Re: [arch-d] draft-iab-m-ten-workshop
Arnaud Taddei <arnaud.taddei@broadcom.com> Sat, 26 August 2023 12:40 UTC
Return-Path: <arnaud.taddei@broadcom.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC18AC14CE54 for <architecture-discuss@ietfa.amsl.com>; Sat, 26 Aug 2023 05:40:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.004
X-Spam-Level:
X-Spam-Status: No, score=-2.004 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=broadcom.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vjNMhkpK5ORH for <architecture-discuss@ietfa.amsl.com>; Sat, 26 Aug 2023 05:40:23 -0700 (PDT)
Received: from mail-wm1-x330.google.com (mail-wm1-x330.google.com [IPv6:2a00:1450:4864:20::330]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9C72C151075 for <architecture-discuss@ietf.org>; Sat, 26 Aug 2023 05:40:23 -0700 (PDT)
Received: by mail-wm1-x330.google.com with SMTP id 5b1f17b1804b1-3fee8b78097so15550995e9.0 for <architecture-discuss@ietf.org>; Sat, 26 Aug 2023 05:40:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; t=1693053621; x=1693658421; h=mime-version:accept-language:in-reply-to:references:message-id:date :thread-index:thread-topic:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=i6yXrkhZoNHR7751mOJDc8/fgJZEbzCYnr5Ldoue1yk=; b=DKGvfDmKMR05iHo3Z1Cp+YdUqRnzCExC+QAD3XcGmVYL+sPVZl2hTcNrcjGCRRyiHy 2DADb3xp0uQkNqi/mZkaImaaBX5fSnf77b4LfiL17EcHl2pyLhZPf92PHqMb/VBuyeed ybbXrjepIFde1kskOQ0bn9EzLGKrmCccCvl9I=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693053621; x=1693658421; h=mime-version:accept-language:in-reply-to:references:message-id:date :thread-index:thread-topic:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=i6yXrkhZoNHR7751mOJDc8/fgJZEbzCYnr5Ldoue1yk=; b=IUgJQiB/7gkuEBH2HurIIt8DWm4Ou6ormisGHdEUsqJiRxNTIA/YsMw+nx8wjWD4QB T/cGTZrkGhRzacyepPmscy30Yok3kbX+B3RhpEHNnXmjMHq9CrYeJC1UqFCpuzs5nEFd VWIil4mhkNSSkjkj8JbiiBhIORPZnCsZnzVyJnD8vccZ/9S6VWhJBvnhvSnKfDrRQqmB 9/I0pvAVKPkcwecng4kJnvo8GEaONpPjWro+zgUhr3ao8ZCDzmVZTgojDtft79YWkoio dugnuJJ8RsWkLujyafF0Mp+KlyIPlmVE32sRMaC2FRSH9h1kk5GAiL3Cs1f0vZZxp+fx RqPg==
X-Gm-Message-State: AOJu0YzDH1K0D4dP5PZnQ909szlAueie5oYrJtObFuBHOEPsIP8yJRAI rnFrLYzTcwj4bDxYachF9XsZvi3VU06/owycRwHPwOktsaXIO8mC/i2ReVeuBwvNfZczW3ClSJj uCkMiKLLR3VKxH82gvtK04hbyDGbHJy8y
X-Google-Smtp-Source: AGHT+IF+VAPDx9BXFl5CxxclGwEO80dswxW8jNZqGjLZ5tgCCaZkUImOyO6etw/8MK1u02RGZwKDmA==
X-Received: by 2002:a5d:4cd1:0:b0:319:f9d6:a769 with SMTP id c17-20020a5d4cd1000000b00319f9d6a769mr15389997wrt.45.1693053621182; Sat, 26 Aug 2023 05:40:21 -0700 (PDT)
Received: from LO2P123MB3839.GBRP123.PROD.OUTLOOK.COM ([2603:1026:c06:71::5]) by smtp.gmail.com with ESMTPSA id s16-20020adfea90000000b003198a9d758dsm4856462wrm.78.2023.08.26.05.40.20 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 26 Aug 2023 05:40:20 -0700 (PDT)
From: Arnaud Taddei <arnaud.taddei@broadcom.com>
To: Hesham ElBakoury <helbakoury@gmail.com>, Wes Hardaker <wjhns1@hardakers.net>
CC: "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>
Thread-Topic: [arch-d] draft-iab-m-ten-workshop
Thread-Index: AWI2Zjk2kF9HqbZ6fiTaIGoGJ/0mumI2Zjk2Zi5yNGzo7fmVgIASRyQ/
X-MS-Exchange-MessageSentRepresentingType: 1
Date: Sat, 26 Aug 2023 12:40:19 +0000
Message-ID: <LO2P123MB3839CE40972FE956BC22D22BF7E2A@LO2P123MB3839.GBRP123.PROD.OUTLOOK.COM>
References: <997f6696-dcd9-9d5d-26f2-3b486cee601b@lear.ch> <yblfs4ljrxg.fsf@wd.hardakers.net> <CAFvDQ9oj_ejUh+v4bs+AdOfDi1WTW5BrdSEwvCJKW3SuqM2COA@mail.gmail.com>
In-Reply-To: <CAFvDQ9oj_ejUh+v4bs+AdOfDi1WTW5BrdSEwvCJKW3SuqM2COA@mail.gmail.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-Exchange-Organization-SCL: -1
X-MS-TNEF-Correlator:
X-MS-Exchange-Organization-RecordReviewCfmType: 0
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000b4840c0603d2c398"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/Uqp8gODliGBxdRLkD03eAN8pDtI>
Subject: Re: [arch-d] draft-iab-m-ten-workshop
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Aug 2023 12:40:28 -0000
