Minutes of the 2019-07-10 IAB Teleconference
1. Administrivia
1.1. Attendance
Present:
- Jari Arkko
- Alissa Cooper (IETF Chair)
- Michelle Cotton (IANA Liaison)
- Wes Hardaker
- Ted Hardie (IAB Chair)
- Christian Huitema
- Mirja Kühlewind (IESG Liaison)
- Zhenbin Li
- Cindy Morgan (IAB Executive Administrative Manager)
- Erik Nordmark
- Mark Nottingham
- Karen O’Donoghue (ISOC Liaison)
- Colin Perkins (IRTF Chair)
- Melinda Shore
- Jeff Tantsura
- Martin Thomson
- Amy Vezza (Secretariat)
Regrets:
- Harald Alvestrand (ICANN Liaison)
- Stephen Farrell
- Heather Flanagan (RFC Editor Liaison)
- Brian Trammell
Observers:
- Spencer Dawkins
1.2. Agenda bash & announcements
No new items were added to the agenda.
1.3. Meeting Minutes
The following meeting minutes were approved:
- 2019-06-26 business meeting – (draft submitted 2019-06-26)
1.4. Action Item Review
Done:
- 2019-06-12: Cindy to send e-vote on adoption of draft-thomson-use-it-or-lose-it.
- 2019-06-12: Martin to send a message to architecture-discuss asking for specific examples of greasing for draft-thomson-use-it-or-lose-it.
- 2019-06-12: Wes to contribute text to the protocol designer version of the trust in Internet entities statement.
- 2019-06-26: All to sign up for BOF coverage at IETF 105
- 2019-06-26: Ted to invite the RSOC to join the IAB meeting on Monday morning at IETF 105.
- 2019-06-26: Colin to propose an IRTF RG to review during IETF 105.
- 2019-06-26: Martin to send email to ietf@ietf soliciting feedback on the IAB job description that is provided to NomCom.
In Progress:
- 2019-02-06: Melinda to take pen on protocol designer version of “Trust in Internet Entities” Statement.
- 2019-02-06: Mark to take pen on legislator version of “Trust in Internet Entities” Statement.
- 2019-05-29: Jari to send updated text for the Internet Governance page on the IAB website to Cindy for posting.
- 2019-05-17: Stephen, Jari, Brian, Ted to identify IAB actions related to changing the Internet threat model.
- 2019-05-17: Stephen to draft COI policy for the IAB.
- 2019-05-17: All to see if they should update their bios to reflect conflicts of interest.
- 2019-05-17: Mark to drive action to prune down the IAB communications channels by IETF 105.
- 2019-05-17: Cindy to look at mailing lists on i1b.org and propose how to handle those lists.
- 2019-05-17: Christian to figure out how to measure the effectiveness
and impact of the work of the IETF. - 2019-05-17: Ted to write blog post inviting the community to come to the IAB with new work proposals.
- 2019-06-26: Melinda/PPP to send a blurb about the technical plenary to Alissa for inclusion in the agenda.
New:
- 2019-07-10: Cindy to swap job description and use-it-or-lose-it discussions on IAB agenda for Montreal.
- 2019-07-10: Cindy to send community review message for draft-iab-fiftyyears.
- 2019-07-10: Mark to send blurb on ESCAPE workshop to Ted.
- 2019-07-10: Ted to ask Brian if he can moderate technical plenary at IETF 105.
- 2019-07-10: Cindy to start thread re scheduling ICANN NomCom interviews.
