Internet Architecture Board

RFC2850

IAB Minutes 2019-07-10

Home»Documents»Minutes»Minutes 2019»IAB Minutes 2019-07-10

Minutes of the 2019-07-10 IAB Teleconference

1. Administrivia

1.1. Attendance

Present:
  • Jari Arkko
  • Alissa Cooper (IETF Chair)
  • Michelle Cotton (IANA Liaison)
  • Wes Hardaker
  • Ted Hardie (IAB Chair)
  • Christian Huitema
  • Mirja Kühlewind (IESG Liaison)
  • Zhenbin Li
  • Cindy Morgan (IAB Executive Administrative Manager)
  • Erik Nordmark
  • Mark Nottingham
  • Karen O’Donoghue (ISOC Liaison)
  • Colin Perkins (IRTF Chair)
  • Melinda Shore
  • Jeff Tantsura
  • Martin Thomson
  • Amy Vezza (Secretariat)
Regrets:
  • Harald Alvestrand (ICANN Liaison)
  • Stephen Farrell
  • Heather Flanagan (RFC Editor Liaison)
  • Brian Trammell
Observers:
  • Spencer Dawkins

1.2. Agenda bash & announcements

No new items were added to the agenda.

1.3. Meeting Minutes

The following meeting minutes were approved:

  • 2019-06-26 business meeting – (draft submitted 2019-06-26)

1.4. Action Item Review

Done:
  • 2019-06-12: Cindy to send e-vote on adoption of draft-thomson-use-it-or-lose-it.
  • 2019-06-12: Martin to send a message to architecture-discuss asking for specific examples of greasing for draft-thomson-use-it-or-lose-it.
  • 2019-06-12: Wes to contribute text to the protocol designer version of the trust in Internet entities statement.
  • 2019-06-26: All to sign up for BOF coverage at IETF 105
  • 2019-06-26: Ted to invite the RSOC to join the IAB meeting on Monday morning at IETF 105.
  • 2019-06-26: Colin to propose an IRTF RG to review during IETF 105.
  • 2019-06-26: Martin to send email to ietf@ietf soliciting feedback on the IAB job description that is provided to NomCom.
In Progress:
  • 2019-02-06: Melinda to take pen on protocol designer version of “Trust in Internet Entities” Statement.
  • 2019-02-06: Mark to take pen on legislator version of “Trust in Internet Entities” Statement.
  • 2019-05-29: Jari to send updated text for the Internet Governance page on the IAB website to Cindy for posting.
  • 2019-05-17: Stephen, Jari, Brian, Ted to identify IAB actions related to changing the Internet threat model.
  • 2019-05-17: Stephen to draft COI policy for the IAB.
  • 2019-05-17: All to see if they should update their bios to reflect conflicts of interest.
  • 2019-05-17: Mark to drive action to prune down the IAB communications channels by IETF 105.
  • 2019-05-17: Cindy to look at mailing lists on i1b.org and propose how to handle those lists.
  • 2019-05-17: Christian to figure out how to measure the effectiveness
    and impact of the work of the IETF.
  • 2019-05-17: Ted to write blog post inviting the community to come to the IAB with new work proposals.
  • 2019-06-26: Melinda/PPP to send a blurb about the technical plenary to Alissa for inclusion in the agenda.
New:
  • 2019-07-10: Cindy to swap job description and use-it-or-lose-it discussions on IAB agenda for Montreal.
  • 2019-07-10: Cindy to send community review message for draft-iab-fiftyyears.
  • 2019-07-10: Mark to send blurb on ESCAPE workshop to Ted.
  • 2019-07-10: Ted to ask Brian if he can moderate technical plenary at IETF 105.
  • 2019-07-10: Cindy to start thread re scheduling ICANN NomCom interviews.

2. Monthly Reports

2.1. IRTF Chair Report

–Begin IRTF Chair Report, Colin Perkins–

IRTF chair report to the IAB for the month ending 7 July 2019

# Research Groups

Engaged with proponents of the proposed SMART RG regarding my decision
not to approve it at this time.

COIN proposed RG held a successful virtual interim meeting, to focus
their goals and to plan for their face-to-face meeting in Montreal. NMRG
held a virtual interim meeting to continue work on intent-based
networking and network AI.

Suggested the PEARG proposed RG for IAB review at IETF 105.

# ANRP

Working with awardees and ISOC to arrange their travel and schedule
presentations during the IRTF Open Meeting.

Worked with Glen Barney and Mat Ford to set-up the infrastructure for
the upcoming ANRP 2020 cycle.

