The IESG has just had a two and half days of meetings in Cambridge, Massachusetts. These events are an important opportunity for our group to meet and discuss broader topics and IETF work in more depth than is possible during the regular IETF meetings. This time our meeting discussed topics around IETF and Bluetooth collaboration, Internet privacy, IETF working group charters, the RFC series, area director job descriptions, mentoring, and many others.
The IESG discussed some of the trends around us, and the need to evolve the IETF system along with them. Some of the things we see in our future are linking the work on specifications to work on code and deployment through efforts like hackathons and interops. We also see a lower bar for participation, sponsorship models that focus on things beyond meetings, and increased online collaboration. We might even experiment with completely online virtual meetings in the future.
We also discussed the role of requirement, use case, and problem definition documents in IETF work. There is no one-size-fits-all approach to different working groups. But the IESG wanted to be clear that the essence of IETF work and the energy often comes from working on protocol solutions. We were concerned about cases where it takes a long time to get to that work. Working groups should NOT feel they need to sequence their work in waterfall style. In fact, working in parallel with solutions and other supporting documents (and code!) is often the best approach. And some of the supporting documents need not necessarily always be RFCs; wikis, for instance, are a fine approach as well.
Mark Powell, Executive Director for the Bluetooth SIG and Marcel Holtmann, Chair of the Bluetooth SIG Internet Working Group, joined us to discuss about IETF and Bluetooth organisations, and how we can work together. It was interesting to note that these — both highly successful — organisations work in quite different ways. But both use each other’s technology, such as the IETF 6LOWPAN encapsulation used in Bluetooth systems and Bluetooth being one of the obvious link layers underneath many Internet of Things deployments. In the future even more interaction between the two organizations is expected, as many devices connected over Bluetooth will need to communicate with a broad ecosystem of peers, some over the Internet and in the cloud. People capable of participating work in both Internet- and Bluetooth-level work are much needed in making this happen.
We also had an opportunity to interact with the local research community, and visited MIT Media Lab, focusing mostly on some of the emerging Internet of Things developments. The IESG was particularly interested in the security and semantic interoperability aspects of some of these efforts. Several of us wanted to stay in the “Lego Learning Lab — Lifelong Kindergarten” and start hacking something, but we had to return back to the meeting and other topics
We reviewed the state of work in improving privacy in the Internet, with a view to institutionalizing better handling of privacy in the IETF and IESG. We also considered management needs in an all-encrypted world brought up last year in the MARNEW workshop. Some good initiatives (LURK BOF, various ideas from the ACCORD BOF, and so on) are proceeding, and should be viewed as improvements that the IETF considers just like other proposals. The IESG also got an update on “Cryptowars” situation from Jeff Schiller.
The IESG discussed the role of Designated Experts in IANA allocations. These experts are obviously the primary decision point when allocation requests come from outside the IETF. But for IETF documents going through last calls, while we expect the experts to perform a review whose results are taken very seriously, the ultimate decision authority rests on the IETF community. The IESG will ensure that our processes take this into account.
Other topics in the meeting included looking at the role of the Independent Stream publishing path for RFCs, the path forward from discussions at the last IETF meeting about doing IPv4 work, scheduling training and newcomer’s events on Sundays before IETF meetings, training and mentoring activities in general, plenary arrangements, and many others. We also made a periodic review of the IESG Discuss criteria document, and moved some working groups between ADs to balance workload and find the right expertise. We also discussed a number of changes to the desired expertise for Area Directors which the IESG soon has to send to the nominations committee for the next round of leadership selections.
Of course, a big part of a retreat like this is not so much the specific topics, but giving an ability for the team members to know each other, talk to each other freely, and do some team building. This time we paid special attention to having parts of the meeting days reserved for unscheduled interaction. We also ran some of the discussion in an “open space” or “unconference” style, which seemed like a nice experience.
Finally, I wanted to thank John Leslie, Susan Hares for taking the essential notes, Alexa Morris, Kathleen Moriarty, and Alia Atlas for the various local arrangements and expertise, and EMC for hosting us at their office!
The IETF meetings are a busy time for many of the active participants, including members of our steering group or the IESG. Most of the time is spent in actual working group meetings, and there’s little time to reflect on broader issues. Every year the IESG finds some time for a “retreat” meeting to discuss topics with sufficient amount of time, to get to know the new ADs, do some team building, and so on.