2. Monthly Reports
2.1. IRTF Chair Report
–Begin IRTF Chair Report, Colin Perkins–
IRTF chair report to the IAB for the month ending 7 July 2019 # Research Groups Engaged with proponents of the proposed SMART RG regarding my decision not to approve it at this time. COIN proposed RG held a successful virtual interim meeting, to focus their goals and to plan for their face-to-face meeting in Montreal. NMRG held a virtual interim meeting to continue work on intent-based networking and network AI. Suggested the PEARG proposed RG for IAB review at IETF 105. # ANRP Working with awardees and ISOC to arrange their travel and schedule presentations during the IRTF Open Meeting. Worked with Glen Barney and Mat Ford to set-up the infrastructure for the upcoming ANRP 2020 cycle. # ANRW Call for student travel grants was issued, applications were received and peer-reviewed by a committee composed of Colin Perkins, Lars Eggert, Jörg Ott, and Jana Iyengar. Nine travel grants were announced. Awardees are arranging their travel, and working with the secretariat to arrange reimbursement. Total amount awarded was $12,750 from a budget of $13,000. The list of accepted papers and a draft schedule for the workshop were posted to the IRTF website. Registration was opened, and initial call for participation was issued. Continued to work with the secretariat on the workshop logistics. # Documents and Errata IRSG poll of draft-irtf-icnrg-deployment-guidelines concluded with limited review; will be re-issued. Final IRSG review continuing on draft-irtf-icnrg-disaster and draft-irtf-icnrg-terminology. draft-irtf-cfrg-argon2 is ready for IRSG review. Four new errata reported by CFRG are awaiting review. # Other Continue to update website and resolve broken links. Worked with IRSG to develop policy re Designated Experts for IRTF documents in response to IESG query. IRTF and IETF agenda conflict resolution. Started scheduling for the IRTF Open Meeting and the IRSG dinner.
–End IRTF Chair Report, Colin Perkins–
2.2. ICANN Liaison Report
–Begin ICANN Liaison Report, Harald Alvestrand–
ICANN report - up to July 4, 2019 This report covers ICANN activity seen by the board liaison until July 4, 2019. The main activity in this period has been the Marrakesh meeting. Hot topics - Amazon - as expected, the members of the Amazon Cooperation Treaty Organization (ACTO) expressed strongly negative opinions on ICANN’s decision to continue with the process of delegating .AMAZON to the Amazon corporation, with representatives of some other governments concurring in those opinions. One formal request for reconsideration has been received (filed by the government of Colombia); this is currently undergoing the standard processing for such requests. The Government Advisory Committee in its “communique” from the Marrakesh meeting stated that “The GAC asks the Board to explain in writing whether and why it considers that its decision to proceed with the .AMAZON applications, based on a proposal that the eight Amazon countries considered did not address their concerns, complies with GAC Advice.” - New gTLD rounds: We are still waiting for all the policy issues to resolve before doing anything big, but planning (assuming issues resolve) is moving forward. One topic of discussion was financing - a lot of the costs are up- front; the current suggestion is to borrow from the funds not spent in the previous gTLD round. Another is application volume - apparently people have been suggesting anything from 1000 (“the good ones have gone”) to 25.000 (“everyone will want one”), with ICANN staff using 2000 (“same as the last time”) as a design starting point. It’s probably strongly price dependent, and having some more informed guesses is a pressing need at this stage. - GDPR, WHOIS, ePDP phase 2: This was the main topic at the GNSO part of the meeting. Apparently, progress was being made, but we’re still far from seeing the shape of the outcome. A major consideration is whether ICANN is in a position to take responsibility for a “clearinghouse” function for legally-authorized requests for non-public data that used to be public in WHOIS - there’s dialogue with the EU privacy commissioners on the subject, but clarity may take time. One bone of contention is the ability to query for something that is not the domain - several security researchers claim that searching for “domains registered using similar-looking addresses” is critical for catching abuse, but others (Milton Mueller, at least) claim that “one question, one domain is a fundamental principle”. - .ORG contract renewal - several of the “old” TLDs (pre 2012 round) had contracts up for renewal. The only item that gathered public attention was the removal of price caps from the .org contract - .ORG and .COM were the only ones left with price caps, and the .COM one was last renewed while the USG still had its hand on the tiller. ICANN decided to renew the contract without a price cap provision, and with the inclusion of the same rights protection mechanisms (UDRP and URS) as for other gTLDs. - DoH and DoT - these were hot topics in several sessions. The chief point is how they influence the balance between network owner control (for filtering, censorship, monitoring or malware protection) and endpoint control. One worry point is whether the inability to monitor DNS queries will lead those in a position to impose rules to take more draconian measures (like address-based blocking). Of note: There’s already been malware using DoH to evade monitor/ blocking seen in the wild. - DNS abuse - this area attracts tons of interest, but is still mushy to me - the discussion of what constitutes “DNS abuse” is still not converging; most agree that registering 10.000 meaningless domains in order to facilitate botnet C&C is “abuse”; a plurality probably agrees that a domain used chiefly to host malware or spam is “abuse”, and that registration of easily-confused domains in order to facilitate phishing scams is “abuse” - but distilling those rather vague examples into actionable rules is still a slow process. - Universal Acceptance (aka “IDN everywhere”) - this effort is hosted at ICANN, but its chief target is to educate end-users so that they demand support for the existing standards (IDN and EAI) from their service providers and software vendors. It’s slow. Organizational topics There are a couple of things that concern more how ICANN deals with itself than what ICANN does externally - this may be easier to note in a separate section. - Organizational effectiveness aka “the Brian Cute process”: This is a process of dialogue and consultation, shepherded by Brian Cute, that is to give some names to the issues that people feel are the important factors impeding ICANN work. A list of 11 issues has been distilled, and was presented in Marrakesh; it can be found on the Web page for the process. - Picking a new chairman of the board - as Cherine Chalaby is stepping down from the board at the end of the next Annual General Meeting (November in Montreal), we have to pick a new chairman. The board has started the discussions on the choice of the next chair; these will continue at the Board’s Los Angeles workshop in September. - Reviews - the SSR2 review, which has already taken years, has had some issues with support staffing. - The five year strategic plan is now formally adopted. The organization is at work on supplementing this with 5-year operational and financial plans; it’s very clear that these are subject to change - but the purpose of a plan isn’t to predict the future, it’s to make it possible to notice when things have changed and act accordingly. July and August are probably going to be slow months. The next Board physical meeting is a board workshop in September.
