Minutes IAB Meeting at IETF58 9-13 November 2003 _________________________________________________________________ ATTENDING Leslie Daigle -- IAB Chair Bernard Aboba Harald Alvestrand -- IETF/IESG Chair Rob Austein Patrik F„ltstr”m Sally Floyd Jun-ichiro Itojun Hagino Mark Handley Geoff Huston Charlie Kaufman James Kempf Eric Rescorla Mike St. Johns Vern Paxson -- IRTF Chair Bert Wijnen -- Liaison from the IESG Lynn St. Amour -- Liaison from ISOC Joyce Reynolds -- Liaison from the RFC Editor APOLOGIES NEXT SCHEDULED MEETING Tuesday, 9 December 2003, Teleconference _________________________________________________________________ AGENDA 1. RSSAC Liaison Report 2. Review of IAB Advisory Committee Report 3. Consideration of IPv6 Site Local Appeal 4. Liaison to Global Grid Forum 5. Review of Architectural Implications arising from Network Abuse 6. Review of Identifiers and End-to-End Considerations 7. Review of IRTF Anti-Spam Research Group 8. IETF 58 Plenary Sessions _________________________________________________________________ NOTES 1. RSSAC Liaison Report Rob Austein 1) There is some level of interest within this forum for undertaking some activity in the IETF relating to the server- id concept. This is being investigated with the relevant IETF Working Group chair. 2) Some server operators have deployed IPv4 anycast as part of their deployment. The RSSAC has commenced investigation with the IPv6 equivalent, and have noted some differences in the IPv6 anycast specification. There is a request via this liaison to the IETF for some clarification in this aspect of the IPv6 specification. The liaison will followup on this action. 3) It has been noted that there is a schedule clash with IETF 59 and the next ICANN meeting, and any scheduling ability to reduce the impact on this for RSSAC members who are active in relevant DNS WGs would be appreciated. 2. Review of IAB Advisory Committee Report [Sunday, 9th November] The IAB, in a joint session with the IESG, reviewed a draft of the IAB Advisory Committee Report. The IAB accepted the Advisory Committee's advice regarding a review of the Committee's report by the IETF community, and the report's findings were presented at the IETF 58 Plenary. The IAB and IESG agreed to the following steps: 1. The IETF and IAB chairs to work from the Advisory Committee's report and develop a proposed set of actions, in conjunction with a small team. 2. The IETF and IAB chairs to present proposals to the IAB and IESG. 3. The IAB and IESG to determine an overall direction from among the proposals. 4. Presentation of direction to the IETF, including any requests for ratification through a rough consensus process when appropriate The IAB chair will publish the IAB Advisory Committee's final report as an IAB Internet Draft. 3. Consideration of IPv6 Site Local Appeal [Tuesday, 11th November] The IAB met in restricted session (Voting Members of the IAB) and considered a draft response to the IPv6 site-local address appeal. The IAB agreed to respond to the appellant prior to the IETF 58 Plenary and include the IAB response to the appeal in the Plenary agenda. The IAB response is archived at: 4. Liaison to Global Grid Forum [Tuesday, 11th November] The IAB nominated Brian Carpenter as the IETF's liaison to the Global Grid Forum. Brian was requested to provide the IAB with a list of work items that require some level of IETF attention from the perspective of the GGF. 5. Review of Architectural Implications arising from Network Abuse [Tuesday, 11th November] The IAB considered a number of reports concerning the rising levels of network abuse, including trends in volumes of spam, trends in email-carried virus activity and direct attack via worms. It was noted that the rise in spam levels is such that it is now at a point of overwhelming genuine mail traffic, while various forms of direct attack of end systems continues without any noteable abatement. The IAB considered that security implications may result from these trends, and what form of mediation in the form of active middleware may be required to assist end users to negotiate a transaction across a potentially hostile and noise-prone network. 6. Review of Identifiers and End-to-End Considerations [Tuesday, 11th November] The IAB reviewed the current progress in IAB drafts on futures of end-to-end and on Internet Identities. 7. Review of IRTF Anti-Spam Research Group [Thursday, 13th November] The IAB was joined by Dave Crocker, Yakov Shafranovich, John Levine and Alan DeKok from the ASRG. The intent of this session was to provide some perspectives as to any outcomes from the ASRG effort that the IETF could be doing at this point in time. It was noted that there was no single solution to this problem, and that measures in a number of areas, including legal, social and technical were underway. It was also noted that many of the measures may mitigate the problem, but complete removal through detection and eradication was not a current realistic outcome. It was also noted that any approach considered by the IETF would be applied in conjunction with other approaches. It was also noted that spam is an adaptive behaviour, and the salient question when considering approaches is not necessarily focussed on what would happen today if the proposed technology were deployed, but what is likely to happen in response to deployment. It was also noted that there