Date: Mon, 02 Nov 1998 11:01:43 +0000 From: Brian E Carpenter IAB Teleconference held May 12, 1998 Minutes recorded by Charles Perkins Attendees: Brian Carpenter Charles Perkins (acting scribe) Tony Hain Steve Deering Cindy Jung John Klensin Jon Postel Keith Moore Steve Bellovin (late) Ned Freed Bob Moskowitz Tim Howes Jon Crowcroft (late) Action: Tunneling: open = First conversation has been started = Fall workshop on tunneling/firewalls/NAT? (Bob, Ned) Action: Discovery: open = Working group ... NOT = Design team ... could be promising needs a concrete proposal Action: Registration of IPv6 addresses = Met with registry people in LA, talked about issues with Hinden's draft, Bob has revved already during 1st week of May Action: Routing Workshop Report = Steve will ensure it happens = Steve posted the PostScript slides to the workshop mailing list Action: Radia's draft about "What should be in protocols" = Brian takes an action to ping Radia about it Action: Bellovin's Security Workshop report = draft is published = Need to get Steve to tell us if there are are action items for the IAB from it Action: Revise Case for IPv6 and run it past the IPng group = Before publication as Informational IESG Liaison Report = John reports that nothing exceptional has happened = Keith reports the same = Format for (generalized) resource Identifiers == Touches on API issues == Keith and John will alert IAB about the issues = GUID discussion == Keith sent detailed message to Rich Salz and Paul Leach == Whether it's to be used widely, or just for session-level identification == Keith sez that the same danger exists for many new technology, no better or no worse == To be used as a security ID, the UIDs would have to be "secure" == Applicability statement needs to be built in == Keith will send detailed message to IAB list = John Klensin reminds us that he is only acting as liaison until the next IETF at the latest. Discussion of 12 possible IAB work items (list attached) = Missing element of #9 (security): certificate architecture, too many solutions. = Firewalls, proxies, "level 4 switches" and NATs are related, their relationships need to be documented, and we should be willing and able to label some ideas as "bad". = Ned volunteered to work on a draft in this area. Some of the 12 listed items are already on our action list, and others did not find active volunteers. The selected new work items are: 1. Five year routing roadmap - On hold until we have action items from routing workshop. - Workshop did not emphasize a very long list of action items. 2. Security stuff - Ned will do firewalls/proxies as noted above. - application-level security and mandatory to implement authentication (Chris Newman draft, which needs to cover RADIUS and DIAMETER too). Important - Bob and Steve Bellovin will follow up with security ADs. - Applicability statement for the buildong blocks we have including certification (Steve Bellovin) Additional topic (Steve Deering): Dynamic DNS updates, to be made useful, needs to defeat DNS caching, but caching is essential for DNS scalability. Need to understand the limits of applicability and how this affects renumbering and/or NAT and/or mobility. Imagine IP/UDP telephony with 10**6 hosts changing addresses at handover rates as a dynamic DNS problem. [somebody volunteered to ask kre to look at this, who?] POC: The IAB will need to select two new members for the POC, since Rob Austein's term will expire in August and Patrik Faltstrom has resigned due to his IESG appointment. An open nomination procedure will be used, as last year. [Action: Brian to draft call for nominations.] Board members for non-profit IANAng: Jon Postel indicated that when the new IANA is formed, the IAB will be asked to nominate some of its Board members. ---- Original list of 12 possible topics: 1. Roadmap to meet routing needs in 5 years - million-entry routing tables, or alternatives? - QOS multicast routing 2. Tunneling - too many solutions - VPN tunnels: naming, addressing, routing 3. NAT 4. IPv6 5. New transport protocol 6. In-home and to-the-home Internet 7. Rationalization of RAP, RTFM, etc.--working on similar problems, but unaware of each other 8. Naming and finding stuff - naming things, URI - roadmap for finding stuff (which to use: dhcp, multicast, ldap, etc.) - directory services - indexing and searching 9. Security - firewalls--make them part of the architecture - living document of applicability statements for the security building blocks we have - actually making applications secure - object security - authorization and access control framework beyond RAP - multicast key management 10. Management - heterogeneous network management; beyond SNMP; DEN; - applications management--more than just instrumentation 11. Root server architectures; is there a way to flatten the hierarchy? 12. Document things that are commonly done wrong (implementation and configuration).