Difference between revisions of "2019 Retreat"

From IAB Wiki
Jump to navigation Jump to search
Line 220: Line 220:
| Jari || Wed 2019-05-15 0900 @ KEF || Sat 2019-05-18 18:05 from KEF || Radisson
| Jari || Wed 2019-05-15 0900 @ KEF || Sat 2019-05-18 18:05 from KEF || Radisson
| Brian || Wed 2019-05-15 1600? @ KEF || Fri 2019-05-24 (post-RIPE) 07:20 from KEF || Radisson

Revision as of 14:05, 1 May 2019

Dates and Location

Dates: 16-17 May

Location: Radisson Blu Saga Hotel, Reykjavik


107 Reykjavik


Reservations link

  • Room rate: €185.65 per night + 11% VAT
  • Rate includes complimentary breakfast and Internet access
  • Reservations deadline: Wednesday, 2019-05-01


Thursday, 16 May

0900-1030: Morning Session 1

  • 0900-0915: Welcome, agenda bash, getting organized (Ted)
  • 0915-1030: Changing the Internet Threat Model (Jari)

1030-1100: Break

1100-1230: Morning Session 2

  • 1100-1130: Proposal: Stop organizing technical plenaries (Alissa)
  • 1130-1230: Breakout sessions: Trust in Internet Entities
    • For Protocol Designers (Melinda)
    • For Legislators (Mark)

1230-1330: Lunch

1330-1500: Afternoon Session 1

  • 1330-1415: The Scope of IAB Responsibility (All)
  • 1415-1500: IAB Openness and Visibility (Ted, Stephen, Wes)

1500-1530: Break

1530-1730: Afternoon Session 2

  • 1530-1600: Parking Lot 1
  • 1600-1630: Gardening our Communications Channels (All)
  • 1630-1645: IAB Teleconference Length and Frequency (All)
    • Check in on experiment
  • 1645-1700: Review of Day 1 action items

1900: Group Dinner: TBD

Friday, 17 May 2019

0900-1030: Morning Session 1

  • 0900-0915: Agenda bash
  • 0915-1000: draft-iab-protocol-maintenance (Martin)
  • 1000-1030: draft-nottingham-for-the-users (Mark)

1030-1100: Break

1100-1230: Morning Session 2

  • 1100-1145: Consolidation (Jari)
    • draft-arkko-iab-internet-consolidation
    • Activities Review
    • DEDR Workshop Planning
  • 1145-1230: Cross-Area Architectural Themes (Christian, Brian)
    • Where can the IAB help?

1230-1330: Lunch

1330-1500: Afternoon Session 1

  • 1330-1400: RSE Role and RSOC
  • 1400-1500: what happens to identifier equivalence in a voice-dominant era? (Ted)

1500-1530: Break

1530-1700: Afternoon Session 2

  • 1530-1630: Parking Lot 2
  • 1645-1700: Wrap up: Review of action items, final thoughts

Proposed IAB Topics

IAB lore for newbies (Stephen)

IAB elders tell newbies how it all really works:-)

  • IAB statement internal processes
  • IAB RFCs internal processes
  • Appointment processes; Who do we appoint (list) and how're they doing? Any cases where we ought be soliciting folks to volunteer?
  • Stuff I don't know gets done...

Moar IAB Open-ness, what's been done and what's to come (Stephen)

General discussion bringing new members up to speed on past discussions and maybe agreeing overall goals/direction. (This'd be better lead by someone who knows what's been done and discussed already but I'd like to suggest the topic so am willing to try lead the discussion badly if needed:-)

Similar: Continuing IAB Visibility Issues (Wes)

Many people fail to see what the IAB does, regardless of its web page, announcements at plenaries, etc. What can we do to increase the visibility of the IAB? or maybe it doesn't need increasing?

Programs open-ness (Stephen)

Some relatively modest suggestions:

  • The program descriptions on iab.org are varyingly out of date so updating those'd be good
  • I'm not sure why it wouldn't be ok for all of them to publish minutes (RSOC does, others don't seem to)
  • Some programs (e.g. privsec, stackevo) could perhaps work as well or better with an open mailing list where interested non-members could participate in discussion
  • The plenary program might benefit from an open mailing list where potential topics are discussed and where feedback can be posted publicly (speaker selection chatter would obviously need to be on a different list).
  • I'm not sure about the IANA and liaison oversight programs but I'd like to ask the question whether there're any easy things that could be done that'd be useful and more open.

