Difference between revisions of "Plenary Queue"

From IAB Wiki
Jump to navigation Jump to search
Line 1: Line 1:


===Scheduled Topics===
==Scheduled Topics==


The following topics have been scheduled for tech plenaries.


===IETF 102 Montreal (July 2018)===


===Ideas Queue===
No topic scheduled yet.


==== Challenges to HTTPS Adoption in Media Websites  - added 2016-08-03 ====
===IETF 103 Bangkok (November 2018)===


Corey Gilmore, Chief Architect, Penske Media Corporation. [[http://pmc.com/our-brands/ Brands]] they support include [[http://variety.com/ Variety]], [[http://wwd.com/ WWD]], and [[http://www.india.com/ India.com]]
No topic scheduled yet.


<pre>
==Current Ideas Queue==
An overview of the barriers and hurdles that effectively prevent the transition from HTTP to HTTPS
for most mid-to-large media companies. We'll discuss how browsers, advertisers, CDNs, and content
producers fail to support modern security and privacy needs, and the challenges of forcing HTTPS in
an industry supported by advertising, dependent on third-party content, and built on consumer data.
</pre>


(via Joe) Martin may have another person to add to this topic.
The following ideas are current; we should run down the next steps on these, moving them to  


==== Future of Remote Conferencing - added 2016-07-25====
===Consolidation===
<pre>
We've talked about increasing remote participation, and at least some people
want to work toward virtual-only meetings.
Concerns are reading non-verbal communication (always tricky), queueing
and queue management, facilitating real discussing, and simulating the
"hallway track."


Let's explore whether there are strategic thinkers working on globally
See [https://www.ietf.org/blog/consolidation/ Jari's blog post] on the subject. Lee has notes on a few potential speakers. We've already spoken to Geoff Huston on this subject
dispersed large meetings. Might be people at Cisco Telepresence, MIT
Media Lab, MeetEcho, other vendors who have strategic ideas. Might be
people in WebRTC already thinking like this.


===The Internet and Futurism===


Lee
Following up on discussions around the Singapore plenary, ask a science fiction author to come riff on the future of the Internet for a while. See e.g. [https://media.ccc.de/v/34c3-9270-dude_you_broke_the_future Charlie Stross at CCC in 2017]
</pre>


==== IOT and Augmented Reality - added 2016-08-03====
Next step: invite Charlie Stross for a tech chat?


* See Tech Chat with Valentin Heun, [[20160622Minutes]]
===Straws and Camels===
* Attempting to schedule tech chat with Ari Keranen for September (as of 2016-08-31)
* One possibility is a talk from Steve Checkoway, who makes a living breaking things.  He also lives in Chicago, which might be convenient. [[User:Mthomson|mt]] ([[User talk:Mthomson|talk]]) 06:30, 15 December 2016 (UTC)


==== Overview of IETF IOT Topics - added 2016-05-17====
At IETF 101, there was an active topic of discussion in DNSOP how successful protocols get overloaded; this could be expanded into a general topic on the lifecycle of protocol ecosystems.


====IFTTT- added 2016-05-17====
Next step: ask Suzanne for ideas?


====GAIA- added 2016-05-17====
===Hub of All Things===


==== Snowden +3y: IETF progress (for IETF 96 Berlin) - added 2015-11-05====
[https://hubofallthings.com/ Hub Of All Things] is a research project aimed at re-decentralization of data.


<pre>To Brian's suggestion of us thinking about tech plenary topics much
Next step: invite Jon Crowcroft for a tech chat?
earlier, I'd like to start fleshing out something for Berlin.  The topic
is "Snowden +3y: IETF progress".  This would include at least:


- IAB Statement on Internet Confidentiality, RFC 7258
===Snowden +N years===
- ACME (this could be the core talking point, with a LetsEncrypt rep
  showing implementation stats)


- HTTP/2
Review how the IETF has done on the problem of pervasive surveillance since [https://tools.ietf.org/html/7258 RFC7258], and look forward to the next challenges in the space.
- TLS 1.3
- DPRIVE
- DART (or whatever we call it, assuming it gets chartered)
- the 10 other things I can't think of at the end of the week


--
===Future of Remote Participation in the IETF===
Joe Hildebrand</pre>


<pre>pretty good start.
Look forward to technical developments in remote participation technologies, and foster a discussion about how this affects how we work. (Since the IESG runs the meeting program, this seems like one to discuss in close cooperation with the IESG)


MaRNEW?
===The Cryptographic Lens===
Should we have
- some « measurement » data about for example, https trafic increase,
- impacts of running https by default by content server providers, ISP
(DPI), …
- i.e. the ops part of this…


Marc.</pre>
Watch [https://www.youtube.com/watch?v=ZQBIs0BUVh4 the YouTube video]


====Current Hostname Practice Considered Harmful - added 2015-09-02====
Next step: invite Shafi Goldwasser for a tech chat?


