[anonsec] btns minutes from ietf69

lha at kth.se ( Love Hörnquist Åstrand ) Fri, 17 August 2007 13:23 UTC

From: lha at kth.se (=?ISO-8859-1?Q?Love_H=F6rnquist_=C5strand?=)
Date: Fri, 17 Aug 2007 15:23:38 +0200
Subject: [anonsec] btns minutes from ietf69
Message-ID: <33A69D7D-232E-4D13-BCB4-39DFEFCEF932@kth.se>

Hello,

Forgot to send the mail that I uploaded the minutes from the btns  
meeting last week,
below or on http://www3.ietf.org/proceedings/07jul/minutes/btns.txt  
Thanks
to the excellent minutes from Sam Weiler.

If you have any comments, please make well before the minutes  
deadline (12th Sept).

Also this is consensus call to confirm what was agreed on on the meeting
that NAT should be dropped from the AS/PS document.

Love

-----------

Better-Than-Nothing Security (btns)


The BTNS working group met Wednesday, July 25, 2007, at 3:10pm, with
Julien Laganier and Love Hornquist Astrand co-chairing.  Approximately
30 people were in the room at the beginning of the meeting. Thanks to
Sam Weiler for taking notes on which these minutes are based.

Love reviewed the goals of the meeting: making sure documents pass
IESG and continuing discussion of API documents.

Steve Kent pointed the WG to the comments on btns-core that he sent to
the mailing list -- he believes the document needs revision.

Sam Hartman clarified his concerns about the problem and applicability
statement: BTNS makes NAT much worse.  We need to either accommodate
NAT or explicitly rule NAT out of scope and get the IETF as a whole to
agree with that.

Michael Richardson recalled that the WG discussed NAT at the first
BOF.  BTNS prefers transfer mode -- connection latching gets you in
trouble in tunnel mode.  Some wanted to keep tunnel mode in scope, but
leave NAT traversal out of scope.  MCR thinks this made it into the
charter, Sam doesn't.  MCR thinks adding this to the WGs scope will
bog us down.  Sam Hartman thinks we'll get a flame war if we leave it
out of scope.

David Black proposed dropping the NAT and multihoming statements
from the problem statement.

Nico then gave a presentation on the status of the connection
latching.  He thinks need a canonical model of connection latching and
that the current text implies one, but since Steve kent had problems
seeing it, the document needs revision.

Michael Richardson summarized btns-abstract-api-00.  Nico encouraged
implementation of this, noting that there are some subsets of this API
in existence today.  Michael stated that there's no need for an IANA
registry for these since they don't cross the wire.  Nico confirmed
that the abstract API covers the use cases he has in mind.

We then returned to the issues Steve Kent raised about the core
document.  For Nico, the most important of them is the IKEv1 issue;
Nico advises asking for a consensus call.  Nico supports dropping it.

The chairs then reviewed the next steps for the WG:

- Fix AS/PS to take it out of AD Evaluation::Revised ID Needed (David  
Black)
- Resubmit connections latching, and take it to WG-LC (Nico)
- Resubmit core document to deal with issues raised by Steve Kent
   and forward to IESG again (Nico and Michael)
- Get more review of the API documents (chairs)

The meeting ended at 3:59pm.