations for multicast, so uh we'll have to sort of rebuild that um in like in the multicast world and- and you know, do find out where there really are user threats, um because we, you know it is very important not to expose users to that.

A

Like I, I don't, I don't mean to diminish their concerns, um but uh but I think that most of the concerns that people have are coming from a place of not having yet engaged with the problem seriously um and with the problems they're raising and what the actual impact on users is, um and the scalability you know is just it's something. That's hard to turn your back on once you understand how big it is.

A

um So that's kind of where we stand. It's it's gonna, be an uphill climb to get even to get people to start looking at it there's a bit of an uphill climb. I think some people will look at it, but.

C

That that the the the argument for you know, I mean just the simple argument for uh let's make it part of the web security model, so that we kind of bring it into the light is something that we should probably add to the dock.

C

um Unless you think it's too on the nose, but it seems like it seems like a a framing that would that would be that some percentage of people who were interested in the question uh would be receptive. To I mean, if others other people.

D

Would.

C

Would disregard that, but I think it it it feels like it would be net positive to mention it.

A

Yeah, I mean certainly that's a point that lucas raised like this is reminiscent of of the sort of um what was the one you pointed out like uh a decade ago um or or even a few years ago, getting.

C

Rid of flash- oh dns, okay, yeah.

A

um So dns has turned into a privacy consideration sort of a sort of a thing and it was like well, you know eight years ago um it wasn't really on anybody's radar and over the last eight years it's turned into like well everybody's making uh encrypted connections to their dns now or there's a there's, a large portion of people that are doing it and people were, you know, scraping all that dns data, and now it's it's only the particular provider that you've chosen.

A

That gets this great pet dns data, not not everyone on the path, um and so there's uh there's sort of a an analogy here where there is a bunch of multicast traffic happening today. Nobody knows: what's what people are analyzing it and what they're getting out of it? um And so uh you know if there is really a privacy problem here, then it's a privacy problem, that's present today um and and it's something that that we should be thinking about and discussing.

A

If there's not actually a privacy problem, then I'm not sure why it's a blocker to getting it into the browsers in general. So um so that's kind of the the state of the discussion.

A

um I agree it should go into the doc uh yeah. That's a good point to raise. I don't know you want to you want to make an issue for it or and okay yeah.

C

Yeah I'll be good. Yeah ignore the message I just sent you until the end of the meeting. I just didn't want to forget it: okay, fair.

A

uh Let's see so, um I think that's about it. It's uh I'm hoping to get that discussion going between now and the march iatf and kind of see where things stand.

A

I don't know if we'll be ready for a buff, yet at the march ietf, but I'd like to you know, maybe if the discussion goes well but over the holidays, it really never does so, um but I'd like to get a buff at some point to reopen msec and take this document on, uh as well as some of the others that are listed in the sec dispatch presentation um and get uh get the the actual uh iatf consensus there, so um that project will be ongoing uh in parallel I'll, be doing uh the web platform tests for um for web transport and seeing if I can get together an actual, you know at least to start at a straw man protocol that has uh that has the actual characteristics that that I'd be looking to start with.

A

um You know focus specifically on web transport, the the first one on our charter for the uh for the multicast cg.

A

um So the reason I'm not further along on that uh so going to my next point on the agenda- was the um the dual stack uh relays. I tried to set some up um the I uh so the the where I'm running them is um is the there's some some test traffic on uh 23.212.185.2.

A

As the source and then 232.1.1.1 uh with port 5001., I can paste that into the chat here. If you want to paste it into the notes there, chris.

A

And uh those I'm bringing them up and down still there's still some pieces that I haven't been able to to properly test or get working, um but the relays uh I'm trying to get uh functioning and then my intent is to so giant also has brought up some um some multicast capability in their multicast working group. They actually have like a beer forward, plane um and uh and some pretty neat uh relays running.

A

They gave me an idea uh because they're playing some some uh public domain music over their multicast channel, which you can just leave running you don't have to be watching it right. So I I might do the same for some of my sources with the through vlc, where you can just leave it running and listen to some music.

A

I think that would be a good way to have it uh just active all the time. So I can notice if there's problems, um but anyway the the relay there is uh theoretically running in dual stacked. I I still am working on trying to get it uh functioning.

