Minutes
IAB Teleconference (Techchat)

2009-10-07

1. Roll-call, agenda-bash, administrivia, approval of minutes

1.1. Attendance

PRESENT
  Marcelo Bagnulo
  Ron Bonica
  Gonzalo Camarillo
  Stuart Cheshire
  Vijay Gill
  Russ Housley (IETF Chair)
  John Klensin
  Olaf Kolkman (IAB Chair)
  Gregory Lebovitz
  Danny McPherson
  David Oran
  Jon Peterson
  Dow Street (IAB Executive Director)
  Dave Thaler
APOLOGIES:
  Aaron Falk (IRTF Chair)
  Sandy Ginoza (RFC Editor Liaison)
  Andy Malis
  Lynn St. Amour (ISOC Liaison)

1.2. Agenda

Olaf asked to add item 2 (below) to the agenda before beginning the techchat.

1.3. Administrivia

Olaf noted that the deadline is approaching for submitting feedback to ICANN on their root scaling study. A draft message is currently being revised on the IAB mailing list, and board members were asked to provide any final comments by the end of the week.

1.4. Meeting Minutes

No meeting minutes were reviewed during this call.

2. Approval of IAB Response on RFC Production Center and RFC Publisher Awards

Olaf had recently drafted a note to the IAOC expressing IAB support for the decision to request ISOC to sign a contract with AMS for the RFC production and publication functions. The note was sent to the IAB mailing list for review, and during the call Olaf asked for formal IAB concurrence on the text before sending it on. One concern was raised about the nature of reporting from AMS, but based on the contract language and BCP 101, the board assessed that a sufficient communication channel could be established between AMS and the IAB, even though formal contract reporting would go to the IAD. The concern relates to a possible formulation of the RSE function, and how the RSE would interface with the production house and publication center. John agreed to review the note (and contract language) in this context. There were no other objections to Olaf’s draft email, which will subsequently be sent within the next few days.

3. Techchat on KMART / KARP

The IAB decided at its retreat to make routing system security a focus area for architectural work in 2009. At this techchat Gregory led a discussion about ongoing work within the Key Authentication for Routing Protocols (KARP) effort (previously referred to as KMART). KARP is chartered to improve the security of routing messages by providing neighbor authentication and message integrity.

Gregory began by describing the scope of KARP, and provided some background on how the current effort grew out of coordination between the routing and security areas. He then walked through the plan for adding more modern cryptographic mechanisms to existing routing protocols. In this case, ‘modern’ refers to such things as automatic key generation, algorithm agility, and key change-over that does not require tearing down a session. Though the use of routing message authentication has been increasing in recent years, it is still a largely manual process, which limits how often keys are refreshed and causes other operational problems (like tearing down routing sessions with each re-key).

The board discussed the implementation complexity (real and perceived) of adding new security mechanisms to existing routing protocols, as well as the steps KARP would follow in deploying these mechanisms. There were a few questions raised about the architectural model, particularly the relationship between the Key Management Protocol (KMP), the KeyStore, the routing protocols themselves, and the various APIs between these elements. Gregory noted that there will be a KARP BOF in Hiroshima, and he, Russ, and others on the IAB will be involved in this work going forward. Depending on the participation and outcome of the BOF, the IAB could host a workshop on this topic in the future, as a way to ensure sufficient engagement by the operator community.