are a diverse collection of different email constituencies and something that may work in one context may be devastating in another. For example challenge-response mail delivery systems is not applicable for all. The problems in coming up with technical solutions is the different communities and the diverse way in which people communicate. The "Reverse MX" approach is one potential approach that could be used in combination with other measures to reduce the overall problem, although it is noted that it relies on large scale adoption in order to be effective. Other technology approaches require further architectural judgement. It was noted that there appeared to be no clear view in the ASRG as to when an approach is considered to be 'ready' for the IETF. Some individual approaches have been tested in implementations, but systematic data collection using these approaches has not been undertaken. It was also noted that taking things into the IETF has high overhead and effort. The intended approach in the RG is that if the proposal has been well-documented, no obvious flaws, has some implementations, then the basic approach is to then pass this to the IETF for consideration. 8. IETF 58 Plenary Sessions [Wednesday, 12th November and Thursday 13th November] The presentation material used at the plenary sessions was as follows: - Introduction and IETF Chair Report plenary-agenda.pdf - IAB report iab-chair-plenary.pdf - IAB report on IPv6 Site Local Address Appeal appeal.pdf - IRTF report irtf.pdf - IANA report iana.pdf doug_barton_intro.pdf - RFC Editor report rfc-editor.pdf rfc-editor-report.pdf - IAB Advisory Committee advcomm-report.pdf advcomm-conclusions.pdf - IESG Reports iesg-overview.pdf iesg-wgchairs.pdf iesg-review.pdf - Architecture Session - Insecuurities at the Edge Introductory Session Notes: Attachment A iab-arch-plenary.pdf - Open Mic session plenary-questions.pdf _________________________________________________________________ ACTIONS DNS and IDN Document Rob Austein, Patrik Faltstrom, Geoff Huston [Feb-03] [current Status: Coordinate IETF document between Ads and WGs -> A document to answer the specific issues about IDN is needed. IANA instruction for 2.0.0.2.IP6.ARPA Geoff Huston [Jul-03] [current Status: Draft instructions to IANA concerning instruction to delegate 2.0.0.2.IP6.ARPA to the RIRs -> Advised RIRs that Patrik Faltstrom and Rob Austein are to be involved in the RIR implementation, as IAB-nominated experts, to assist in the design. Initial RIR design draft has been passed to Patrik and Rob for comment. -> IAB ExecD has been advised that the RIRs have formed the Number Resource Organization (NRO), and the NRO is expected to encompass common RIR functions such as proposed here. The RIRs have been requested to advise the IAB if the NRO is to be the intended delegation point. Awaiting RIR response to this query IAB Mailer Leslie Daigle, Geoff Huston, Eric Rescorla [Jul-03] [current Status: Add virus scanner and some form of challenge/response gateway to IAB mailer to manage increasing spam volume -> Select new list moderators and consider new strategy for list management IAB Web Mail Geoff Huston [Jul-03] [current Status: Implement a web-based mail-deposit archive for IAB members -> Evaluating alternatives OMA Liaison Geoff Huston [Sep-03] [current Status: Response sent to OMA Liaisons Leslie Daigle [Sep-03] [current Status: Liaison procedures and roles need to be defined in a document -> draft circulated to IAB IESG Query - Protocol Validity Checks Patrik Faltstrom, Rob Austein [Oct-03] [current Status: Respond to IESG query - requested response date is 7 November -> draft circulated to IAB IETF Prep Geoff Huston [Oct-03] [current Status: Architectural Issues in WGs - create status page for IAB use -> Deploy an IAB member submission process / issues tracker IPv6 Address Architecture All [Nov-03] [current Status: review IPv6 address architecture (draft-ietf-ipv6-addr-a- rch-v4- -> Review draft to ensure that the draft is consistent with IAB appeal comments Liaison to Global Grid Foundation Leslie Daigle [Nov-03] [current Status: Advise GGF's Charlie Catlett of Brian Carpenter as the IETF's liaison to the GGF -> Request Brian to submit a list of items for possible IETF attention from the GGF perspective IETF / IEEE 802 joint workshop Bernard Aboba, James Kempf, Russ Housley, Thomas Narten [Nov-03] [current Status: Commence organisation of a joint IETF / IEEE 802 workshop, involving chairs of IEEE 802, & IETF WGs that need to work together. POtential topics to be covered include IETF DNA / IEEE handoff ECSG, EAP WG / 802.11, CAPWAP / 802.1af/802.11 and IRTF Mobility/ IEEE Fast Handoff SG _________________________________________________________________ DOCUMENTS Security Mechanisms for the Internet http://www.ietf.org/internet-drafts/draft-iab-secmech-03.txt Charlie Kaufman, Steve Bellovin [May-01] RFC Editor Status: RFC Editor Queue - AUTH48 -> (current) Authors comments have been returned to RFC Editor A survey of Authentication Mechanisms http://www.ietf.org/internet-drafts/draft-iab-auth-mech-02.txt Eric Rescorla [Apr-02] current Status: Ready for IAB to send an IETF Call For Input -> (current) Leslie to undertake an IETF Call Internet Architecture and End-to-End http://www.ietf.org/internet-drafts/draft-iab-e2e-futures-04.txt James Kempf, Rob Austein [Jul-02] current Status: Ready for IAB