A

um You can do the discovery through dns for that source, I'm working on getting a v6 source together. I guess I can that address would be um I'll paste that one too, although I don't have the the sender up yet, unfortunately,.

A

Every part of the the ip6 work is is taking longer than uh than I would wish. um Unfortunately, there's uh there's challenges in um in the.

A

This challenge is at the aws level, just getting that dual stack functioning, um but that part is the part, that's working, but then inside the device. That's the that's running there. um It's not behaving the same. uh So if this is a an ubuntu uh sender in ip4, what I'm doing is I create a v pair and- and I just set the route to send it to one side of the v pair.

A

The relay listens on the other side of that v pair and that's how I get the traffic uh into the relay to be distributed to whoever's, trying to get it.

A

Unfortunately, the uh with ip6 for reasons I've not yet been able to track down setting the route does not seem to be sufficient. It's going out the the um the physical interface whether or not I have a route to go to the thief pair interface, and I'm I'm waffling between uh setting this up inside a net namespace versus. um So I know from previously working on it that if I set it up as a separate device, then the multicast traffic will not transfer between the the two aws instances.

A

So you have to tunnel it, which means you have to get it into the um into the.

A

Into the relay somehow uh or into some other kind of tunnel, um I don't know yet why the routing isn't behaving the way I expect it to, um and uh I think the network name space is the most promising way to to force it. uh I thought about trying it in a verf. Also I I I I might, but that seems like it has challenges too. um Anyway, I've been on this for a couple of weeks now, I'm hoping to actually end up with it running, but.

A

It's it's not uh it's not what I wish it was for sure. um So I guess uh anyone who who wants to work on that with me. Please do let me know and I'll um uh I'll hook you up and see. If you can help me troubleshoot it um but uh yeah, it's it's not fantastic, um but that one when it when I do set it up does have the same sort of I. I did get the relay discovery.

A

Part working for that, so that doing the same uh dryad lookup, with the um with the reverse ip of the of the source address, uh does find the the relay that it's supposed to be running on. I just don't have actual traffic sending there, so um I might give this another week uh before I abandon it, but I'm hopeful that in a week I'll I'll get through all the hoops that need to happen, um but I really do want to get onto the quick bit.

A

So I'm in the web transport part- uh and I feel like this- this ip6 digression is important because there's several people who are really interested in in making this work for ip6, but uh but not my core mission here either. So um so I don't want to let it go for too long. If I really can't get it.

A

um I guess any questions about that. I'd be happy to dive into more details, but I'm not sure it's the right place.

A

All right um great then, uh let's see did I have yeah. So I guess just in terms of next steps. My plan was to.

A

Kick off that msec discussion and to continue on the web transport.

A

Trying to get something working, I hope to have that by the next meeting, we'll see how it goes.

A

And I think that's all I had on the agenda. Did anyone have any other questions? Chris er uh casey? You were, um I think you mentioned last time. We met that you'd be willing to set up an ingest uh platform device to to pull traffic in from the relays that are discoverable uh with the dns.

A

um I don't think we arranged something that week and it was. It was kind of a busy month uh for me yeah, but um maybe do you want to do you want to set up a working session to try and bring one of those up in in your uh in your network or in lab.

D

Yeah.

D

Yeah, let me take a look at my calendar. I uh let me get the right window open.

A

This is basically the um the proof of concept work that we did with the with the four with the four other isps they set this up in lab. There was one that did it across their production network, but uh but the receiver was still lab set up um and uh yeah I mean, if you're, if you're willing to do that, then I think that that could be. um That could be good um and we can. We can bring up the the relay connectivity.

D

Yeah, it looks like this friday or wednesday of next week, are both pretty open for me right now, all right.

A

Yeah, I could do this friday uh when okay wednesday of next week, uh I think, there's there's a uh an event going on that week that I don't have yet on my schedule.

D

Well, let's, uh let's circle up after the meeting here and we'll pick a time on friday, sure that sounds great.

A

um All right, cool that'll be fun.

A

uh

A

All right, then, I think that's about all. I had um any other comments. Questions.

B

Yeah, so a question I I wasn't able to join the second screen group meeting did: was there anything useful that came out of that? um I'm just aware that that group was has has been designing protocols for use like on a local network that you know have web compatible security properties, so it may be wonderful.

A

Okay, good question: um I I think we had a reasonably interesting conversation there. um I think it it was pretty inconclusive. um You know they.