–End ICANN Liaison Report, Harald Alvestrand–
2.3. IANA Liaison Report
–Begin IANA Liaison Report, Michelle Cotton–
IANA Services Liaison Report – 10 July 2019 SLA Deliverables Update: - ICANN met 100% of processing goal times for May 2019 monthly statistics reports, exceeding the SLA goal to meet 90% of processing goal times. These times include the steps that ICANN has control over and not time it is waiting on requesters, document authors or other experts. Monthly reports can be found at: https://www.iana.org/ performance/ietf-statistics Other News: None to report IANA Services Operator and IETF Leadership Meeting Minutes: MEETING MINUTES - BEGIN Summary of Meeting Minutes Monday, March 25, 2019 Lunch Meeting at IETF-104, Prague 1220 Local Time, 1120 UTC Attendees: Jari Arkko, IAB IANA Program Alissa Cooper, IETF Chair Michelle Cotton, Protocol Parameters Engagement Sr. Manager Ted Hardie, IAB Chair Suzanne Woolf, IAB IANA Program Russ Housley, IAB IANA Program Portia Wenze-Danley, IETF LLC Executive Director, Interim Harald Alvestrand, IETF liaison to ICANN Board Amanda Baber, Lead IANA Services Specialist 1. Introductions and Welcome No new members. 2. Review of Action Items Completed: Review existing escalation procedures. Determine if there needs to be a new/different process/policy for escalation process for complaints regarding expert reviews. Completed: A. Cooper was to work with the IESG on an IESG statement regarding the GDPR requirement and to only use the minimum amount of personal data when creating new registries. The decision was that language will be folded into 8126bis. Complete: M. Cotton was to clarify with K. Davies how ICANN’s future budget will affect IANA. Action: Budget was approved. S. Woolf: Any assurances regarded stable budget, or every year clean slate? K. Davies: No suggestion that we need to cut back. We get what we have asked for, we’re realistic about what we ask – our budget grew 5 percent but was offset by reduction of shared services we get from ICANN – headcount will remain steady, no largescale projects kicking off to take larger share of budget. If we were to have a budget issue, PTI board could ask questions. Completed: M. Cotton was to ping T. Hardie regarding IDN request. IDNA Tables were posted last week. Completed: No additional review of experts needed. In Progress: K. Davies working on .arpa draft, 80 percent complete; should have something soon. Ultimately this will go to the IAB, but this group will look at it first. Coordinating with Verisign to make sure the idea works (leakage issue). 3. IANA Services Activity Processed more than 1193 IETF-related requests from October 2018 - January 2019. This includes: Document reviews, registry creations, new registrations, modifications to existing registrations, and deletions. Added 5 new stand-alone registries since IETF-103 (October 2018- January 2019) SLA Deliverables: Average cumulative percentage for October 2018 - January 2019 was 99.5 percent. 4. Update on Deliverables Annual Review of Protocol Parameters audit report sent in January. Hasn’t been sent to board yet. A. Cooper: Much talk in the last 10 days about bringing the LLC website up to date. SLA: IETF Legal still waiting to hear from IANA Legal Counsel; internal review going on. We believe it’s ready. This is about the assignment of the MoU from ISOC to IETF LLC. We can sign it electronically. Beginning new audit review cycle. Had a meeting; details being discussed in April. There will be a statement about the audit released publicly, but not the audit itself. GDPR: M. Cotton and K. Davies spoke about language changes to TRIP ITAD doc in IANA Considerations section. Agreed to only change one section of the document. (M. Cotton had proposed 3 changes in abstract, intro, and IC.) The language will say that the IETF will no longer require that IANA collect postal address information in ITAD TRIP. T. Hardie: Suggested CC‘ing Alexey and Ben to follow up w/coordination on communications for this document. T. Hardie: was told that his method for getting rid of iris.arpa was incorrect; they said he had to deprecate all previous documents. Should we take a look at all of the zones to see what their utilization is and report to the community (e.g. what kind of usage does