Thank you Hesham, I will educate myself in the (too many) forthcoming trips. Whilst I am sure this approach can help, I am taking it from a different point of view which basically boils down to ‘I cannot afford playing dice with the security of organizations and people’ especially when I see Ransomware damaging so much this world. From: Architecture-discuss <architecture-discuss-bounces@ietf.org> on behalf of Hesham ElBakoury <helbakoury@gmail.com> Date: Monday, 14 August 2023 at 23:29 To: Wes Hardaker <wjhns1@hardakers.net> Cc: architecture-discuss@ietf.org <architecture-discuss@ietf.org> Subject: Re: [arch-d] draft-iab-m-ten-workshop Professor Boutaba and his team in the university of Waterloo have good papers on handling encrypted traffic. Examples are: 1)https://www.sciencedirect.com/science/article/abs/pii/S1389128623000932<https://www.google.com/url?q=https://www.sciencedirect.com/science/article/abs/pii/S1389128623000932&source=gmail-imap&ust=1692653392000000&usg=AOvVaw156PPnjCWC5AWlIlm-sKTP> 2)https://dl.acm.org/doi/10.1145/3447382<https://www.google.com/url?q=https://dl.acm.org/doi/10.1145/3447382&source=gmail-imap&ust=1692653392000000&usg=AOvVaw2TVawa1ZzzJI3XvfvSnMI-> 3)https://arxiv.org/pdf/2308.02182<https://www.google.com/url?q=https://arxiv.org/pdf/2308.02182&source=gmail-imap&ust=1692653392000000&usg=AOvVaw2OOeAMSM_a1GAfQYx0KEE9> 4)https://www.researchgate.net/profile/Navid-Malekghaini/publication/368722877_Deep_learning_for_encrypted_traffic_classification_in_the_face_of_data_drift_An_empirical_study/links/6431cb5e4e83cd0e2f9d3a23/Deep-learning-for-encrypted-traffic-classification-in-the-face-of-data-drift-An-empirical-study.pdf<https://www.google.com/url?q=https://www.researchgate.net/profile/Navid-Malekghaini/publication/368722877_Deep_learning_for_encrypted_traffic_classification_in_the_face_of_data_drift_An_empirical_study/links/6431cb5e4e83cd0e2f9d3a23/Deep-learning-for-encrypted-traffic-classification-in-the-face-of-data-drift-An-empirical-study.pdf&source=gmail-imap&ust=1692653392000000&usg=AOvVaw0wTPRNqp3us8soQk1QmOwI> Hesham On Mon, Aug 14, 2023, 1:22 PM Wes Hardaker <wjhns1@hardakers.net<mailto:wjhns1@hardakers.net>> wrote: Eliot Lear <lear@lear.ch<mailto:lear@lear.ch>> writes: > Hi everyone, Hi Eliot and Arnaud, I'm responding to the larger point you both had concerned with together about the nature of the wording and the purpose of the IAB workshop report. Thank you both for your extensive comments about the content. > To begin with, it's nice when a report can seamlessly join various > workshop components, but this report goes so far as to appear to be > itself a position paper. There are a great many unsupported and > otherwise unattributed assertions made. Under Chatham House rules one > might expect such assertions along the lines of, “[one person/several > people] suggested that...” I think the general of how best to describe what happens in an IAB workshop and what the report entails is an interesting one, and I'm surprised it hasn't been brought up before (well, at least to my knowledge so it may very much have been in past discussions). IAB workshop reports (IMHO) are designed not to assert the veracity of the statements within, but rather to capture the discussion and the statements that participants made either in presentations or in ensuing discussions. So, to some extent the entire report should be read as "[one person/several people] suggested that"... To that end, we [the IAB] did discuss the best way to represent this and have published a -02 version with a number of changes, including a new section in the introduction to make this more clear which I'll quote below: 1.1. About this workshop report content This document is a report on the proceedings of the workshop. The views and positions documented in this report are those of the expressed during the workshop by participants and do not necessarily reflect IAB views and positions. Furthermore, the content of the report comes from presentations given by workshop participants and notes taken during the discussions, without interpretation or validation. Thus, the content of this report follows the flow and dialog of the workshop but does not attempt to capture a consensus. The full diff between -01 and -02 can be found here: https://author-tools.ietf.org/iddiff?url2=draft-iab-m-ten-workshop-02<https://www.google.com/url?q=https://author-tools.ietf.org/iddiff?url2%3Ddraft-iab-m-ten-workshop-02&source=gmail-imap&ust=1692653392000000&usg=AOvVaw3bWL4OFgd3fttCLZEOdxxz> Most