to send an IETF Call For Input Internationalized Resource Identifiers http://www.ietf.org/internet-drafts/draft-iab-char-rep-00.txt Leslie Daigle [Nov-02] current Status: Drafting -> (current) Leslie to revise the draft Transport Controls for VOIP http://www.ietf.org/internet-drafts/draft-iab-congestion-01.txt Sally Floyd, James Kempf [Nov-02] current Status: IETF Call for Input -> (current) closed 14/11/03 ISOC Trustee Appointment Process http://www.ietf.org/internet-drafts/draft-iab-isocbot-01.txt Leslie Daigle [Nov-02] RFC Editor Status: RFC Editor Queue (14-Oct-03) - RFC-EDITOR IAB Research Agenda draft-iab-research-funding-02.txt Sally Floyd, Vern Paxson, Ran Atkinson, Mike St Johns, John Crowcroft [Jul-02] current Status: IETF Call for Input -> (current) closes 2/12/03 IAB Overview http://www.iab.org/about/description.html Eric Rescorla [Mar-03] current Status: drafting updates -> (current) iab review IAB Considerations on Discovery Mechanisms and IPv6 Bernard Aboba, James Kempf [Mar-03] current Status: Drafting -> (current) Redraft as a descriptive framework plus individual proposed contributions as desired (next) Bernard will circulate draft Protocol Models http://www.ietf.org/internet-drafts/draft-rescorla-model-00.txt Eric Rescorla [May-03] current Status: Drafting -> (current) Document protocol models (next) submit as IAB Draft (experimental) Internet Identities http://www.ietf.org/internet-drafts/draft-iab-internet-identities-00d.txt Patrik Faltstrom, Geoff Huston [Jul-03] current Status: Drafting -> (current) Document on Internet Identity realms (next) Cross-reference this document with e2e document DOS Attacks http://www.ietf.org/internet-drafts/draft-iab-dos-200378.txt Mark Handley [Sep-03] current Status: Drafting -> (current) Document on DOS attack forms (next) submit as IAB draft (informational) AdvComm Report http://www.ietf.org/internet-drafts/draft-iab-advcomm-output-00g.txt Leslie Daigle [Nov-03] current Status: Drafting -> (current) Publish IAB Advisory Committee Report (next) submit as IAB draft (informational) Liaison Management http://www.ietf.org/internet-drafts/draft-iab-liaison-mgmt-00.txt Leslie Daigle [Nov-03] current Status: Drafting -> (current) Publish as Internet-Draft _________________________________________________________________ Attachment A Open Architecture Discussion Topic: Are Insecurities at the Edge the Biggest Challenge Yet to the End-to-End Model of the Internet? When we think of DDOS and Internet-propagated virii, we typically focus on the bad behaviour of the instigator. And, as recent years have seen a massive increase in the amount of malicious and/or unsolicited traffic on the Internet -- denial of service attacks, worms, virii, spam -- we are painfully aware of the costs. Not only end-users are impacted, in the case of spam: anyone setting up mail service has to provision it to handle the amount of traffic it will get, not just the amount of legitimate traffic. Looking at the rate of increase of these attacks -- e.g., the spike in spam after the SoBig virus was detected -- it seems that the viral nature of propagation has its own set of implications: not only must we deploy countermeasures within the network to avoid the flattening of endpoints under attack, it is increasingly obvious that "endpoints" as we know them cannot be trusted. If endpoints cannot be trusted, then the proposed longer term solutions for spam that are based on authenticating senders via credentials will not succeed as the only solution. Imagine if you will a situation where if present trends continue we might project seeing things such as the following: a. Continuous DDOS attacks against the Internet infrastructure. b. Releases of multiple CERT advisories *every day* c. Virus traffic + spam + patches + file "sharing" traffic comprising the overwhelming fraction of total Internet bandwidth d. Organizations restricting or actually *decommissioning* use of email. The combination of all these trends makes the threat to the end-to-end model from NAT or filtering look fairly minor. This discussion will include brief presentations outlining some metrics used to determine the trendlines and attempt to determine the current scope of the problem and the slope of the trend line. The important points for further discussion are: 1/ what are some of the additional implications, in terms of work the IETF could and should be doing? 2/ since the data shows that a substantial amount of malicious traffic (worms, ddos, virus propagation) is virally generated and operating with the full rights and priviledges of some real user, to what extent is conventional authentication & authorization technology useful? This is meant to be an interactive discussion amongst all the engineers and architects in the plenary; please come prepared to share thoughts and pointers. _________________________________________________________________ These minutes were prepared by Geoff Huston; comments should be sent to iab-execd@iab.org. An online copy of these and other minutes is available at: http://www.iab.org/documents/IABmins/ The IAB Web page is at http://www.iab.org _________________________________________________________________ Previous Meeting: 4 November 2003 Next Meeting: 9 December 2003 _________________________________________________________________ This page is maintained by the IAB Executive Director for the IAB.