urn.arpa get?). Maybe persuade public that only addressing ones are in use and then deprecate all the rest in one go. Would simplify things because the change controllers for these [?] K. Davies: we’ve pulled stats in the past (for iris). T. Hardie: we’ll share with the community in a letter and ask for input. K. Davies: doesn’t see issues; should we build in monitoring capability for .arpa rather than doing it ad hoc? We can explore that. T. Hardie: you shouldn’t be getting home.arpa queries, but you probably are getting significant traffic you can’t answer because of misconfiguration. Wait – it’s delegated to the sinkholes, so you won’t see the traffic. Action: M. Cotton to gather additional arpa information. 5. Update on Projects How Did We Do (HDWD) survey: we started in Dec/Jan; not rolled out for all queues yet as it’s complicated for e.g. drafts queues. Do we send to all the authors or only the ones who communicated with us? Talking to RFC-Editor staff: when they’re done with the pub process, Heather has been sending out post-pub surveys. We don’t want to bombard the authors with surveys. For the surveys we do send out, still adjusting – do we send immediately or wait a day or two, for example? Looking at ways to report the feedback. Potentially at the next meeting we may have a way to report this. In general, response has been pretty good. We’re still going to do the yearly survey, but it will be more engagement-focused rather than sending to people who had requests eight months ago. Will be revised in the next six months to ask new questions (still figuring out what). Maybe we’ll get more responses if the questions are tailored A. Cooper: we could put it on the telechat agenda as the survey comes up and encourage people to respond. Registry Workflow System Project A name for system is pending. Our internal goal is to start processing PEN with it by the end of this year. Goal, not a promise. Then we’ll finally get statistics on PEN (current system doesn’t really allow it). Still working out what kind of data we need to collect. Request from Warren Kumari to look at experts grouped by IETF area: Look at grouping experts by area so that they can see how well experts are doing by area. Response rates, etc. Catching issues before they get bad. Transport ADs suggested having a meeting with the port experts in Montreal to touch base. Transport ADs are on the mailing list. 6. Discussion Items IDNA: Posted the tables. IDN expert says there’s a meeting on Wednesday of IETF-104, may be a discussion; he may be sending us a message afterward about moving ahead with 12.0.0. RFC8126bis: Meeting w/Barry about adding guidance re GDPR to 8126; may be other small improvements. Registry License Question: We get questions from outside parties about license for use of registry information. We’re discussing this with ICANN Legal. Discussion among this group about what information to explore. Review again in Montreal. Monthly reporting: We discussed and agreed previously that we want to modernize our reports. We do want to continue to provide a narrative that points out problems, and to continue to provide monthly snapshots that shows you volume. Currently we’re deep diving into figuring out which stats are necessary (end-to-end time, time per actor, request type, registry creation, assignments via RFC process). Keeping an eye on what SLA says we’re meant to report on and seeing how that could change in a future SLA – for example, we want to get rid of charts that are not relevant anymore, like what state requests are in at the end of the month. We also want to avoid manually generating these reports. In the future, we could report on registries individually rather than by queue. Separate area for things related to internet-drafts. Drill down to one type of request. Real time updates. This is similar to what’s produced for root zone modifications. We don’t know whether we’d use the same tool. This is just an idea of what we’re looking at. 7. Informal Meeting Schedule In person March 25, 2019 (Prague) Phone May 28, 2019 (the Monday before is a US holiday) In Person July 22, 2019 (Montreal) Phone September 23, 2019 In person November 18, 2019 (Singapore) 8. Summary of New Action Items M. Cotton: Gather information about .arpa.