# ANRW

Call for student travel grants was issued, applications were received
and peer-reviewed by a committee composed of Colin Perkins, Lars Eggert,
Jörg Ott, and Jana Iyengar. Nine travel grants were announced. Awardees
are arranging their travel, and working with the secretariat to arrange
reimbursement. Total amount awarded was $12,750 from a budget of
$13,000.

The list of accepted papers and a draft schedule for the workshop were
posted to the IRTF website. Registration was opened, and initial call
for participation was issued. Continued to work with the secretariat on
the workshop logistics.

# Documents and Errata

IRSG poll of draft-irtf-icnrg-deployment-guidelines concluded with
limited review; will be re-issued. Final IRSG review continuing on
draft-irtf-icnrg-disaster and draft-irtf-icnrg-terminology.

draft-irtf-cfrg-argon2 is ready for IRSG review.

Four new errata reported by CFRG are awaiting review.

# Other

Continue to update website and resolve broken links.

Worked with IRSG to develop policy re Designated Experts for IRTF
documents in response to IESG query.

IRTF and IETF agenda conflict resolution. Started scheduling for the
IRTF Open Meeting and the IRSG dinner.

–End IRTF Chair Report, Colin Perkins–

2.2. ICANN Liaison Report

–Begin ICANN Liaison Report, Harald Alvestrand–

ICANN report - up to July 4, 2019

This report covers ICANN activity seen by the board liaison until July
4, 2019.

The main activity in this period has been the Marrakesh meeting.

Hot topics
- Amazon - as expected, the members of the Amazon Cooperation Treaty
Organization (ACTO) expressed strongly negative opinions on ICANN’s
decision to continue with the process of delegating .AMAZON to the
Amazon corporation, with representatives of some other governments
concurring in those opinions. One formal request for reconsideration
has been received (filed by the government of Colombia); this is
currently undergoing the standard processing for such requests. The
Government Advisory Committee in its “communique” from the Marrakesh
meeting stated that “The GAC asks the Board to explain in writing
whether and why it considers that its decision to proceed with
the .AMAZON applications, based on a proposal that the eight Amazon
countries considered did not address their concerns, complies with GAC
Advice.”
- New gTLD rounds: We are still waiting for all the policy issues to
resolve before doing anything big, but planning (assuming issues
resolve) is moving forward.
One topic of discussion was financing - a lot of the costs are up-
front; the current suggestion is to borrow from the funds not spent in
the previous gTLD round.
Another is application volume - apparently people have been suggesting
anything from 1000 (“the good ones have gone”) to 25.000 (“everyone
will want one”), with ICANN staff using 2000 (“same as the last time”)
as a design starting point. It’s probably strongly price dependent,
and having some more informed guesses is a pressing need at this
stage.
- GDPR, WHOIS, ePDP phase 2: This was the main topic at the GNSO part of
the meeting. Apparently, progress was being made, but we’re still far
from seeing the shape of the outcome.
A major consideration is whether ICANN is in a position to take
responsibility for a “clearinghouse” function for legally-authorized
requests for non-public data that used to be public in WHOIS - there’s
dialogue with the EU privacy commissioners on the subject, but clarity
may take time.
One bone of contention is the ability to query for something that is
not the domain - several security researchers claim that searching for
“domains registered using similar-looking addresses” is critical for
catching abuse, but others (Milton Mueller, at least) claim that “one
question, one domain is a fundamental principle”.
- .ORG contract renewal - several of the “old” TLDs (pre 2012 round) had
contracts up for renewal. The only item that gathered public attention
was the removal of price caps from the .org contract - .ORG and .COM
were the only ones left with price caps, and the .COM one was last
renewed while the USG still had its hand on the tiller.
ICANN decided to renew the contract without a price cap provision, and
with the inclusion of the same rights protection mechanisms (UDRP and
URS) as for other gTLDs.
- DoH and DoT - these were hot topics in several sessions. The chief
point is how they influence the balance between network owner control
(for filtering, censorship, monitoring or malware protection) and
endpoint control. One worry point is whether the inability to monitor
DNS queries will lead those in a position to impose rules to take more
draconian measures (like address-based blocking).
Of note: There’s already been malware using DoH to evade monitor/
blocking seen in the wild.
- DNS abuse - this area attracts tons of interest, but is still mushy to
me - the discussion of what constitutes “DNS abuse” is still not
converging; most agree that registering 10.000 meaningless domains in
order to facilitate botnet C&C is “abuse”; a plurality probably agrees
that a domain used chiefly to host malware or spam is “abuse”, and
that registration of easily-confused domains in order to facilitate
phishing scams is “abuse” - but distilling those rather vague examples
into actionable rules is still a slow process.
- Universal Acceptance (aka “IDN everywhere”) - this effort is hosted at
ICANN, but its chief target is to educate end-users so that they
demand support for the existing standards (IDN and EAI) from their
service providers and software vendors. It’s slow.

