Minutes
IAB Meeting at IETF58

9- 13 November 2003

ATTENDING

APOLOGIES

NEXT SCHEDULED MEETING

AGENDA

1. RSSAC Liaison Report
2. Review of IAB Advisory Committee Report
3. Consideration of IPv6 Site Local Appeal
4. Liaison to Global Grid Forum
5. Review of Architectural Implications arising from Network Abuse
6. Review of Identifiers and End-to-End Considerations
7. Review of IRTF Anti-Spam Research Group
8. IETF 58 Plenary Sessions

NOTES

1. RSSAC Liaison Report

   RSSAC
   Rob Austein:

   1. There is some level of interest within this forum for undertaking some activity in the IETF relating to the server- id concept. This is being investigated with the relevant IETF Working Group chair.

   2. Some server operators have deployed IPv4 anycast as part of their deployment. The RSSAC has commenced investigation with the IPv6 equivalent, and have noted some differences in the IPv6 anycast specification. There is a request via this liaison to the IETF for some clarification in this aspect of the IPv6 specification. The liaison will followup on this action.

   3. It has been noted that there is a schedule clash with IETF 59 and the next ICANN meeting, and any scheduling ability to reduce the impact on this for RSSAC members who are active in relevant DNS WGs would be appreciated.

2. Review of IAB Advisory Committee Report
   [Sunday, 9th November]

   The IAB, in a joint session with the IESG, reviewed a draft of the IAB Advisory Committee Report.

   The IAB accepted the Advisory Committee’s advice regarding a review of the Committee’s report by the IETF community, and the report’s findings were presented at the IETF 58 Plenary.

   The IAB and IESG agreed to the following steps:

   1. The IETF and IAB chairs to work from the Advisory Committee’s report and develop a proposed set of actions, in conjunction with a small team.

   2. The IETF and IAB chairs to present proposals to the IAB and IESG.

   3. The IAB and IESG to determine an overall direction from among the proposals.

   4. Presentation of direction to the IETF, including any requests for ratification through a rough consensus process when appropriate

   The IAB chair will publish the IAB Advisory Committee’s final report as an IAB Internet Draft.

3. Consideration of IPv6 Site Local Appeal
   [Tuesday, 11th November]

   The IAB met in restricted session (Voting Members of the IAB) and considered a draft response to the IPv6 site-local address appeal.

   The IAB agreed to respond to the appellant prior to the IETF 58 Plenary and include the IAB response to the appeal in the Plenary agenda.

   The IAB response is archived at: http://www.iab.org/appeals/2003-11-tlh-ipv6-site-local-response.html.

4. Liaison to Global Grid Forum [Tuesday, 11th November]

   The IAB nominated Brian Carpenter as the IETF’s liaison to the Global Grid Forum. Brian was requested to provide the IAB with a list of work items that require some level of IETF attention from the perspective of the GGF.

5. Review of Architectural Implications arising from Network Abuse [Tuesday, 11th November]

   The IAB considered a number of reports concerning the rising levels of network abuse, including trends in volumes of spam, trends in email-carried virus activity and direct attack via worms.

   It was noted that the rise in spam levels is such that it is now at a point of overwhelming genuine mail traffic, while various forms of direct attack of end systems continues without any noteable abatement.

   The IAB considered that security implications may result from these trends, and what form of mediation in the form of active middleware may be required to assist end users to negotiate a transaction across a potentially hostile and noise-prone network.

6. Review of Identifiers and End-to-End Considerations [Tuesday, 11th November]

   The IAB reviewed the current progress in IAB drafts on futures of end-to-end and on Internet Identities. [Presentation]

7. Review of IRTF Anti-Spam Research Group
   [Thursday, 13th November]

   The IAB was joined by Dave Crocker, Yakov Shafranovich, John Levine and Alan DeKok from the ASRG.

   The intent of this session was to provide some perspectives as to any outcomes from the ASRG effort that the IETF could be doing at this point in time.

   It was noted that there was no single solution to this problem, and that measures in a number of areas, including legal, social and technical were underway. It was also noted that many of the measures may mitigate the problem, but complete removal through detection and eradication was not a current realistic outcome. It was also noted that any approach considered by the IETF would be applied in conjunction with other approaches. It was also noted that spam is an adaptive behaviour, and the salient question when considering approaches is not necessarily focussed on what would happen today if the proposed technology were deployed, but what is likely to happen in response to deployment. It was also noted that there are a diverse collection of different email constituencies and something that may work in one context may be devastating in another. For example challenge-response mail delivery systems is not applicable for all. The problems in coming up with technical solutions is the different communities and the diverse way in which people communicate.

   The “Reverse MX” approach is one potential approach that could be used in combination with other measures to reduce the overall problem, although it is noted that it relies on large scale adoption in order to be effective. Other technology approaches require further architectural judgement. It was noted that there appeared to be no clear view in the ASRG as to when an approach is considered to be ‘ready’ for the IETF. Some individual approaches have been tested in implementations, but systematic data collection using these approaches has not been undertaken.