of the rest of your comments were about specific statements that you disagreed with, but were made during the course of the workshop by at least "[one person/several people]". Note that the full recordings are on the IETF youtube channel as well: https://www.youtube.com/watch?v=Kizk_QrIc3s<https://www.google.com/url?q=https://www.youtube.com/watch?v%3DKizk_QrIc3s&source=gmail-imap&ust=1692653392000000&usg=AOvVaw1dtj0H4avRj3i-U14V8_X9> https://www.youtube.com/watch?v=aV1pzuCduLo<https://www.google.com/url?q=https://www.youtube.com/watch?v%3DaV1pzuCduLo&source=gmail-imap&ust=1692653392000000&usg=AOvVaw3VJypoKu_tLB9hGIWwOyN_> https://www.youtube.com/watch?v=p4NlZJlactE<https://www.google.com/url?q=https://www.youtube.com/watch?v%3Dp4NlZJlactE&source=gmail-imap&ust=1692653392000000&usg=AOvVaw1n2tfhTEn7wRtvMHECJha2> A number of your comments were requesting references: > Great! Reference, please? We did not include references to work, but rather included references to the individual position papers which themselves often contained references. And the youtube presentations also have discussions from the presenters and comments that will give rise to additional information. > Within the IETF, the Manufacturer Usage Description Specification (MUDD) {?RFC8520} specification is one > subset of contracts. Note that contracts are likely to only succeed in a constrained, expected environment > maintained by operational staff, and may not work in an open internet environment where end users are > driving all network connections. > > The initial demonstration implementation of MUD (one D) was > implemented using a plugin to DNSCAP that itself issued commands to > iptables. FYI, fixed the typo in MUD. Thanks for catching that. > There are two real questions hiding here: > > 1. Are firewall vendors and telcos have an interest in protecting the user with such contractors? The user > certainly has that interest. > 2. Can a contract be properly described and maintained in a secure way? > > There has been some academic work on answering the latter > question.[1,2] Going further, though, some aspects of MUD (and > Michael could say a good bit about this, and probably did at the > workshop), require visibility. So for instance, rather than making > use of DNSCAP, a more explicit API between the resolver and the rest > of network management is something that has been discussed in various > corners (if memory serves, dnsop just recently). This very much > depends on whether the endpoint uses a resolver with that sort of > binding. Future work, I suppose. I've argued recently that half (if not more) of an IAB workshop is to start the discussion and direction, and rarely should the workshop actually solve a problem. The point is to get people in the room so a conversation starts, even if there isn't agreement at the end. To that end, there should *always* (IMHO) be future work after an IAB workshop. For if there isn't and the problem was actually solved during the workshop, it probably should have been a working group instead of a workshop :-) -- Wes Hardaker USC/ISI _______________________________________________ Architecture-discuss mailing list Architecture-discuss@ietf.org<mailto:Architecture-discuss@ietf.org> https://www.ietf.org/mailman/listinfo/architecture-discuss<https://www.google.com/url?q=https://www.ietf.org/mailman/listinfo/architecture-discuss&source=gmail-imap&ust=1692653392000000&usg=AOvVaw3e7j6K8CJwrxzIbKf2n8aS> -- This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.
- [arch-d] draft-iab-m-ten-workshop Eliot Lear
- Re: [arch-d] draft-iab-m-ten-workshop Arnaud Taddei
- Re: [arch-d] draft-iab-m-ten-workshop Wes Hardaker
- Re: [arch-d] draft-iab-m-ten-workshop Wes Hardaker
- Re: [arch-d] draft-iab-m-ten-workshop Hesham ElBakoury
- Re: [arch-d] draft-iab-m-ten-workshop Wes Hardaker
- Re: [arch-d] draft-iab-m-ten-workshop Arnaud Taddei
- Re: [arch-d] draft-iab-m-ten-workshop Arnaud Taddei
- Re: [arch-d] draft-iab-m-ten-workshop Arnaud Taddei
- Re: [arch-d] draft-iab-m-ten-workshop Hesham ElBakoury
- Re: [arch-d] draft-iab-m-ten-workshop Salz, Rich
- Re: [arch-d] draft-iab-m-ten-workshop Arnaud Taddei
- Re: [arch-d] draft-iab-m-ten-workshop Hesham ElBakoury