Organizational topics

There are a couple of things that concern more how ICANN deals with
itself than what ICANN does externally - this may be easier to note in a
separate section.

- Organizational effectiveness aka “the Brian Cute process”: This is a
process of dialogue and consultation, shepherded by Brian Cute, that
is to give some names to the issues that people feel are the important
factors impeding ICANN work. A list of 11 issues has been distilled,
and was presented in Marrakesh; it can be found on the Web page for
the process.
- Picking a new chairman of the board - as Cherine Chalaby is stepping
down from the board at the end of the next Annual General Meeting
(November in Montreal), we have to pick a new chairman. The board has
started the discussions on the choice of the next chair; these will
continue at the Board’s Los Angeles workshop in September.
- Reviews - the SSR2 review, which has already taken years, has had some
issues with support staffing.
- The five year strategic plan is now formally adopted. The organization
is at work on supplementing this with 5-year operational and financial
plans; it’s very clear that these are subject to change - but the
purpose of a plan isn’t to predict the future, it’s to make it
possible to notice when things have changed and act accordingly.

July and August are probably going to be slow months. The next Board
physical meeting is a board workshop in September.

–End ICANN Liaison Report, Harald Alvestrand–

2.3. IANA Liaison Report

–Begin IANA Liaison Report, Michelle Cotton–

IANA Services Liaison Report – 10 July 2019

SLA Deliverables Update:

- ICANN met 100% of processing goal times for May 2019 monthly
statistics reports, exceeding the SLA goal to meet 90% of processing
goal times. These times include the steps that ICANN has control over
and not time it is waiting on requesters, document authors or other
experts. Monthly reports can be found at: https://www.iana.org/
performance/ietf-statistics

Other News:

None to report

IANA Services Operator and IETF Leadership Meeting Minutes:

MEETING MINUTES - BEGIN
Summary of Meeting Minutes
Monday, March 25, 2019
Lunch Meeting at IETF-104, Prague
1220 Local Time, 1120 UTC

Attendees:
Jari Arkko, IAB IANA Program
Alissa Cooper, IETF Chair
Michelle Cotton, Protocol Parameters Engagement Sr. Manager
Ted Hardie, IAB Chair
Suzanne Woolf, IAB IANA Program
Russ Housley, IAB IANA Program
Portia Wenze-Danley, IETF LLC Executive Director, Interim
Harald Alvestrand, IETF liaison to ICANN Board
Amanda Baber, Lead IANA Services Specialist

1. Introductions and Welcome

No new members.

2. Review of Action Items

Completed: Review existing escalation procedures. Determine if there
needs to be a new/different process/policy for escalation process for
complaints regarding expert reviews.

Completed: A. Cooper was to work with the IESG on an IESG statement
regarding the GDPR requirement and to only use the minimum amount of
personal data when creating new registries. The decision was that
language will be folded into 8126bis.

Complete: M. Cotton was to clarify with K. Davies how ICANN’s future
budget will affect IANA. Action: Budget was approved.

S. Woolf: Any assurances regarded stable budget, or every year clean
slate?

K. Davies: No suggestion that we need to cut back. We get what we have
asked for, we’re realistic about what we ask – our budget grew 5 percent
but was offset by reduction of shared services we get from ICANN –
headcount will remain steady, no largescale projects kicking off to take
larger share of budget. If we were to have a budget issue, PTI board
could ask questions.

Completed: M. Cotton was to ping T. Hardie regarding IDN request. IDNA
Tables were posted last week.

Completed: No additional review of experts needed.

In Progress: K. Davies working on .arpa draft, 80 percent complete;
should have something soon. Ultimately this will go to the IAB, but this
group will look at it first. Coordinating with Verisign to make sure the
idea works (leakage issue).

3. IANA Services Activity

Processed more than 1193 IETF-related requests from October 2018 -
January 2019. This includes: Document reviews, registry creations, new
registrations, modifications to existing registrations, and deletions.

Added 5 new stand-alone registries since IETF-103 (October 2018- January
2019)

SLA Deliverables:

Average cumulative percentage for October 2018 - January 2019 was 99.5
percent.

4. Update on Deliverables

Annual Review of Protocol Parameters audit report sent in January.
Hasn’t been sent to board yet.