* Action for Suzanne and Dave to collaborate on potential future plenary topic from INIP+PrivSec around the "Current Hostname Practice Considered Harmful" (draft-ietf-intarea-hostname-practice) draft.
===Data Driven Security===


====Pervasive Monitoring Followup - added 2014-10-22====
[http://www.stanford.edu/class/ee380/Abstracts/120111.html Data Driven Security]: the abstract is six years old but the topic is not stale.


<pre>From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Next step: invite [http://cseweb.ucsd.edu/~savage/ Stefan Savage] for a tech chat?
Date: October 20, 2014 12:09:55 PM PDT
To: Internet Architecture Board <iab@iab.org>
Subject: [IAB] Plenary speaker suggestion


Hello,
===Operational Considerations===


Shafi Goldwasser was one of the keynotes at the Grace Hopper Celebration
(Of Anything)
and I think she would make an excellent plenary speaker as a follow on
to the pervasive monitoring talks from last year.  She can give a deep
technical talk or bubble it to a higher level for an audience like that
of the Grace Hopper Celebration, which included Computer Science
students, industry professionals, and recruiters.  Her talk was the one
that had the most buzz at the conference itself.


She's a cryptographer with recent talks on fully homomorphic encryption. 
Next step: ask Lee for ideas?
As we walk down a path of ubiquitous encryption on the Internet, we are
going to change how many things work today, impacting on operations,
incident response, increasing privacy protections, and hopefully
reducing pervasive monitoring (but new ways to break encrypted sessions
continue to emerge).  IMO, unless we get to solutions that provide both
privacy and the ability to detect patterns/find criminals, etc., we will
continue to see a struggle between these goals.


Although fully homomorphic encryption is not yet practical (it's getting
===The Lack of Low Justice in the Internet===
closer, but performance is still a major issue), I think it would be
good to get the IETF to think about this balance.  What do we change to
head down this path of fully homomorphic encryption, functional
encryption and filterable decryption?


Here is a link to background on Shafi, which includes a recording of her
An intriguing question was raised [https://trammell.ch/post/2017-05-08-trust-the-internet/ a panel Brian sat on] in 2017: one issue with personal trust in the Internet is that there is no mechanism at all for "low justice" (the settlement of petty claims) among parties whose interaction is entirely Internet mediated. The current system for settlement of international disputes is quite poorly suited to this task.
Grace Hopper keynote.
https://www.csail.mit.edu/node/2354


I also watched this talk she gave at Stanford before the GHC talk was
Next step: think about this and figure out who we should talk to about it.
posted (so you see her range, this is more technical):
The Cryptographic Lens: Vision of Our Past and Future:
https://www.youtube.com/watch?v=ZQBIs0BUVh4 </pre>


2014-10-22: IAB discussed this as a possible topic, possibly with Stefan Savage as an additional speaker.
==Past Ideas==


These ideas were in an older version of this queue, and have "timed out" or were otherwise not acted upon, but are kept here in list form, as a reminder that we've considered them:


====Naming, Privacy, and Security (Brian, for Andrew and Ted) - added 2014-05-09====
* Challenges to HTTPS Adoption in Media Websites
 
* IoT and Augmented Reality / Overview of IETF IoT Topics
As suggested at the IAB retreat, I'd propose that the next two plenaries should address:
* Naming and Privacy / Hostname Practice Considered Harmful
 
1. the architectural implications of naming on the Internet, with a focus on the intersection of names and trust/security
 
2. the privacy and security program, focusing on (1) perpass one year later and (2) progress within the program to date.
 
I'd hope we can pull together speakers for naming (including IAB members if need be) for IETF 90, because it would be really nice to do "perpass one year later" _really_ one year later. (I forget whose idea this was, but I recall seeing it on the list.)
 
Andrew's message of 27 April 2014 "another go at names plenary thing":
 
<pre>
---%<---cut here---
 
Names on the network are fundamental building blocks for security.
This is true in a couple different ways.
 