This week the IESG meets for a couple of days in Cambridge, Massachusetts, hosted by Kathleen Moriarty and EMC — thanks! We will be talking about both organisational aspects as well as some interesting technical topics. Typically, retreats involve both us discussing internal matters as well as some interaction with other people. This year we are taking the advantage of being located near MIT, and drawing in on some of their experts on security and other topics. We’re also reviewing some aspects of the Internet of Things work program at the IETF, and have guests from Bluetooth SIG explain how they see the evolution of this space. We will also be continuing to pay attention to external trends affecting the IETF, and trying to understand how the organisation evolves due to, say, the growing importance of open source and the increasing ability of people to collaborate over the Internet in standards discussions.
The Internet Architecture Board (IAB) is also meeting in Cambridge next week. Their agenda includes discussion of cross-organisation workshops (such as the recently organised IOTSI workshop), RFC document format specifications, and some housekeeping around the IANA transition. The Internet Administrative Oversight Committee (IAOC) met already last week, and went through a number of issues, including preparation of our findings regarding IETF 100 in Singapore. Expect to see an email to the IETF list soon, and let us know what you think.
We had a great IETF 95 meeting in Buenos Aires a few weeks ago, with a lot of topics and many participants.
(Para ver un resumen de la reunión de Alvaro Retana haga clic aquí: video)
The rapid rise of the number of remote participants is interesting. While it is somewhat difficult to measure, we had maybe 500 people following the event remotely, and over 50 presentations were done remotely. We even had one of our steering group members participate remotely. This is as it should be: while the meetings are very important for networking, people should also be able to attend over the Internet. Duh, it is the Internet Engineering task force.
The second remarkable thing is of course that this was the first meeting in South America, and I was very happy to see the strong local participation — and an active one. It was good to see for instance groups of long-term Internet technologists and local students working together in the IETF Hackathon.
Altogether we had about 140 people from the region.
We had a bit over 1000 participants on site, perhaps slightly less than on more traditional IETF meeting grounds. Most of IETF meetings are held where the majority of participants come from. That was initially North America and Europe, but in the last decade or so the networking industry has grown tremendously in Asia, so we rotate there too. But there is a lot of activity, and many remaining problems in other areas of the world as well, so sometimes we’ll go out of our regular pattern.
The meeting was co-hosted by LACNIC and ISOC — thank you for stepping up to support this meeting! I was also very happy to see many local sponsors, such as IPLAN, CABASE, .AR, and NIC.BR. Thanks for the other sponsors as well: Neustar, Level 3, Comcast – NBC Universal, Huawei, A10 Networks, and ICANN.
A short version of the meeting summary in video form, made just after the meeting itself can be viewed here: video.
Technical Topics
Dealing with growth of encrypted traffic: This is one of the topics that I am personally interested in. We had two good meetings: LURK, on building a distributed system that allows Content Data Networks (CDNs) to employ HTTPS/TLS while not releasing a copy of the private keys to the CDNs. This improves security and enables a larger set of operators to provide caching services. Another meeting related to this topic was ACCORD, which was about whether either better queuing algorithms or more information about traffic flow priority would be useful for better scheduling of radio resources in mobile networks.
I’m looking forward to the continuation of these topics.
Internet of Things: This is also a very active and interesting area. One of the completely new topics this time was low-power wide area networks. Early steps in this area were discussed in the LPWAN BOF. Also, some IOT-related working groups have completed their initial batches of work and are now looking at new work. For instance, the CORE working group has rechartered. The WG is looking at data formats associated with COAP communications, new communication paradigms, and management aspects. The ROLL is also discussing its new charter and work.
This meeting also saw the first time the new Thing-to-Thing Research Group (T2TRG) meets officially at the IETF. This active research group is focusing on device-to-device communications, and has already met twice outside the IETF in the last few months. Finally, at the plenary we got a report from the recent IAB workshop on semantic interoperability problems. Read up here on what the issue is.
Security: There is plenty of work on various aspects of Internet security. One of the most interesting topics this time was the work on TLS 1.3, and the discussion on its super efficient 0-roundtrip initialisation mode, and under what conditions can replay attacks be avoided in that mode. See here for an explanation of the issue, and join the TLS working group for further discussion.
