Re: [alto] Meeting Info for Tuesday 07/18/2023
"Y. Richard Yang" <yry@cs.yale.edu> Sat, 22 July 2023 15:07 UTC
Return-Path: <yang.r.yang@gmail.com>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D76FBC151AF4 for <alto@ietfa.amsl.com>; Sat, 22 Jul 2023 08:07:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.541
X-Spam-Level:
X-Spam-Status: No, score=-4.541 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.096, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, URI_DOTEDU=1.999] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fCt-IVU6Nvsj for <alto@ietfa.amsl.com>; Sat, 22 Jul 2023 08:07:26 -0700 (PDT)
Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D45BC151AF3 for <alto@ietf.org>; Sat, 22 Jul 2023 08:07:26 -0700 (PDT)
Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-cea6b429d05so3025468276.1 for <alto@ietf.org>; Sat, 22 Jul 2023 08:07:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690038445; x=1690643245; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RPfxCRxejDaWw4a9Syc5nJLQBtHQuk5Fdyuxadtnzzk=; b=SuZXS+YW/NXIFuH2ebyFOoJIY/r+7eRTh0getF7c8NTe0OrqVNRbFmwkpuL4wIaFKj kSeymXl+WINmFF7BFPULrhobJRxpedVIVFhBxzuKLBblN3hHsoFCWEWayXmSgQNrLoSt 1broKBwCI1C/iTtfWZqRIhKwz03GfUkVpF2x4yNJTFlaZB2WJfmfhfBtv0fNaqTxjdIF 12LYU1h9xtnFaP6OIfpM07T3WF5n4nadqIumq6d+EZOqmZqf7FsyAeM1huCgAoBNRfIT xPMgFfL/QVORWebFqzGE0dABhyTFk1saT6ZAh5kNbTnSiowWxe6kaaDECb2KVIsO0e5I h5Rw==
X-Gm-Message-State: ABy/qLb6GuKmI55puhnwOMfhHHC5rtG8zIC8QeOey4rAbviOEczde75R d40ncL5v/Pwe9o0porgfu8ejChq2jb7VCmlacKu5f9LmGyCzK9ur
X-Google-Smtp-Source: APBJJlEZ3ju6YJ8YyuGYZ4sHxavj2ZME5uzKewA1vK9Ne20aZPHHJJfum1JEl6QZRH6Kb+AwSwNuWJKazC4eEsqUnd8=
X-Received: by 2002:a25:b189:0:b0:ba8:358f:3f32 with SMTP id h9-20020a25b189000000b00ba8358f3f32mr3857397ybj.1.1690038444552; Sat, 22 Jul 2023 08:07:24 -0700 (PDT)
MIME-Version: 1.0
References: <SN6PR02MB5375103F13AB5D76841C3718F6709@SN6PR02MB5375.namprd02.prod.outlook.com> <SN6PR02MB5375F657A1605E5D042E8A6FF652A@SN6PR02MB5375.namprd02.prod.outlook.com> <SN6PR02MB53753F7CC781AF3E7CDC27E0F655A@SN6PR02MB5375.namprd02.prod.outlook.com> <SN6PR02MB53755333EB02F4A7FB688F89F65CA@SN6PR02MB5375.namprd02.prod.outlook.com> <SN6PR02MB537508A74A6A10A6E5818D59F627A@SN6PR02MB5375.namprd02.prod.outlook.com> <SN6PR02MB5375BC0F1FF9E6889EEFD3E0F62EA@SN6PR02MB5375.namprd02.prod.outlook.com> <SN6PR02MB537527B060D260B1B35755E3F638A@SN6PR02MB5375.namprd02.prod.outlook.com> <VE1PR06MB7150E717D28B4EBA74C996EBDF3CA@VE1PR06MB7150.eurprd06.prod.outlook.com>
In-Reply-To: <VE1PR06MB7150E717D28B4EBA74C996EBDF3CA@VE1PR06MB7150.eurprd06.prod.outlook.com>
From: "Y. Richard Yang" <yry@cs.yale.edu>
Date: Sat, 22 Jul 2023 17:07:13 +0200
Message-ID: <CANUuoLp44Zb=_JTWs-fLTHr9VQu2cwBC+CWNW7mjs5+_F7LeSA@mail.gmail.com>
To: "Diego R. Lopez" <diego.r.lopez@telefonica.com>
Cc: Jordi Ros Giralt <jros@qti.qualcomm.com>, "alto@ietf.org" <alto@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000024f7fd060114bd97"
Archived-At: <https://mailarchive.ietf.org/arch/msg/alto/0AEYFBGtppXWE8Rz8ToEGI-BYrU>
Subject: Re: [alto] Meeting Info for Tuesday 07/18/2023
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Jul 2023 15:07:30 -0000