–End IANA Liaison Report, Michelle Cotton–
2.4. RFC Editor Liaison Report
–Begin RFC Editor Liaison Report, Heather Flanagan–
RSE * RFC Format status Transitioning to publishing RFCs in the v3 format is still on target for August, with the biggest risk continuing to be the timing of the release of Cluster 23, now expected for sometime in Q3 2019 (https://www.rfc- editor.org/cluster_info.php?cid=C238). A high-level timeline for the rollout of the new format, which will continue to be modified as we get closer to implementation, is available on the RSE wiki: https://www.rfc- editor.org/rse/wiki/doku.php?id=design:format-implementation * Fifty Years of RFCs The IAB has accepted draft-flanagan-fiftyyears as an IAB stream document. This will change the draft string to draft-iab-fiftyyears, and the community comment period will start within the next few weeks. * RPC resourcing The IETF LLC has approved a short-term increase of 2 FTE for the RPC through the end of 2019. The RPC is in the process of searching for suitable candidates. * IETF 105 The RFC Editor desk will be open as usual from Monday through Thursday to answer any questions from the community regarding the status of specific documents, English grammar advice, or information about the new RFC Format. The RSE office hours at the desk will be Monday and Wednesday from 09:00-11:30. The RSE will be co-leading a side meeting on “Evolving Documents” on Tuesday, 23 July from 15:00-16:30 ET. RPC * https://www.rfc-editor.org/report-summary/ Q2 2019 notes: The SLA was met for Q2 2019. The submission rate was average. The publication rate is up compared with the previous four quarters. The RPC continues to test the XMLv3 tools in preparation for the approaching transition. In addition, they are examining and updating their processes to account for XMLv3 tools and the new formats as they work to meet the transition timeline. Also related to v3 format work, HTML files for the existing RFCs are available from the RFC Editor site. This means that each RFC published before the XMLv3 era will have an HTML file styled similarly to the current HTML files offered by tools.ietf..org. This allows consistent handling of links to RFCs, regardless of whether the RFC was produced before or after the transition to XMLv3.
–End RFC Editor Liaison Report, Heather Flanagan–
3. BOF and Proposed RG Coverage at IETF 105
The IAB identified coverage for the BOFs and Proposed Research Groups at IETF 105.
4. IAB Agenda at IETF 105
The IAB discussed their agenda at IETF 105.
Ted Hardie confirmed that RSOC would be available to join the IAB meeting on Monday morning, but that at least one person would be remote.
The IAB will review the proposed Privacy Enhancements and Assessments Research Group at the IAB meeting on Thursday morning.
5. draft-ietf-iasa2-rfc6220bis
The IAB agreed to adopt draft-ietf-iasa2-rfc6220bis on the IAB stream.
6. draft-thomson-use-it-or-lose-it
Via e-vote prior to the meeting, the IAB agreed to adopt draft-thomson-use-it-or-lose-it on the IAB stream. Martin Thomson will upload a new revision after incorporating feedback from the discussion of the document at IETF 105.
7. draft-iab-fiftyyears
The IAB agreed to send draft-iab-fiftyyears out for community review.
8. Exploring Synergy between Content Aggregation and the Publisher Ecosystem (ESCAPE) Workshop
Mark Nottingham reported that things are on track for the ESCAPE workshop, which is expecting to see 20-25 participants. Ted Hardie asked Mark to send him a blurb about the workshop to include in the IAB report to the community for IETF 105.
9. Trust in internet entities statements
The proposed IAB statement on “Avoiding Unintended Harms of Encryption Policies” is on the IAB’s agenda to discuss at IETF 105.
Melinda Shore reported that she is going to try to schedule an ad hoc session to discuss the version of the statement that is aimed at protocol designers. Wes Hardaker noted that he had sent text to Melinda on 2019-07-09.
10. Plenary Planning Program Update
Ted Hardie will ask Brian Trammell to moderate the discussion during the technical plenary.
Melinda Shore reported that one of the speakers will have to leave before the end of the plenary.
11. IETF Delegate to ICANN NomCom (Executive Session)
The IAB discussed interviewing candidates for the IETF delegate to the ICANN NomCom in an executive session. Jari Arkko, Ted Hardie, Melinda Shore, and Jeff Tantsura agreed to participate in the interviews.
12. Planning of Plenary Discussion of RSE Model (Executive Session)
The IAB discussed planning for a plenary discussion on the RFC Editor Model in an executive session.