Re: [Rucus] Charter proposal
Cullen Jennings <fluffy@cisco.com> Thu, 03 July 2008 05:28 UTC
Return-Path: <rucus-bounces@ietf.org>
X-Original-To: rucus-archive@ietf.org
Delivered-To: ietfarch-rucus-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AE4653A6AFF; Wed, 2 Jul 2008 22:28:16 -0700 (PDT)
X-Original-To: rucus@core3.amsl.com
Delivered-To: rucus@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 373E33A6AFF for <rucus@core3.amsl.com>; Wed, 2 Jul 2008 22:28:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MISQMxTdW6Nq for <rucus@core3.amsl.com>; Wed, 2 Jul 2008 22:28:13 -0700 (PDT)
Received: from sj-iport-2.cisco.com (sj-iport-2.cisco.com [171.71.176.71]) by core3.amsl.com (Postfix) with ESMTP id D09F63A67A6 for <rucus@ietf.org>; Wed, 2 Jul 2008 22:28:13 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.27,742,1204502400"; d="scan'208";a="62437379"
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-2.cisco.com with ESMTP; 03 Jul 2008 05:28:23 +0000
Received: from sj-core-4.cisco.com (sj-core-4.cisco.com [171.68.223.138]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id m635SNa9024400; Wed, 2 Jul 2008 22:28:23 -0700
Received: from [192.168.4.177] (sjc-fluffy-vpn1.cisco.com [10.25.236.82]) by sj-core-4.cisco.com (8.13.8/8.13.8) with SMTP id m635SItR007798; Thu, 3 Jul 2008 05:28:21 GMT
From: Cullen Jennings <fluffy@cisco.com>
To: Saverio Niccolini <Saverio.Niccolini@nw.neclab.eu>
In-Reply-To: <547F018265F92642B577B986577D671C12137A@VENUS.office>
Impp: xmpp:cullenfluffyjennings@jabber.org
References: <D13C1F19-FE4A-475E-8D70-77B71173CA52@cisco.com> <C487BC00.5B661%Quittek@nw.neclab.eu> <547F018265F92642B577B986577D671C12137A@VENUS.office>
Message-Id: <AEE3CD91-7779-458B-B371-AFFC4BFFCD6C@cisco.com>
Mime-Version: 1.0 (Apple Message framework v924)
Date: Wed, 02 Jul 2008 22:28:08 -0700
X-Mailer: Apple Mail (2.924)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=11070; t=1215062903; x=1215926903; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fluffy@cisco.com; z=From:=20Cullen=20Jennings=20<fluffy@cisco.com> |Subject:=20Re=3A=20[Rucus]=20Charter=20proposal |Sender:=20; bh=5wwTBcowXwEOnuuWOz6QXbZ/g+fHi8TFRKPI6T8JGVc=; b=vTvBHi1i5Y3ErNTQ59cOw+Vw8GZ7YOrgnkhWOJKayETm8lbVMWQPZ8l8wg xVdnoFSDDpzE8Oj+MkR7zk4rFnjKAjJb1nRpB2uXoky6Wf1fqanGMgkcLfgG H2ZFIN9duL;
Authentication-Results: sj-dkim-2; header.From=fluffy@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
Cc: rucus@ietf.org
Subject: Re: [Rucus] Charter proposal
X-BeenThere: rucus@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Reducing Unwanted Communication Using SIP \(RUCUS\)" <rucus.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/rucus>, <mailto:rucus-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/rucus>
List-Post: <mailto:rucus@ietf.org>
List-Help: <mailto:rucus-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rucus>, <mailto:rucus-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: rucus-bounces@ietf.org
Errors-To: rucus-bounces@ietf.org
On Jun 25, 2008, at 9:21 AM, Saverio Niccolini wrote: > Dear Cullen, > > if you look carefully in the charter text (without always thinking > that we want to push only spam score) you will see that this charter > proposal is nothing more than: I was simply trying to help this charter move forward - I basically regret having sent any email on it now. > > -- a mix of Henning's presentation on architectural issues > merged with the 3 mechanisms proposal of Jonathan > > I do not see any hidden thing nor pushing of something that has > no consensus. I did not mean to imply it was. > > > We all agree that work currently established in SIPPING should have > precedence and policy framework is (one of) the best candidates > --> maybe this needs to be added as Mary pointed out > > I personally see no problems with the charter, if you still see > them can you please detail them more? > > If we do not know what is your exact objection, we will have hard > time to meet requirements for forming the EG... > > Looking forward to your answer, > Saverio > > ============================================================ > Dr. Saverio Niccolini > Manager, Real-Time Communications Group > NEC Laboratories Europe, Network Research Division > Kurfuerstenanlage 36, D-69115 Heidelberg > Tel. +49 (0)6221 4342-118 > Fax: +49 (0)6221 4342-155 > e-mail: saverio.niccolini@nw.neclab.eu <-- !!! NEW