IETF Hackathon
This was a wonderful experience, both in terms of what got worked on and the people who participated. There were 30+ new people, including 10+ new to the IETF. And people worked on new exciting projects as well as important ongoing ones.
For instance, read Nick Sullivan’s story of implementing TLS 1.3 and making it live on Cloudfare network during the hackathon, Charles Eckel’s observations of the new style of working at the Hackathon, or Agustin Formoso’s experiences as a newcomer.
I also liked a lot Ole Troan’s project on adding source address routing to Vector Packet Processing (VPP). Another exciting new effort! There was also plenty of work on DNS privacy, big data, and many other things. We also have a new sponsor for this year’s IETF Hackathon events, Huawei! Thank you.
Admin Stuff
I was very happy to see Ericsson (my employer, for the sake of transparency) announce a long-term sponsorship agreement with the IETF. Ericsson joins Cisco, Juniper Networks, and Comcast – NBC Universal as one of the Global Hosts. Each commitment is very significant (roughly 1M USD) and will support the IETF for three meetings over the course of the next ten years. You are making the IETF’s work possible!
During the meeting, we announced that the IETF is putting up a team to help should there be any concerns of harassment. Feel free to contact this friendly team if needed.
Alia Atlas gave a talk at the plenary on challenges and opportunities associated with the IETF’s changing environment. For instance, our participation and funding models are changing as it becomes possible to attend remotely. Alias’s presentation is here and the draft on future trends is here.
We are also planning ahead our next meetings. During the administrative plenary we heard a concern about the future site for IETF 100. Our administrative committee, the IAOC, has taken that concern very seriously. It has promised to do two things. First, it will determine the situation and options regarding IETF 100. Second, it will provide more information to the community as planning for future meetings proceeds. Those tasks are still in progress, but as an example of the latter, we’ve announced a set of potential future meeting sites.
Next Up
¡IETF 95 se concluyo! ¡Gracias a LACNIC, Internet Society, Buenos Aires y a todos participantes!
The work continues, obviously, online. Our next meeting is coming up in July in Berlin, hosted by Juniper Networks. I want to draw particular attention to the IETF Hackathon, which is Saturday-Sunday July 16-17. Please join and make this event our largest open source and running code event so far!
The IETF Hackathon focuses on the “running code” aspect of the IETF process — specifications and software are best developed together. I wanted to share Nick Sullivan’s story of how his team built an implementation of TLS 1.3, as it is a good illustration of this principle.
Jari Arkko, IETF Chair
————
Over the last few years, the IETF community has been focused on improving and expanding the use of the technical foundations for Internet security. Part of that work has been updating and deploying protocols such as Transport Layer Security (TLS), with the first draft of the latest version of TLS, TLS 1.3, published a bit more than two years ago on 17 April 2014. Since then, work on TLS 1.3 has continued with expert review and initial implementations aimed at providing a solid base for broad deployment of improved security on the global Internet.
In February of this year, the Internet Society hosted the TRON (TLS 1.3 Ready Or Not) workshop. The main goal of TRON was to gather feedback from developers and academics about the security of TLS 1.3. The conclusion of the workshop was that TLS 1.3 was, unfortunately, not ready yet.
One of the reasons it was deemed not yet ready was that there needed to be more real-world testing of independently written implementations. There were some implementations of the core protocol, but nobody had put together a full browser-to-server test. And some of the more exciting new features like PSK-based resumption (which brings improved forward secrecy to session tickets) and 0-RTT (which reduces latency for resumed connections) were still unimplemented.
The latest IETF Hackathon held two days before IETF 95 provided the kind of focused and collaborative environment that is conducive for working through implementation and interoperability without distraction. In Buenos Aires, I was joined by key members of the Mozilla team (Eric Rescorla, Richard Barnes and Martin Thompson) as well as some other great people who joined the team on the dates of the Hackathon. We had two main stacks to work with: NSS, the cryptography library that powers Firefox; and Mint, a Golang based implementation created by Richard Barnes that I had set up on tls13.cloudflare.com.
The goals were:
Finish integration with Firefox so we can do an HTTPS request
We also had a stretch goal of getting 0-RTT working between Firefox and CloudFlare’s test site.