   It was also noted that taking things into the IETF has high overhead and effort. The intended approach in the RG is that if the proposal has been well-documented, no obvious flaws, has some implementations, then the basic approach is to then pass this to the IETF for consideration.

8. IETF 58 Plenary Sessions [Wednesday, 12th November and Thursday 13th November]

   The presentation material used at the plenary sessions was as follows:

   • Introduction and IETF Chair Report
         plenary-agenda.pdf

   • IAB report
         iab-chair-plenary.pdf

   • IAB report on IPv6 Site Local Address Appeal
         appeal.pdf

   • IRTF report
         irtf.pdf

   • IANA report
         iana.pdf

         doug_barton_intro.pdf

   • RFC Editor report
         rfc-editor.pdf

         rfc-editor-report.pdf

   • IAB Advisory Committee
         advcomm-report.pdf

        
     advcomm-conclusions.pdf

   • IESG Reports
         iesg-overview.pdf

         iesg-wgchairs.pdf

         iesg-review.pdf

   • Architecture Session – Insecuurities at the Edge
         Introductory Session Notes: Attachment A
         iab-arch-plenary.pdf

   • Open Mic session
        
     plenary-questions.pdf

IAB ACTIONS and DOCUMENTS

Actions

• DNS and IDN Document
  Rob Austein, Patrik Faltstrom, Geoff Huston
  [Feb-03]
  current
  Status: Coordinate IETF document between Ads and WGs

  •  A document to answer the specific issues about IDN is needed.
• IANA instruction for 2.0.0.2.IP6.ARPA
  Geoff Huston
  [Jul-03]
  current
  Status: Draft instructions to IANA concerning instruction to delegate 2.0.0.2.IP6.ARPA to the RIRs

  •  Advised RIRs that Patrik Faltstrom and Rob Austein are to be involved in the RIR implementation, as IAB-nominated experts, to assist in the design. Initial RIR design draft has been passed to Patrik and Rob for comment.
  •  IAB ExecD has been advised that the RIRs have formed the Number Resource Organization (NRO), and the NRO is expected to encompass common RIR functions such as proposed here. The RIRs have been requested to advise the IAB if the NRO is to be the intended delegation point. Awaiting RIR response to this query
• IAB Mailer
  Leslie Daigle, Geoff Huston, Eric Rescorla
  [Jul-03]
  current
  Status: Add virus scanner and some form of challenge/response gateway to IAB mailer to manage increasing spam volume

  •  Select new list moderators and consider new strategy for list management
• IAB Web Mail
  Geoff Huston
  [Jul-03]
  current
  Status: Implement a web-based mail-deposit archive for IAB members

  •  Evaluating alternatives
• OMA Liaison
  Geoff Huston
  [Sep-03]
  current
  Status: Response sent to OMA
• Liaisons
  Leslie Daigle
  [Sep-03]
  current
  Status: Liaison procedures and roles need to be defined in a document

  •  draft circulated to IAB
• IESG Query – Protocol Validity Checks
  Patrik Faltstrom, Rob Austein
  [Oct-03]
  current
  Status: Respond to IESG query – requested response date is 7 November

  •  draft circulated to IAB
• IETF Prep
  Geoff Huston
  [Oct-03]
  current
  Status: Architectural Issues in WGs – create status page for IAB use

  •  Deploy an IAB member submission process / issues tracker
• IPv6 Address Architecture
  All
  [Nov-03]
  current
  Status: review IPv6 address architecture (draft-ietf-ipv6-addr-arch-v4-00.txt)

  •  Review draft to ensure that the draft is consistent with IAB appeal comments
• Liaison to Global Grid Foundation
  Leslie Daigle
  [Nov-03]
  current
  Status: Advise GGF’s Charlie Catlett of Brian Carpenter as the IETF’s liaison to the GGF

  •  Request Brian to submit a list of items for possible IETF attention from the GGF perspective
• IETF / IEEE 802 joint workshop
  Bernard Aboba, James Kempf, Russ Housley, Thomas Narten
  [Nov-03]
  current
  Status: Commence organisation of a joint IETF / IEEE 802 workshop, involving chairs of IEEE 802, & IETF WGs that need to work together. POtential topics to be covered include IETF DNA / IEEE handoff ECSG, EAP WG / 802.11, CAPWAP / 802.1af/802.11 and IRTF Mobility/ IEEE Fast Handoff SG

Documents

• Security Mechanisms for the Internet
  draft-iab-secmech-03.txt
  Charlie Kaufman, Steve Bellovin
  [May-01]
  RFC Editor
  Status: RFC Editor Queue – AUTH48

  1.  (current) Authors comments have been returned to RFC Editor
• A survey of Authentication Mechanisms
  draft-iab-auth-mech-02.txt
  Eric Rescorla
  [Apr-02]
  current
  Status: Ready for IAB to send an IETF Call For Input