ADDRESS !!! > ============================================================ > NEC Europe Limited Registered Office: NEC House, 1 Victoria > Road, London W3 6BL Registered in England 2832014 > > > >> -----Original Message----- >> From: rucus-bounces@ietf.org [mailto:rucus-bounces@ietf.org] >> On Behalf Of Juergen Quittek >> Sent: Wednesday, June 25, 2008 9:10 AM >> To: Cullen Jennings; rucus@ietf.org >> Cc: Jan Seedorf >> Subject: Re: [Rucus] Charter proposal >> >> Hi Cullen, >> >> Thanks for the feedback! >> >> On 24.06.08 21:40 "Cullen Jennings" <fluffy@cisco.com> wrote: >> >>> My recollection of the BOF (without going and checking the >> notes so it >>> may be wrong) is that there was reasonable consensus on a >> specific set >>> of work items in an EG that involved the following: >>> >>> Taking some small set (~3) of techniques from existing drafts, >> >> Maybe we have to be more clear about what a "technique" is. >> I think the charter proposal covers techniques from several existing >> drafts including >> a) configuring and communicating authorization policies >> b) querying oracles (trust brokers) >> c) conveying downstream metrics to use trust among peers >> By chance or intention these explicitly mentioned items are >> exactly three. >> >>> remove the implementation details and focus on the >> basic approach, >>> turn them into a few pages and discuss the pros and cons and >>> applicability assumptions. From this form a plausible >> picture of >>> one way that might help mitigate unwanted communications. >>> >>> This charter seems to be for a rather more specific set of >> work items, >>> namely mechanisms for exchange of spit-related information between >>> various parts of the SIP infrastructure. >> >> I do not see in what respect the charter proposal is specific. >> I would understand if you told us it would be too general, because >> it includes all work that has been contributed in drafts so far. >> >> An essential property of all three items a)-c) is that they require >> communication between entities of the SIP infrastructure, >> be it for exchanging very general authorization policies or for >> exchanging very specific information on a single call. >> I consider it quite natural, that the charter proposal reflects this. >> >> >>> It's quite possible that >>> that's an important part of the solution space, but I >> didn't hear any >>> consensus in the room that people wanted to focus solely on that. >> >> Again, I do not see any part of the solution space that is excluded. >> Can you give an example of a part of the solution space that is >> actually excluded. This would be extremely helpful. >> >> Thank you, >> >> Juergen >> >> >>> I'd love to see an EG formed around SPAM, but I do think that that >>> group needs to be chartered more along the lines of the consensus >>> reached in Philadelphia. I'd encourage you to go back and revise the >>> draft charter so it's more consistent with that. >>> >>> Cullen <with my AD hat on> >>> >>> >>> On Jun 10, 2008, at 5:54 AM, Jan Seedorf wrote: >>> >>>> Dear all, >>>> >>>> A short while ago I sent an e-mail on this list, proposing a >>>> direction and scope for RUCUS to work on as an EG. I received some >>>> feedback on this list and some off-list. Since I did not >> receive any >>>> negative comments (convincing me that this is the wrong direction), >>>> I tried to write these ideas up in a charter proposal for RUCUS. >>>> Below you can find a suggestion for a charter, describing what I >>>> think should be the scope of RUCUSEG, the work to be done, and the >>>> corresponding achievable goals within the scope of an EG. >>>> >>>> Obviously, this is open for discussion. Any input/comment >> on this is >>>> appreciated. >>>> >>>> Btw: We plan to organise a one-day workshop in Heidelberg (right >>>> after IPTComm 2008) in order to discuss potential IETF work in the >>>> area of Unsolicited Communications and to make progress on >> a charter >>>> for RUCUSEG agreed on by the community. I believe Saverio is going >>>> to post details regarding this workshop on this list soon. >>>> >>>> Kind regards, >>>> Jan >>>> >>>> Charter Proposal for RUCUS: >>>> --------------------------------------- >>>> With massive deployment of SIP infrastructures it is foreseeable >>>> that an increased amount of unsolicited communication will impose a >>>> potentially