Minutes of the 2013-11-07 IAB Business Meeting
Vancouver, BC, Canada
- Bernard Aboba
- Jari Arkko (IETF Chair)
- Mary Barnes (IAB Executive Director)
- Marc Blanchet
- Alissa Cooper
- Lars Eggert (IRTF Chair)
- Mat Ford (ISOC Liaison)
- Joel Halpern
- Russ Housley (IAB Chair)
- Eliot Lear
- Barry Leiba (IESG Liaison)
- Xing Li
- Cindy Morgan (IAB Executive Assistant)
- Erik Nordmark
- Andrew Sullivan
- Dave Thaler
- Ross Callon
- Hannes Tschofenig
- Ralph Droms
- Kevin Igoe
1. New TLD for DNSSD
Ralph Droms, chair of the Extensions for Scalable DNS Service Discovery (DNSSD) Working Group, asked the IAB to help coordinate with ICANN should a new TLD be required for DNSSD. The WG does not yet know what the requirements for the new TLD would be, but would like to give ICANN advance warning. The IAB discussed this, but did not reach consensus to give advance warning; several IAB members wanted to reserve judgment until after the DNSSD WG session on Friday, 8 November 2013.
The IAB discussed next steps coming out of the IGOVUPDATE BOF. Eliot Lear noted that the community has been pointed to the email@example.com mailing list for future discussions. Bernard Aboba suggested holding another IGOVUPDATE session at IETF 89 in London as a lead-up to the Internet governance summit planned for Brazil in April 2014.
3. Plenary recap, discussion of actions required by IAB
The recap of the IETF 88 Technical Plenary was deferred to a future IAB Business Meeting due to time constraints.
4. “A Framework for the Evolution of IANA”
The board agreed to adopt draft-kolkman-iana-framework as an IAB-stream document.
5. IRTF Review: Crypto Forum Research Group (CFRG)
Kevin Igoe, co-chair of the IRTF’s Crypto Forum Research Group (CFRG), gave a brief overview of the RG’s activities. He noted that there are several things to keep in mind when dealing with cryptography:
- When designing for security, risk cannot be eliminated entirely; it can only moved somewhere else, and so it is important to know where risk is being moved to.
- With cryptography, the risk is of a technical flaw in the algorithm.
- Protecting the keys must be taken very seriously.
- Cryptographic mechanisms are not solutions to security problems, but are tools to help address security problems.
Kevin Igoe noted that CFRG tries to identify cryptographic futures; many organizations are conservative about moving to new things because they want the parameters to be well-tested.
Kevin Igoe observed that security mechanisms applied in the wrong way can bring down a system, and that cryptographic scholarship must be done. Barry Leiba suggested that Kevin talk with Mark Nottingham about the XML security issues in HTTPBIS, and let him know that CFRG is available as a resource.
Dave Thaler asked about the breadth of active participation in CFRG. Kevin Igoe replied that their meetings usually have around 20 attendees, from all different regions. Dave Thaler observed that it might be useful if the CFRG made a statement noting that they support the OpenStand principles. The CFRG meetings, membership, and mailing list are all open to anyone who wishes to participate.
Eliot Lear noted that the community needed guidance on “opportunistic cryptography”, and that perhaps this is area in which the CFRG could provide advice.