First, we assert security properties by name. Traditionally, this
happened via X.509 certificates and the associated PKI system.  The
advent of DNSSEC and the development of DANE technologies allows this
assertion to happen within the name tree itself, which may change the
kind of attack that can be successful.  But it makes the security
properties of the system completely dependent on the security of
DNSSEC signatures.  If DANE-type security mechanisms take off, does
the value of compromising DNSSEC keys go up?
 
Second, systems do not exist in isolation, but instead are
interrelated. This means that they share data with one another. It is
difficult to know whether two named systems should be able to share
data, however: apart from the labels that make up the names, a user
has no way to tell whether www.example.com and www.example.net are
related (and is unlikely to be able to tell that delegated.example.com
is not related).  This wouldn't matter, except that both
certificate-issuance mechanisms and http cookie-sharing decisions are
based on names and how they relate to each other in the tree.
Moreover, domain names (including those actually in the global DNS,
and those that are not) are a part of user interfaces, because they
are embedded in URIs, email addresses, SIP and XMPP identifiers, and
other such user-facing components.  This means that users treat such
identifiers according to natural language semantics, and possibly not
in ways that the protocol expects.
 
This plenary discussion hopes to explore these ways in which names are
used as part of these security decisions. We'll first undertake an
overview of DANE [Olafur] and note the potential costs and benefits
from the dependence on DNSSEC.  We will draw attention to the issue of
the DNS and the ways that domain names are used outside the DNS
[Suzanne Woolf?].  Finally, we will explore the issues related to
security policies dependent on names [John Levine?].
</pre>
 
and revision 3 (sent 14 May 2014):
 
<pre>
Names on the network are fundamental building blocks for security.  In
order to use them this way, the end user has to trust the name somehow.
 
Traditionally, trust binding happened partly using X.509 certificates
and the associated PKI system.  The advent of DNSSEC and the
development of DANE technologies allows similar assertions to happen
within the name tree itself, either as replacements for the X.509 PKI
or else as an adjunct.  This may change the kind of attack that can be
successful.  But it makes the security properties of the system
completely dependent on the security of DNSSEC signatures.  If
DANE-type security mechanisms take off, does the value of compromising
DNSSEC keys go up?
 
The trust that comes from the PKI is not, however, the only trust
binding at work.  Systems do not exist in isolation, but instead are
interrelated. This means that they share data with one another. It is
difficult to know whether two named systems should be able to share
data, however: apart from the labels that make up the names, a user
has no way to tell whether www.example.com and www.example.net are
related (and is unlikely to be able to tell that delegated.example.com
is not related).  This wouldn't matter, except that both
certificate-issuance mechanisms and http cookie-sharing decisions are
based on names and how they relate to each other in the tree.
Moreover, domain names (including those actually in the global DNS,
and those that are not) are a part of user interfaces, because they
are embedded in URIs, email addresses, SIP and XMPP identifiers, and
other such user-facing components.  This means that users treat such
identifiers according to natural language semantics, and possibly not
in ways that the protocol expects.  Because some domain names do not
appear in the DNS itself, there isn't even a single authoritative
source from which one can get the truth about any given name.
 
This plenary discussion hopes to explore these ways in which names get
bound to trust.  The goal is to expose the gaps in the architecture so
that participants leave with an understanding of what work remains to
be done [or, possibly, a feeling that everything is ruined --ed].  We
will discuss DANE and its relation to DNSSEC and X.509; naming
identities for certificate issuance, same-origin policy, anti-spam
measures, and the like; and how protocols that are avoiding using the
global DNS are still using domain names, and what that means for the
trust model.
 
[potted bio of speakers goes here]
 
 
</pre>
 
====Networking in Developing Countries (Jari) - added 2014-03-07====
 
<pre>
Jari: As a side note, some people approached me at the Scotch BOF to
  suggest that we should hold a technical plenary on networking in the
  developing countries. (To be presented by people who actually do the
  networking in there.)
 
  I thought it was a good idea.
 
Lars: Talk to Arjuna, who set up the GAIA meeting. He had a bunch of
  GREAT speakers!
 
Marc: I like it too. One early comment: "if you(developing countries)
  have issues, how can we help you?" would be good to hear.
 
Xing: From APNIC/APRICOT, there are also very good topics and speakers.
  http://www.apnic.net/
  http://www.apricot.net/
</pre>
 
We also had a [https://www.iab.org/documents/minutes/minutes-2014/iab-minutes-2014-06-11/ | tech chat on June 11, 2014] on "Everybody's Internet?
Mobile-only and mobile-centric internet use in the developing world"
from Jonathan Donner.
 