Getting TLS 1.3 integrated in Firefox took until late Saturday night (we continued in the hotel bar after the Hackathon room closed), but after fighting through segmentation faults, C++11 lambda issues, and obtaining a trusted certificate through Let’s Encrypt, we were able to see a glorious “Hi there!” with a lock icon in Firefox. By the end of the Hackathon on Sunday, we were able to browse the TLS 1.3 specification on tls13.cloudflare.com with PSK-based session resumption in Firefox.
Although we were not able to get 0-RTT working between Firefox and CloudFlare in time for the demo (we were so very close), the Hackathon was deemed a success and we were given the “Best Achievement” award. It was great experience and proved invaluable for understanding how TLS 1.3 will work in practice. I’d like to thank the IETF for hosting this event and Huawei for sponsoring it.
The work at this Hackathon and the subsequent meetings at IETF 95 have helped solidify the core features of TLS 1.3. In the coming months, the remaining issues will be discussed on the TLS Working Group mailing list with the hope that a final draft can be completed soon after IETF 96 in Berlin.
I am pleased to announce that Ericsson has just signed a MoU with the ISOC (Internet Society) in which Ericsson commits to support the IETF in a ongoing fashion. In particular, Ericsson will host a number of IETF meetings during the next few years. Ericsson, which is the largest mobile network infrastructure vendor in the world, already hosted the summer IETF meeting in Toronto (Canada) in 2014. Now we are sending a message to the Internet community that we are serious about supporting the IETF in the longer term as well.
We want to support the IETF because of the technical specifications it produces and also because of its importance as a forum to achieve industry alignment. The IETF is a great venue to discuss with the relevant players in the Internet community and align views on important topics.
On the technical front, Ericsson’s vision of the Networked Society is that everything that can benefit from being connected will be connected. Consequently, we are interested in technologies supporting the IoT (Internet of Things). We need protocols that are designed for devices with different types of constraints and connectivity patterns. We are also interested in technologies that are flexible enough to be deployed in heavily virtualized environments, including data centers. In these extremely flexible environments, management and orchestration systems need to evolve as well in order to support zero-touch operations in many network scenarios.
When it comes to applications involving humans, real-time communications and media delivery are high in our agenda. We need technologies that enable enhanced interactions beyond what current video and voice over IP systems currently provide. Technologies that increase the security and efficiency of networked services and the privacy of their users are of extreme importance now that more and more mission-critical operations depend on them.
Many of the technologies above, which are needed to fulfil our vision, are developed at the IETF. We are happy to see that the IETF keeps working on relevant technologies over time. Additionally, we also welcome the ongoing work on improving IETF internal processes and on integrating open source efforts into them. Any efforts that decrease the time to market of new applications and services are obviously important.
We are also glad about ISOC’s efforts aimed at making it easier for companies to support the IETF. Nowadays both large and small companies can support the IETF in many different ways, from long-term support deals involving the hosting of several IETF meetings to sponsoring a particular beverage break at an IETF meeting. Even single individuals can support the IETF through the ISOC.
In summary, the IETF brings together a diverse set of Internet players to develop technologies that are directly relevant to the fulfilment of our strategic vision. Our support, together with the support of
many other players, will ensure the economic viability of the IETF also in the future.
Gonzalo Camarillo
Head of Data/IT Standardization at Ericsson
In 2013, the IESG set the IETF anti-harassment policy. The IETF strives to create and maintain an environment in which people of many different backgrounds are treated with dignity, decency, and respect. Those who participate in the IETF are expected to behave according to professional standards and demonstrate appropriate workplace behaviour. IETF participants must not engage in harassment.
Last year, we concluded the process to write a BCP that defines the anti-harassment procedures, should any concerns arise. That BCP has now been published as RFC 7776. The RFC specifies that there shall be a specialist team that can be reached for help, advice, and possible actions regarding harassment concerns.
I’m happy to announce that Allison Mankin, Pete Resnick, and Linda Klieforth have accepted to become the initial members in this team. They are preparing for this role, working on their operating practices as defined by the RFC, and we are setting up additional training for them. I am though happy to have them serving in this role, given that they have a lot of experience. Allison and Pete of course have a long experience about the IETF culture, topics, and leadership roles. In addition, Pete has volunteer experience from violence and discrimination related tasks. Linda Klieforth has been the acting ombudsperson for the IETF since 2013, and is the head of HR at ISOC. And Allison has a lot of experience about the way IETF selects leadership.