A

They did, uh they had looked at some of the privacy considerations, but had not, uh as I recall, considered whether it was necessary to um to do things like uh uh disable it in private, browsing mode or.

A

um um I I think, in terms of action items, it's probably right to circle back with them and see if those discussions ever go anywhere or went anywhere um or if they did any follow-up. I think I um they had some uh some other questions that I ended up.

A

I think they were more interested in that were like as tls connections to local devices um that ended up having some some discussion on github. um You know, I think a few people that were in that meeting came to the tpac discussion uh for multicast, but they did not later join the group or attend this meeting. Unfortunately, so um so I don't think I sufficiently interested them to to actually get involved at this stage. um uh So.

A

I I still think there's some overlap in some of the privacy considerations, especially kind of discoverability, of local, uh of local traffic like or of local devices.

A

Sort of information exposure between the browser and devices online- you know this is a concern that um there was a there was a presentation in mbondi at ietf, from tommy paulie at apple apple, uh introduced in the last uh within the last.

A

I think it was the version before this one, so maybe about a year ago, some protections against local discovery um so that you have to have like user permission uh before uh before an app can access can access apis that do local network discovery operations.

A

And you know some other.

A

Some other sort of protections like you can pre-register. uh You know at build time to have a.

A

You know to say what specific kinds of services or names you're going to be trying to discover with your application and then and then apple has some degree of control over uh over the apps that are allowed to do that. Apparently, they saw some abuses from from some sdks, often that the apps didn't even know were were doing sketchy things, but the sdks were were probing the local network in some ways, and so they so they lock down a number of local discovery. Sorts of things uh you can take a look at.

A

I think that was the first slot in mbd at itf. This last time.

A

So you can take a look at the at the notes. For that um I can. I can find the the link to the video. If you want to see it, um you know. I think that the second screen privacy considerations are of the same sort.

A

um Yeah, there's some overlap there and just like uh you know what tommy reported: it's not just multicast itself, but but the sort of local device communication discovery issues. um You know he didn't talk about.

A

What the actual abuse was like what the danger to users was, but there's a sort of abundance of caution. I think for things that are doing poorly understood, you know whatever is going on this. The sketchy uh try to discover information about your user and and their network environment.

A

um You know, there's a principle of data minimization or something that you know just want to expose all this stuff uh yeah. They seemed to. They seemed like they're in a reasonably similar place. There's like they haven't, really got uh much of an answer. They don't really know what the threat model is that they need to protect against.

A

um You know, yeah. I didn't see anything that was super helpful. I was hoping they had already just sort of solved this problem, um but I think it's some indication that the local network part is not necessarily what people are worried about at least right now, although I'm not sure it's what they shouldn't it's a thing they shouldn't be worried about, uh but in terms of browser security um and the feedback that people have gotten yet um yeah.

A

I feel like there's a there's, a sort of big gap here, where nobody really has a great uh understanding of what what's necessary to actually achieve, um and so there's a.

A

You know.

A

So far, I think it's been driven more by responses to to abuses, but we're seeing people push back on things that open up just new information. That's exposed, because every new piece of information that's exposed has some kind of fingerprinting at least and maybe starts to to present new threat models that we don't know what they are, and so in that sense uh it just sort of continues raising the bar for for what all needs to happen uh in terms of answering all the security questions.

A

So the uh yeah I I didn't feel like it ended up being as useful as I was hoping, I'm not sure it was useless, um but uh but I I don't, I don't think I walked away with like follow-up actions on this. Okay, so yeah.

A

Yeah good question, though I I did meet with them. I went to their session and some of the some of the people that were there came to my session, uh but I think we're were not really looking at the same problem.

A

On some of the privacy considerations, so it might be good to see what they land on to keep an eye on that um you know and whether it's a problem for them in the course of time, um but uh uh and it might inform our our later security considerations, I think, but I don't really know what to do with it beyond that right now: okay,.

A

All right, um then, thank you very much and I think we'll wrap it up. A few minutes early.

A

Nothing else thanks, guys I'll, send you an email, casey, we'll uh we'll talk about freddie. All right thanks, good great, have a good one. Thank.

B

You.

A

Bye, bye thanks chris for the notes. I really appreciate that again.

B

No worries, no he's just fine.