A. Cooper: Much talk in the last 10 days about bringing the LLC website
up to date.

SLA: IETF Legal still waiting to hear from IANA Legal Counsel; internal
review going on. We believe it’s ready. This is about the assignment of
the MoU from ISOC to IETF LLC. We can sign it electronically.

Beginning new audit review cycle. Had a meeting; details being discussed
in April. There will be a statement about the audit released publicly,
but not the audit itself.

GDPR: M. Cotton and K. Davies spoke about language changes to TRIP ITAD
doc in IANA Considerations section. Agreed to only change one section of
the document. (M. Cotton had proposed 3 changes in abstract, intro, and
IC.) The language will say that the IETF will no longer require that
IANA collect postal address information in ITAD TRIP.

T. Hardie: Suggested CC‘ing Alexey and Ben to follow up w/coordination
on communications for this document.

T. Hardie: was told that his method for getting rid of iris.arpa was
incorrect; they said he had to deprecate all previous documents.
Should we take a look at all of the zones to see what their utilization
is and report to the community (e.g. what kind of usage does urn.arpa
get?). Maybe persuade public that only addressing ones are in use and
then deprecate all the rest in one go. Would simplify things because the
change controllers for these [?]

K. Davies: we’ve pulled stats in the past (for iris).

T. Hardie: we’ll share with the community in a letter and ask for input.

K. Davies: doesn’t see issues; should we build in monitoring capability
for .arpa rather than doing it ad hoc? We can explore that.

T. Hardie: you shouldn’t be getting home.arpa queries, but you probably
are getting significant traffic you can’t answer because of
misconfiguration. Wait – it’s delegated to the sinkholes, so you won’t
see the traffic.

Action: M. Cotton to gather additional arpa information.

5. Update on Projects

How Did We Do (HDWD) survey: we started in Dec/Jan; not rolled out for
all queues yet as it’s complicated for e.g. drafts queues. Do we send to
all the authors or only the ones who communicated with us? Talking to
RFC-Editor staff: when they’re done with the pub process, Heather has
been sending out post-pub surveys. We don’t want to bombard the authors
with surveys.

For the surveys we do send out, still adjusting – do we send immediately
or wait a day or two, for example? Looking at ways to report the
feedback. Potentially at the next meeting we may have a way to report
this. In general, response has been pretty good.

We’re still going to do the yearly survey, but it will be more
engagement-focused rather than sending to people who had requests eight
months ago. Will be revised in the next six months to ask new questions
(still figuring out what). Maybe we’ll get more responses if the
questions are tailored

A. Cooper: we could put it on the telechat agenda as the survey comes up
and encourage people to respond.

Registry Workflow System Project
A name for system is pending. Our internal goal is to start
processing PEN with it by the end of this year. Goal, not a promise.
Then we’ll finally get statistics on PEN (current system doesn’t really
allow it). Still working out what kind of data we need to collect.

Request from Warren Kumari to look at experts grouped by IETF area: Look
at grouping experts by area so that they can see how well experts are
doing by area. Response rates, etc. Catching issues before they get bad.

Transport ADs suggested having a meeting with the port experts in
Montreal to touch base. Transport ADs are on the mailing list.

6. Discussion Items

IDNA: Posted the tables. IDN expert says there’s a meeting on Wednesday
of IETF-104, may be a discussion; he may be sending us a message
afterward about moving ahead with 12.0.0.

RFC8126bis: Meeting w/Barry about adding guidance re GDPR to 8126; may
be other small improvements.

Registry License Question: We get questions from outside parties about
license for use of registry information. We’re discussing this with
ICANN Legal. Discussion among this group about what information to
explore. Review again in Montreal.

Monthly reporting: We discussed and agreed previously that we want to
modernize our reports. We do want to continue to provide a narrative
that points out problems, and to continue to provide monthly snapshots
that shows you volume. Currently we’re deep diving into figuring out
which stats are necessary (end-to-end time, time per actor, request
type, registry creation, assignments via RFC process). Keeping an eye on
what SLA says we’re meant to report on and seeing how that could change
in a future SLA – for example, we want to get rid of charts that are not
relevant anymore, like what state requests are in at the end of the
month. We also want to avoid manually generating these reports.

In the future, we could report on registries individually rather than by
queue.

Separate area for things related to internet-drafts.

Drill down to one type of request.

Real time updates.

This is similar to what’s produced for root zone modifications. We don’t
know whether we’d use the same tool. This is just an idea of what we’re
looking at.