Please welcome Linda, Allison, and Pete to this role. Feel free to contact them if you have any concerns, they are a very easy set of people to talk to, they will be here in Buenos Aires, and obviously everything you tell them will be kept in confidence as requested, as defined in the RFC.
Also, while this isn’t strictly about harassment, this post seems like a good opportunity to remind everyone about behaving nicely. Please pay attention to how you interact with other people in the meeting and elsewhere. Think how you present criticism, for instance, and behave otherwise in a professional manner. I know you will, but sometimes spending a few seconds to think about how you go about a situation can make the experience so much better for everyone.
A recent Internet Draft noted the growing Free and Open Source Software movement as a trend that the IETF, as a community, can participate in by helping open source and open standards work together. As the draft states, “Open source and open standards have a natural and symbiotic relationship, and implementing open standards through open source projects strengthens the standards and the community at large.” IETF Hackathons, begun just last year, tangibly address this and promote the connection between open source and open standards by providing a focal point for developing open source implementations of standards developed in the IETF.
As a first measure of success, participation in the three IETF Hackathons held last year exceeded expectations and drew in contributors that weren’t already participating directly in the IETF itself. Perhaps even more importantly, work at IETF Hackathons has identified issues with standards still under development by IETF working groups, providing invaluable information about what worked and what didn’t work in real operating network environments. IETF Hackathons are not only an example of the “running code” that has been a touchstone of the IETF since the beginning, but they have also helped improve the standards as they are developed.
Therefore I’m very pleased that Huawei will be sponsoring the IETF Hackathon events associated with each IETF meeting throughout 2016. The first 2016 IETF Hackathon will be held just ahead of IETF 95 in Buenos Aires starting on Saturday April 1st. There are already more than 90 individuals registered for the event to tackle topics such as DNS (including DNSSEC and DANE), NETVC, TLS, and NETCONF/YANG.
And remember: it’s not too late to sign up to participate! Many Hackathon participants also attend and participate in the IETF meeting, but IETF attendance is not required, and participation in the Hackathon is free.
Of course, we’re also looking forward to the other IETF Hackathons for the rest of the year, in Berlin in July and in Seoul in November. I encourage you to share information about the IETF Hackathons to anyone you know who might be interested in helping to bring together open Internet standards and open source. I am looking forward to seeing everyone in Buenos Aires.
Barry Leiba, Huawei (also, an Applications and Real-Time Area Director at the IETF)
This morning I arrived in Buenos Aires, where volunteers and staff have been busy preparing for our 95th IETF meeting. It looks like everything is ready, the network is up and the hotel facilities look great.
I wanted to make a couple of observations. First, many volunteers arrive early to an IETF meeting to help make the meeting network work and the meeting a success. Thank you!
Secondly, I think we are being treated to a dose of real networking experiences around the world. The IETF network is as good as networks come anywhere, but we are far away. What does it feel like when you favourite data centre is no longer 10ms away? Big parts of the world are in that situation and have less intercontinental connectivity than we do in Europe or North America. It might be helpful for us to remember that and figure out if there are ways for us to improve our technologies to accommodate those situations even better than they do today.
In terms of travel, the immigration process at the Ezeiza airport seemed quick, queuing included well under ten minutes for me. The taxi ride from the airport to the city took an hour, given some traffic in the city end, and cost 500 Pesos. The city is sunny today, temperature now 23 degrees and rising. My luggage was left somewhere in Europe, but hey, as long as the network is up and there’ll be a t-shirt in this IETF, I should be fine
Looking forward to seeing you all soon here in person soon!
Or, if you have been unable to travel to the meeting, we would like to hear from you during the meeting, remotely. If you plan to participate remotely, please register and choose “Remote Participant” as your Registration Type. The remote participation facilities are listed here.
The IETF is about interoperation. Yes, IETF participants like cleaner architecture, and more elegant solutions, and so on. But at bottom, both “rough consensus” and “running code” are all about making diverse things work together as much as possible. We need to make the pieces line up.