Hi Diego, Always good posting from you. As ALTO starts to be deployed in several networks, it is time to seriously look into the security and trust management aspects of existing ALTO-exposed information. It is better to understand and introduce mechanisms to mitigate potential issues before widespread deployment. Hence, a potential work item is an informational document that analyzes the security and privacy risks of ALTO (or generally network) exposed information about network-attached entities. - Security and privacy impacts on endpoints Specifically, ALTO has defined both path and entity properties. There are path 9 metrics: [RFC9439 to-be]: one-way delay; roundtrip delay; delay variation; loss rate; residual bandwidth; available bandwidth; TCP throughput; hop count; [RFC7285]: routingcost. The metrics can be exposed in numerical mode or ordinal (ranking) mode. ALTO also has defined the entity property service which can expose some properties of an endpoint. It helps to identify the security and privacy impacts on involved endpoints. Example: To be concrete, assume that there is a public, high-quality (without security/privacy consideration) ALTO server providing ALTO metrics for a network. An ALTO client knows the exact location of an IP address IPa. The client queries the delay from IPa to IPb (belonging to the same network) and finds that it has low delay, implying that IPa and IPb are closeby; in general, one can use delay metrics to conduct triangulation. Management: There are multiple management approaches, depending on the context. For example, - Should the ALTO server have a security policy for quantizing the delay metrics? - In many cases, ordinal (ranking) metrics reveal less information, and hence can be preferred. - If there is known trust relationship between the ALTO server and application, the risk can be better analyzed and managed. Maybe there should be an acceptable usage agreement when an ALTO server exposes information to an ALTO client. - There are many cases where the ALTO server is not the only information source. For example, if an application is already running on an endpoint, the application can conduct measurements. If some ICMP functions are enabled, some information can be exposed anyway. - Do we want to investigate a mechanism for an endpoint to manage its own data (e.g., when its IP appears, or the subnet)? - Eventually, should a network publish some type of policy such as a differential privacy policy ( https://www.apple.com/privacy/docs/Differential_Privacy_Overview.pdf) The above is complementary to this paragraph for you but should be highly related: "The expression of security properties (and trust assessment. Note the difference) as ALTO metrics. This would require an extension to the protocol, of a nature similar to the ones being discussed for other aspects like energy consumption." Complementing to endpoint security and privacy is network infrastructure security and privacy. As we engage in the deployment of ALTO at WLCG, we can feel that security/privacy is a concern of some network operators. But some of these networks already publish much of their data (e.g., WLCG/CERN has the public https://twiki.cern.ch/twiki/bin/view/LHCONE/WebHome). What additional security/privacy does ALTO expose? Overall, a network should evaluate its overall exposure and ALTO is just one piece of it. An WG item to provide a framework and list of (recommended) sources can be highly valuable. This should be related to your comment on provenance, and it is a good topic to look into: "The provenance of the data, in order to properly record the origin and history of the data being exposed using ALTO. This includes the different data sources aggregated by the ALTO server and the possible re-use of stored or post-processed ALTO statements. I have submitted a proposal on YANG provenance ( https://datatracker.ietf.org/doc/draft-lopez-opsawg-yang-provenance/) that could be applicable here. Cheers, Richard On Sat, Jul 22, 2023 at 8:06 AM Diego R. Lopez <diego.r.lopez@telefonica.com> wrote: > Hi Jordi, > > > > On topic C, I’d suggest we could use as base for discussion this post I > made to the list: > > https://mailarchive.ietf.org/arch/msg/alto/c-pFeENnBa3t1HcVlgHtArT6uuE/ > > I have seen Ayoub (or another kind editor) has added what is mentioned > there to the root document… > > > > Be goode, > > > > -- > > “Esta vez no fallaremos, Doctor Infierno” > > > > Dr Diego R. Lopez > > Telefonica I+D > > *https://www.linkedin.com/dr2lopez/ <https://www.linkedin.com/dr2lopez/>* > > > > e-mail: diego.r.lopez@telefonica.com > > Mobile: +34 682 051 091 > <http://voice.google.com/calls?a=nc,%2B34682051091> > > --------------------------------- > > > > On 18/7/23, 11:56, <alto-bounces@ietf.org> wrote: > > > > Dear all, > > > > This is a friendly reminder that we will have our ALTO weekly meeting today > Tuesday, 07/18/2023, at 9:00 am EST (3:00 pm CET and > 9:00 pm Beijing Time). > > > > Agenda: > > -------- > > (Please suggest new items as necessary) > > > > - Address comments from RFC Editor on ALTO Performance Metrics drafts. > > - IETF 117. > > - Chairs proposed this agenda: > https://datatracker.ietf.org/doc/agenda-117-alto/ > > - Discussion about presentations > > - Hackathon projects > > - ALTO Future Work: > > - List of topics: > https://mailarchive.ietf.org/arch/msg/alto/uIFD6Dhikfu4J4PYcpJTbsiXbnE/ > > - Topic A: > https://mailarchive.ietf.org/arch/msg/alto/nSBb2fJwwEEEeZ-Xxw-OmHhJdTs/ > > - Topic B: > https://mailarchive.ietf.org/arch/msg/alto/IXYPC1joF17oPJ7MWz5NDplAqKk/ > > - Topic C: WIP > > - Topic D: > https://mailarchive.ietf.org/arch/msg/alto/IEAyQ2kv49AvT1hIGfYkHWLxisY/ > > > > - Material: > > - Root document for topics discussion: > https://docs.google.com/document/d/1rpziU7NZEE8f84XkJSjMhEIHUA5G7rXkGB5c_7UFxUY/edit > > - Root ticket for ALTO future work proposals: > https://github.com/ietf-wg-alto/wg-materials/blob/main/FutureALTO/alto-direction-of-work.md > > > > ALTO Scrum Dashboard: > > ---------------------- > > - https://github.com/orgs/ietf-wg-alto/projects/1/views/2 > > > > Bridge: > > --------- > > - Join from the meeting link: > https://ietf.webex.com/ietf/j.php?MTID=m1dd555eff4634917aaff5a927d6e2c68 > > - Join by meeting number (access code): 2424 884 8159 > > - Meeting password: ymKtkapb394 > > > > ALTO Meeting Minutes: > > ------------------------- > > > https://github.com/ietf-wg-alto/wg-materials/blob/main/meetings-ietf-alto/ietf-alto-2023.md > > > > > > > Thanks, > > Jordi, on behalf of ALTO > > > > > > ------------------------------ > > Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, > puede contener información privilegiada o confidencial y es para uso > exclusivo de la persona o entidad de destino. Si no es usted. el > destinatario indicado, queda notificado de que la lectura, utilización, > divulgación y/o copia sin autorización puede estar prohibida en virtud de > la legislación vigente. Si ha recibido este mensaje por error, le rogamos > que nos lo comunique inmediatamente por esta misma vía y proceda a su > destrucción. > > The information contained in this transmission is confidential and > privileged information intended only for the use of the individual or > entity named above. If the reader of this message is not the intended > recipient, you are hereby notified that any dissemination, distribution or > copying of this communication is strictly prohibited. If you have received > this transmission in error, do not read it. Please immediately reply to the > sender that you have received this communication in error and then delete > it. > > Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, > pode conter informação privilegiada ou confidencial e é para uso exclusivo > da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário > indicado, fica notificado de que a leitura, utilização, divulgação e/ou > cópia sem autorização pode estar proibida em virtude da legislação vigente. > Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique > imediatamente por esta mesma via e proceda a sua destruição > ------------------------------ > > > Le informamos de que el responsable del tratamiento de sus datos es la > entidad del Grupo Telefónica vinculada al remitente, con la finalidad de > mantener el contacto profesional y gestionar la relación establecida con el > destinatario o con la entidad a la que está vinculado. Puede contactar con > el responsable del tratamiento y ejercitar sus derechos escribiendo a > privacidad.web@telefonica.com. Puede consultar información adicional > sobre el tratamiento de sus datos en nuestra Política de Privacidad > <https://www.telefonica.com/es/telefonica-politica-de-privacidad-de-terceros/> > . > > We inform you that the data controller is the Telefónica Group entity > linked to the sender, for the purpose of maintaining professional contact > and managing the relationship established with the recipient or with the > entity to which it is linked. You may contact the data controller and > exercise your rights by writing to privacidad.web@telefonica.com. You may > consult additional information on the processing of your data in our Privacy > Policy > <https://www.telefonica.com/en/wp-content/uploads/sites/5/2022/12/Telefonica-Third-data-subjects-Privacy-Policy.pdf> > . > > Informamos que o responsável pelo tratamento dos seus dados é a entidade > do Grupo Telefónica vinculada ao remetente, a fim de manter o contato > professional e administrar a relação estabelecida com o destinatário ou com > a entidade à qual esteja vinculado. Você pode entrar em contato com o > responsável do tratamento de dados e exercer os seus direitos escrevendo a > privacidad.web@telefonica.com. Você pode consultar informação adicional > sobre o tratamento do seus dados na nossa Política de Privacidade > <https://www.telefonica.com/es/politica-de-privacidade-de-terceiros/>. > _______________________________________________ > alto mailing list > alto@ietf.org > https://www.ietf.org/mailman/listinfo/alto > -- -- ===================================== | Y. Richard Yang <yry@cs.yale.edu> | | Professor of Computer Science | | http://www.cs.yale.edu/~yry/ | =====================================
- [alto] Meeting Info for Tuesday May 9th, 2023 Jordi Ros Giralt
- Re: [alto] ALTO Interim and Weekly Meetings Today… Jordi Ros Giralt
- [alto] Meeting Info for Tuesday May 23rd, 2023 Jordi Ros Giralt
- Re: [alto] Meeting Info for Tuesday May 23rd, 2023 LUIS MIGUEL CONTRERAS MURILLO
- [alto] ALTO Interim and Weekly Meetings tomorrow … Jordi Ros Giralt
- [alto] Meeting Info for Tuesday June 6th, 2023 Jordi Ros Giralt
- [alto] Meeting Info for Tuesday June 13th, 2023 Jordi Ros Giralt
- Re: [alto] Meeting Info for Tuesday June 13th, 20… LUIS MIGUEL CONTRERAS MURILLO
- [alto] Meeting Info for Tuesday June 20th, 2023 Jordi Ros Giralt
- [alto] Meeting Info for Tuesday June 27th, 2023 Jordi Ros Giralt
- [alto] Meeting Info for Tuesday 07/11/2023 Jordi Ros Giralt
- [alto] Meeting Info for Tuesday 07/18/2023 Jordi Ros Giralt
- Re: [alto] Meeting Info for Tuesday 07/18/2023 Diego R. Lopez
- Re: [alto] Meeting Info for Tuesday 07/18/2023 Y. Richard Yang
- Re: [alto] Meeting Info for Tuesday 07/18/2023 Jordi Ros Giralt