  1.  (current) Leslie to undertake an IETF Call
• Internet Architecture and End-to-End
  draft-iab-e2e-futures-04.txt
  James Kempf, Rob Austein
  [Jul-02]
  current
  Status: Ready for IAB to send an IETF Call For Input

  1.  (current)
• Internationalized Resource Identifiers
  draft-iab-char-rep-00.txt
  Leslie Daigle
  [Nov-02]
  current
  Status: Drafting

  1.  (current) Leslie to revise the draft
• Transport Controls for VOIP
  draft-iab-congestion-01.txt
  Sally Floyd, James Kempf
  [Nov-02]
  current
  Status: IETF Call for Input

  1.  (current) closed 14/11/03
• ISOC Trustee Appointment Process
  draft-iab-isocbot-01.txt
  Leslie Daigle
  [Nov-02]
  RFC Editor
  Status: RFC Editor Queue (14-Oct-03) – RFC-EDITOR

  1.  (current)
• IAB Research Agenda
  draft-iab-research-funding-02.txt
  Sally Floyd, Vern Paxson, Ran Atkinson, Mike St Johns, John Crowcroft
  [Jul-02]
  current
  Status: IETF Call for Input

  1.  (current) closes 2/12/03
• IAB Overview
  http://www.iab.org/about/description.html
  Eric Rescorla
  [Mar-03]
  current
  Status: drafting updates

  1.  (current) iab review
• IAB Considerations on Discovery Mechanisms and IPv6
  Bernard Aboba, James Kempf
  [Mar-03]
  current
  Status: Drafting

  1.  (current) Redraft as a descriptive framework plus individual proposed contributions as desired
  2.  (next) Bernard will circulate draft
• Protocol Models
  draft-rescorla-model-00.txt
  Eric Rescorla
  [May-03]
  current
  Status: Drafting

  1.  (current) Document protocol models
  2.  (next) submit as IAB Draft (experimental)
• Internet Identities
  
  draft-iab-internet-identities-00d.txt
  Patrik Faltstrom, Geoff Huston
  [Jul-03]
  current
  Status: Drafting

  1.  (current) Document on Internet Identity realms
  2.  (next) Cross-reference this document with e2e document
• DOS Attacks
  draft-iab-dos-200378.txt
  Mark Handley
  [Sep-03]
  current
  Status: Drafting

  1.  (current) Document on DOS attack forms
  2.  (next) submit as IAB draft (informational)
• AdvComm Report
  
  draft-iab-advcomm-output-00g.txt
  Leslie Daigle
  [Nov-03]
  current
  Status: Drafting

  1.  (current) Publish IAB Advisory Committee Report
  2.  (next) submit as IAB draft (informational)
• Liaison Management
  
  draft-iab-liaison-mgmt-00.txt
  Leslie Daigle
  [Nov-03]
  current
  Status: Drafting

  1.  (current) Publish as Internet-Draft

Attachment A

Open Architecture Discussion Topic:

Are Insecurities at the Edge the Biggest Challenge Yet to the End-to-End Model of the Internet?

When we think of DDOS and Internet-propagated virii, we typically focus on the bad behaviour of the instigator. And, as recent years have seen a massive increase in the amount of malicious and/or unsolicited traffic on the Internet — denial of service attacks, worms, virii, spam — we are painfully aware of the costs. Not only end-users are impacted, in the case of spam: anyone setting up mail service has to provision it to handle the amount of traffic it will get, not just the amount of legitimate traffic.

Looking at the rate of increase of these attacks — e.g., the spike in spam after the SoBig virus was detected — it seems that the viral nature of propagation has its own set of implications: not only must we deploy countermeasures within the network to avoid the flattening of endpoints under attack, it is increasingly obvious that “endpoints” as we know them cannot be trusted.

If endpoints cannot be trusted, then the proposed longer term solutions for spam that are based on authenticating senders via credentials will not succeed as the only solution. Imagine if you will a situation where if present trends continue we might project seeing things such as the following:

1. Continuous DDOS attacks against the Internet infrastructure.

2. Releases of multiple CERT advisories every day.

3. Virus traffic + spam + patches + file “sharing” traffic comprising the overwhelming fraction of total Internet bandwidth.

4. Organizations restricting or actually decommissioning use of email.

The combination of all these trends makes the threat to the end-to-end model from NAT or filtering look fairly minor.

This discussion will include brief presentations outlining some metrics used to determine the trendlines and attempt to determine the current scope of the problem and the slope of the trend line.

The important points for further discussion are:

1. what are some of the additional implications, in terms of work the IETF could and should be doing?

2. since the data shows that a substantial amount of malicious traffic (worms, ddos, virus propagation) is virally generated and operating with the full rights and priviledges of some real user, to what extent is conventional authentication & authorization technology useful?

This is meant to be an interactive discussion amongst all the engineers and architects in the plenary; please come prepared to share thoughts and pointers.

These minutes were prepared by Geoff Huston; comments should be sent to iab-execd@iab.org. An online copy of these and other minutes is available at: http://www.iab.org/documents/IABmins/

The IAB Web page is at http://www.iab.org