7. Informal Meeting Schedule
In person March 25, 2019 (Prague)
Phone May 28, 2019 (the Monday before is a US holiday)
In Person July 22, 2019 (Montreal)
Phone September 23, 2019
In person November 18, 2019 (Singapore)

8. Summary of New Action Items

M. Cotton: Gather information about .arpa.

–End IANA Liaison Report, Michelle Cotton–

2.4. RFC Editor Liaison Report

–Begin RFC Editor Liaison Report, Heather Flanagan–

RSE

* RFC Format status
Transitioning to publishing RFCs in the v3 format is still on target for
August, with the biggest risk continuing to be the timing of the release
of Cluster 23, now expected for sometime in Q3 2019 (https://www.rfc-
editor.org/cluster_info.php?cid=C238). A high-level timeline for the
rollout of the new format, which will continue to be modified as we get
closer to implementation, is available on the RSE wiki: https://www.rfc-
editor.org/rse/wiki/doku.php?id=design:format-implementation

* Fifty Years of RFCs
The IAB has accepted draft-flanagan-fiftyyears as an IAB stream
document. This will change the draft string to draft-iab-fiftyyears, and
the community comment period will start within the next few weeks.

* RPC resourcing
The IETF LLC has approved a short-term increase of 2 FTE for the RPC
through the end of 2019. The RPC is in the process of searching for
suitable candidates.

* IETF 105
The RFC Editor desk will be open as usual from Monday through Thursday
to answer any questions from the community regarding the status of
specific documents, English grammar advice, or information about the new
RFC Format. The RSE office hours at the desk will be Monday and
Wednesday from 09:00-11:30.

The RSE will be co-leading a side meeting on “Evolving Documents” on
Tuesday, 23 July from 15:00-16:30 ET.

RPC

* https://www.rfc-editor.org/report-summary/

Q2 2019 notes: The SLA was met for Q2 2019. The submission rate was
average. The publication rate is up compared with the previous four
quarters.

The RPC continues to test the XMLv3 tools in preparation for the
approaching transition. In addition, they are examining and updating
their processes to account for XMLv3 tools and the new formats as they
work to meet the transition timeline.

Also related to v3 format work, HTML files for the existing RFCs are
available from the RFC Editor site. This means that each RFC published
before the XMLv3 era will have an HTML file styled similarly to the
current HTML files offered by tools.ietf..org. This allows consistent
handling of links to RFCs, regardless of whether the RFC was produced
before or after the transition to XMLv3.

–End RFC Editor Liaison Report, Heather Flanagan–

3. BOF and Proposed RG Coverage at IETF 105

The IAB identified coverage for the BOFs and Proposed Research Groups at IETF 105.

4. IAB Agenda at IETF 105

The IAB discussed their agenda at IETF 105.

Ted Hardie confirmed that RSOC would be available to join the IAB meeting on Monday morning, but that at least one person would be remote.

The IAB will review the proposed Privacy Enhancements and Assessments Research Group at the IAB meeting on Thursday morning.

5. draft-ietf-iasa2-rfc6220bis

The IAB agreed to adopt draft-ietf-iasa2-rfc6220bis on the IAB stream.

6. draft-thomson-use-it-or-lose-it

Via e-vote prior to the meeting, the IAB agreed to adopt draft-thomson-use-it-or-lose-it on the IAB stream. Martin Thomson will upload a new revision after incorporating feedback from the discussion of the document at IETF 105.

7. draft-iab-fiftyyears

The IAB agreed to send draft-iab-fiftyyears out for community review.

8. Exploring Synergy between Content Aggregation and the Publisher Ecosystem (ESCAPE) Workshop

Mark Nottingham reported that things are on track for the ESCAPE workshop, which is expecting to see 20-25 participants. Ted Hardie asked Mark to send him a blurb about the workshop to include in the IAB report to the community for IETF 105.

9. Trust in internet entities statements

The proposed IAB statement on “Avoiding Unintended Harms of Encryption Policies” is on the IAB’s agenda to discuss at IETF 105.

Melinda Shore reported that she is going to try to schedule an ad hoc session to discuss the version of the statement that is aimed at protocol designers. Wes Hardaker noted that he had sent text to Melinda on 2019-07-09.

10. Plenary Planning Program Update

Ted Hardie will ask Brian Trammell to moderate the discussion during the technical plenary.

Melinda Shore reported that one of the speakers will have to leave before the end of the plenary.

11. IETF Delegate to ICANN NomCom (Executive Session)

The IAB discussed interviewing candidates for the IETF delegate to the ICANN NomCom in an executive session. Jari Arkko, Ted Hardie, Melinda Shore, and Jeff Tantsura agreed to participate in the interviews.

12. Planning of Plenary Discussion of RSE Model (Executive Session)

The IAB discussed planning for a plenary discussion on the RFC Editor Model in an executive session.