One of the places that things — or, in this case, “Things” — need to line up is in the application layer. For the Internet of Things (IoT) to become the reality many popular accounts would suggest, the various kinds of Things need to be able to talk to one another, and not only at the lowest levels. The promise of the Internet of Things is that the lights and the thermostat and the garage door can all collaborate to make your house more comfortable. Land use and transportation could be more efficient if cars and parking spaces — or people needing a ride — could find one another. Electrical supply and demand could be matched better if the different electrical appliances could talk to each other reliably to smooth consumption. And the whole system is likely to be better overall if each part works together no matter who made each device — just the way the Internet has grown and succeeded.
About a year ago, Dave Thaler and Hannes Tschofenig talked, at the IETF Technical Plenary, about architectural issues in the Internet of Things. A key theme there was the duplication and gratuitous difference arising from many organizations independently defining data models or schemas for each type of IoT device. For example, there were already many different definitions of what a light bulb was!
Facing this issue brought many people together — including but not only those who participate in the IETF, W3C, OMA, AllSeen Alliance, OCF, NIST, CableLabs, ZigBee, and ETSI. We convened at the IOTSI workshop in the Ericsson offices in Santa Clara, California. For two days, we tried to work out ways to improve semantic interoperability. How can diverse systems interoperate? Are better standards in information models or data models needed? Is a single framework necessary, or is some sort of mapping possible? What can you do when frameworks are formally incompatible? And what do we do about end to end security when intermediate security models are incompatible?
The really uplifting news from the workshop is that people from many different sectors of the industry all agree there is a serious problem to be solved. Some groups had already started developing common solutions for some things. But the level of information sharing across the group was quite encouraging. This is how interoperation works best: not by trying to impose a single model, but by people with different interests all recognizing a common problem.
There are security implications from all this, too. If different frameworks have radically different security models, then getting end to end security may be nearly impossible — especially if a translator is needed. In the presence of translators, data privacy will also be a problem. We recognized the challenge before us.
Of course, recognition is just a first step. We still need to get from that recognition to making Things work well together, at every layer. The workshop, and its results, will come in a workshop report — appearing soon in an Internet-Draft repository near you. But more important than the report are the follow-on activities. We agreed to start with a wiki to provide pointers to schema repositories as a first concrete step, with further developments to follow. We — in the IETF, in other SDOs, and in industry — have an opportunity to make interoperability in the Internet of Things the positive force that earlier Internet innovations were. Interoperation is what we do, so let’s do it again.
Dave Thaler, Member of the IAB, and Andrew Sullivan, Chair of the IAB
It’s almost time to pack our bags and head south to Argentina. This is the IETF’s first ever meeting in Latin America!
Buenos Aires sits in front of the majestic (220km wide!) Río de la Plata and the metropolitan area is home to approximately 15 million people (the second largest in South America). There is much to experience in a city known as the birthplace of the Tango: music, arts, theater, and even Avenida 9 de Julio, the widest avenue in the world — all sights and sounds to take in
Let’s not forget we’re making the trip to work! Yes, in between dulce de leche and Argentina’s famous asado the IETF has a full agenda to continue our mission of making the Internet work better. As always, our week starts on Saturday with the Code Sprint and the Hackathon, both great reminders of the importance of running code. The rest of the week is full of activities, including a significant number of BoFs and new research groups.
The IETF has been meeting for 30 years. It makes me very proud that a Latin American city was chosen as the site for IETF 95. Even though several current active participants are from the region, the opportunity to increase the participation and contribution has not been missed. To that end, LACNOG, with very strong support from the Internet Society and LACNIC, have been working tirelessly for the last 3 years to encourage the participation from people in the region in IETF processes and discussions (ietf-lac). The community of people aware, interested and actively participating has grown significantly through this effort.
One of the important effects of the evangelization work has been the proliferation of remote participation. Through the creation of remote hubs, run by local volunteers in universities and corporate sites, the attendance from Latin America has grown more than 10 times. This effect has now expanded and we now expect significant remote attendance not only from growth regions, but even from parts of the world where IETF participation is well established, the US for example. The meeting wiki will be collecting information about the remote hubs as they are confirmed.
Buenos Aires and its people are proud, open and welcoming. A wonderful representative of Latin America. Even though I was born more than 5500 km from the meeting site (hint: not in Argentina), I always feel at home in Buenos Aires. I am looking forward to all of us having a great meeting!