====DANE (Olafur Gudmunsson) - added 2014-03-06====
 
<pre>
From: Olafur Gudmundsson <ogud@ogud.com>
Date: March 6, 2014 7:45:20 AM PST
To: iab@iab.org
Cc: Olafur Gudmundsson <ogud@ogud.com>
Subject: [IAB] Technical plenary idea: DANE
 
As DANE is getting lots of interest from number of protocols and we have
running code in number of cases, this might be a good time to have a
plenary talk on why do DANE and what you need in order to start using
DANE (i.e. DNSSEC).
 
If there is interest I would be willing to develop a more
detailed proposal for either next IETF or the one after that.
 
Olafur
</pre>
 
<pre>
Andrew: Another one (and perhaps one we could put together quite
  quickly) is a generalization of Olafur's suggestion.  I don't think
  DANE as such is a good plenary topic, because it's well-defined work
  and the IETF already has a lot of consensus on it.  But names,
  namespaces, and security probably _is_ a good IETF-wide topic and DANE
  is a part of that.  It strikes me as something we could arrange in
  time for Toronto and we could easily have a tech chat about it in
  advance.
 
  Here's a starting proposal:
 
Names on the network are fundamental building blocks for security.
This is true in a couple different ways.
 
First, we assert security properties by name. Traditionally, this
happened via X.509 certificates and the associated PKI system.  The
advent of DNSSEC and the development of DANE technologies allows this
assertion to happen within the name tree itself, which may change the
kind of attack that can be successful.  But it makes the security
properties of the system completely dependent on the security of
DNSSEC signatures.  Is that too many eggs in one basket?
 
Second, systems do not exist in isolation, but instead are
interrelated. This means that they share data with one another. It is
difficult to know whether two named systems should be able to share
data, however: apart from the labels that make up the names, a user
has no way to tell whether www.example.com and www.example.net are
related (and is unlikely to be able to tell that delegated.example.com
is not related).  This wouldn't matter, except that both
certificate-issuance mechanisms and http cookie-sharing decisions are
based on names and how they relate to each other in the tree.
 
This plenary discussion hopes to explore these ways in which names are
used as part of these security decisions. We'll first undertake an
overview of DANE [Olafur] and note the potential costs and benefits
from the dependence on DNSSEC.  Then we will explore the issues
related to security policies dependent on names [John Levine?].
Finally, we'll discuss whether names need to become even more
fundamental to how we interact with Internet resources (not
necessarily using the DNS). [Allison Mankin?  Lixia Zhang?]
 
Eliot: Indeed my direct feedback to Olafur was that we would probably
  want to broaden out the topic.  There are different dimensions to do
  that.  One would be around the comment you made along the lines of
  whether DNS needs substantial evolution.  Another would be along the
  lines you mention above; and the two actually overlap.
</pre>
 
====Network coding (Lars) ====
 
====Technology & Regulation (Hannes)====
 
====Architectural Transition (Brian)====
 
There has been an enormous amount of energy put into building and elaborating "future Internet architectures" (FIA) in academia since the beginnings of the Internet. Since the emergence of the current Internet architecture, most of these have been relegated to the realm of interesting toys, because (1) "clean slate" approaches provide the most freedom to think explore the development of alternate Internet technologies and (2) there is little academic incentive to take these clean slate technologies and integrate them with the less clean reality of the Internet, or to think much about incentives for deployment.
 
There are a couple of cases of longer-term FIA efforts which have done some thought about the stages of transition between the current Internet architecture and the "new" architecture: Information-Centric Networking (in its two dominant guises) and the SCION architecture (https://www.scion-architecture.net) are a couple of examples. The proposed plenary talk would have proponents of / experts in the various architectures give a focused talk on the transition stories for each, as a basis for a discussion about how (and whether) architectures can be evolved on purpose.
 
(This is *clearly* an interesting tech talk or two, and I would like to do them anyway, even if the outcome is "a bit too abstract for the IETF plenary audience". Full disclosure: I work 20% for the group developing SCION.)
 
====Grab bag====
 
<pre>
From: "GT RAMIREZ, Medel G." <medel@globetel.com.ph>
Date: May 3, 2013 4:15:38 AM EDT
To: "IAB Chair" <iab-chair@iab.org>
Subject: RE: Call for Technical Plenary Topics
 
Sir,
Pardon for the ignorance.
May I suggest the top of mind list that may be discussed in the coming
IETF Meeting/s:
1) What's  life after IPv6?
2) What's up from IETF in the LTE (standardization- upcoming and
on-going or from the UE to Apps?
3)  What are other Green Initiatives that IETF stored or on the roadmap?
 