Deconstructing the Human Rights

We had a couple of frustrating experiences with the "Human Right Reviews" last year. My personal analysis (Christian's) is that the reviews are attacking too many themes at the same time. Some of that is redundant with existing reviews -- privacy for example is already tackled as part of the security directorate's reviews. But there are other themes that would merit some higher exposure, such as:

  • Censorship. Should the IETF protocols facilitate censorship, because of children, parental controls, enterprise networks, pedophiles and terrorists? Or should we work on tools that make censorship much harder, just like we did with encryption? Is that the same debate as "moar encryption"? How to we get to consensual position in the IETF about that?
  • Access in under-privileged areas. There are many IETF efforts on making the fast Internet even faster, especially in the transport area. Are we disenfranchising the denizens of remote places with poor connectivity? Same questions about how to get consensus, etc.
  • Accessibility. Are our protocols hard to use by people with disabilities? What about our standard process?

I think that establishing priorities there would be useful. Even more useful would be a process to establish such priorities.

[Note: this is likely to be overtaken by events before the retreat, as well]

Protocol Maintenance

We adopted draft-iab-protocol-maintenance, what does this need for publication?

Scope of IAB Responsibility

The IAB has a diverse set of responsibilities. Some of those functions are critical to the function of the overall organization (appointments, appeals, liaison, what have you), some less so. Is there any way in which the responsibilities could be reduced?

The job of RSE oversight has been divested to the RSOC: is that still appropriate?

The planning for plenaries has been less successful of late.

The technical aspects of the IAB are less well-defined and seem largely based on whatever the IAB is currently preoccupied with. What work the IAB has published could easily be the product of those few dedicated individuals who contribute. The convening of workshops, which is an extension of mix of aspects of the IAB from liaison to new-work shepherding, could be done in several other ways with the same sort of effect. The shepherding of new work into the IETF could be supported by a directorate-like structure just as effectively. The statements and pronouncements that the IAB makes would be more respectable coming from the IETF. Are these all functions that serve a purpose? Or is that purpose simply to make the role more attractive to a particular kind of person?

Proposal: Stop organizing technical plenaries (Alissa)

This function of the IAB hasn't been successful for quite some time. Let's discuss not doing it anymore.

I added this awhile back but it may have been overtaken by events.

RSE Role and RSOC

Check-in on the program.

IAB statements on Trust in Internet Entities

Possibly break out into small groups to work on these?

For the Users document

Discuss current draft and future direction.

Consolidation (Jari)

There are several aspects to discuss:


The draft was updated before IETF-104, with input from Niels among others. What's the next step? Other updates, discussion, adoption, or abandoning?

References: - The draft itself is at https://tools.ietf.org/html/draft-arkko-iab-internet-consolidation - The GitHub repo is at https://github.com/jariarkko/draft-iab-internet-consolidation

Also do we want to still work on the Chokepoints draft, or abandon it?

References: - The GitHub repo is at https://github.com/intarchboard/chokepoints

Activities Review

Who is doing what in this space in the word: IAB, ISOC, ChathamHouse, DEDR, ...? Can we review the different activities and decide whether the set of activities is the right one or needs some adjustment?

DEDR planning

We need to plan for the workshop. At this point we should know how many submissions we got, and what participants were invited. Determine what the agenda should be.

Changing the Internet Threat Model (Jari)

It seems to me that the communications-security -only threat model that Internet systems get designed for is outdated. This is due to three factors:

  • Advances in protecting most of our communications with strong cryptographic means (and working on the remaining bits)
  • Adversaries increasing their pressure against other means (devices, endpoint coercion, surveillance/hacking the endanpoints, legal)
  • New adversaries and risks have arisen, e.g., due to creation of large centralized information sources

We need a new model.

(Added by Stephen: great topic, good to devote more time here than some others I'd argue:-)

Gardening our Communication Channels

Wiki (x2), GitHub, WebEx, e-mail (x2), jabber, Web site, RFCs -- we've got it all. It'd be really nice if we could consolidate the information we have to at least refer to each other where appropriate, and remove outdated information where possible.

Arrivals and Departures

Name Arrival Departure Hotel
Wes Tue 2019-05-14 05:20 Sat 2019-05-18 16:55
Stephen Wed 2019-05-15 1440 @ KEF Sat 2019-05-18 1030 from KEF
Cindy Wed 2019-05-15 0610 @ KEF Sat 2019-05-18 1720 from KEF Radisson
Mark Tue 2019-05-14 1700 @ KEF Sun 2019-05-19 10:50 from KEF Radisson
Jari Wed 2019-05-15 0900 @ KEF Sat 2019-05-18 18:05 from KEF Radisson
Brian Wed 2019-05-15 1600? @ KEF Fri 2019-05-24 (post-RIPE) 07:20 from KEF Radisson

Attending Remotely

Name Timezone