Regards
Medel G. Ramirez
Manila, Phils.
++++++++++++++++++++++++++++++++++++++
</pre>
 
====Data-Driven Security (IETF 91 or IETF 92)====
 
Note, I've contacted Stefan and will follow-up with him early 2014 to see if he can present at IETF 91 or 92).  Mary.
 
<pre>Begin forwarded message [this was from 2012 but might be workable for Nov 2013]:
 
From: Dave CROCKER <dcrocker@bbiw.net>
To: Alissa Cooper <acooper@cdt.org>, Spencer Dawkins <spencer@wonderhamster.org>,
Joel Halpern <jmh@joelhalpern.com>, Dave Thaler <dthaler@microsoft.com>
Subject: Speaker for Vancouver technical plenary
 
Howdy.
 
I'd like to propose a speaker for the Vancouver technical plenary:
 
    Stefan Savage
 
    <http://cseweb.ucsd.edu/~savage/>
 
He gave a talk at Stanford that presented a detailed view of the abuse ecosystem, and he
presents it in terms that are somewhat unusual, even for those who talk in terms of an ecosystem:
 
  <http://www.stanford.edu/class/ee380/Abstracts/120111.html>
 
Average IETF discussions about Internet abuse either are about specific vulnerabilities
-- classic security threats perspective -- or a very basic and mechanics perspective.
 
What is generally lacking from discussions in the IETF is a sense of how integrated
and extensive the abuse /economy/ is.
 
I think Stefan's talk could help to change that.
 
He is at UC San Diego and prefers to minimize travel.  I think that makes Vancouver perfect.
 
Thoughts?
 
d/
--
 
Dave Crocker
Brandenburg InternetWorking
bbiw.net
</pre>

Revision as of 14:30, 11 April 2018

Scheduled Topics

The following topics have been scheduled for tech plenaries.

IETF 102 Montreal (July 2018)

No topic scheduled yet.

IETF 103 Bangkok (November 2018)

No topic scheduled yet.

Current Ideas Queue

The following ideas are current; we should run down the next steps on these, moving them to

Consolidation

See Jari's blog post on the subject. Lee has notes on a few potential speakers. We've already spoken to Geoff Huston on this subject

The Internet and Futurism

Following up on discussions around the Singapore plenary, ask a science fiction author to come riff on the future of the Internet for a while. See e.g. Charlie Stross at CCC in 2017

Next step: invite Charlie Stross for a tech chat?

Straws and Camels

At IETF 101, there was an active topic of discussion in DNSOP how successful protocols get overloaded; this could be expanded into a general topic on the lifecycle of protocol ecosystems.

Next step: ask Suzanne for ideas?

Hub of All Things

Hub Of All Things is a research project aimed at re-decentralization of data.

Next step: invite Jon Crowcroft for a tech chat?

Snowden +N years

Review how the IETF has done on the problem of pervasive surveillance since RFC7258, and look forward to the next challenges in the space.

Future of Remote Participation in the IETF

Look forward to technical developments in remote participation technologies, and foster a discussion about how this affects how we work. (Since the IESG runs the meeting program, this seems like one to discuss in close cooperation with the IESG)

The Cryptographic Lens

Watch the YouTube video

Next step: invite Shafi Goldwasser for a tech chat?

Data Driven Security

Data Driven Security: the abstract is six years old but the topic is not stale.

Next step: invite Stefan Savage for a tech chat?

Operational Considerations

(Of Anything)

Next step: ask Lee for ideas?

The Lack of Low Justice in the Internet

An intriguing question was raised a panel Brian sat on in 2017: one issue with personal trust in the Internet is that there is no mechanism at all for "low justice" (the settlement of petty claims) among parties whose interaction is entirely Internet mediated. The current system for settlement of international disputes is quite poorly suited to this task.

Next step: think about this and figure out who we should talk to about it.

Past Ideas

These ideas were in an older version of this queue, and have "timed out" or were otherwise not acted upon, but are kept here in list form, as a reminder that we've considered them:

  • Challenges to HTTPS Adoption in Media Websites
  • IoT and Augmented Reality / Overview of IETF IoT Topics
  • Naming and Privacy / Hostname Practice Considered Harmful