severe threat for real-time applications. >> Efforts on how >>>> to reduce such a threat have received a lot of attention >> in the IETF >>>> and have been recognized as an important item to be investigated by >>>> SIPPING. Preliminary >>>> investigations resulted already in the publication of RFC 5039. >>>> >>>> Unfortunately, so far, further discussions on the issue >> did not find >>>> a big consensus on the approach to be followed. On the other hand >>>> first products and solutions are now being developed and there is a >>>> big interest from different institutions to allow interoperability. >>>> This interest is reflected by many individual draft submissions, >>>> indicating an active community working in the area. >>>> >>>> For effectively mitigating unsolicited communications, an exchange >>>> of information between different entities of a SIP infrastructure >>>> ("communication glue") is required. Which information is relevant, >>>> where in the network it is generated, and with which entities it >>>> needs to be exchanged depends on the organization of the >> network and >>>> of communication between users (e.g., closed, semi-open, or open >>>> groups). Examples of such "communication glue" are: configuring and >>>> communicating authorization policies, querying oracles (trust >>>> brokers), or conveying downstream metrics to use trust among peers. >>>> Such communication would allow for automated decisions with respect >>>> to unsolicited communication, so that proper actions on a SIP >>>> message can be taken (e.g., "forward to mailbox"). As a >> result, such >>>> "communication glue" would enable distributed communication and >>>> allow mechanisms from different vendors to work together while >>>> mechanisms for mitigation can evolve and follow the threat evolutio >>>> n. >>>> >>>> It is not clear yet what precise properties are necessary to enable >>>> the exchange of information collected at different locations in a >>>> network (by different entities). A key challenge which has been >>>> identified for standardizing such communication is that attacks and >>>> mitigation mechanisms are likely to evolve. This implies that a >>>> rather generic and flexible standard for information exchange is >>>> required, because a fixed standards tied to known potential attacks >>>> only may soon be outdated. >>>> >>>> Thus, in the spirit of an Exploratory Group, RUCUSEG will explore >>>> the problem space and confine requirements for such flexible >>>> exchange of information among different entities of a SIP >>>> infrastructure. To lay out the path for a potential WG, >>>> RUCUSEG will derive the properties for mechanisms to communicate in >>>> a distributed setting, separating concrete mechanisms from >>>> communication protocols. As a main result, RUCUSEG will identify >>>> what communication protocol properties are necessary to achieve >>>> flexible exchange of information in a way that it is independent of >>>> concrete mechanisms and allows for evolving >>>> mechanisms. >>>> >>>> In order to keep the work achievable within the context of an EG, >>>> RUCUSEG will select a few (e.g., 3) prototypical classes of >>>> mechanisms as key ones and then work on confining how these could >>>> fit in an overall architecture and what kind >>>> of communication between entities would be necessary for these >>>> classes of mechanisms in a distributed setting. The main >>>> goal of RUCUSEG is to summarize these considerations in a document >>>> and to derive achievable goals for a potential WG which can then >>>> start work in order to standardize communication for reducing >>>> unsolicited communications. >>>> >>>> -- Goals/Milestones (6-12 months after work starts) >>>> -- WG charter for a follow-up WG (with consensus on the >> mailing list) >>>> -- document on recommendations and achievable goals for a WG >>>> >>>> ============================================================ >>>> Jan Seedorf >>>> Research Scientist >>>> NEC Europe Ltd., NEC Laboratories Europe, Network Division >>>> Kurfuerstenanlage 36, D-69115 Heidelberg >>>> Tel. +49 (0)6221 4342-221 >>>> Fax: +49 (0)6221 4342-155 >>>> e-mail: jan.seedorf@nw.neclab.eu >>>> ============================================================ >>>> NEC Europe Limited Registered Office: NEC House, >>>> 1 Victoria Road, London W3 6BL Registered in England 2832014 >>>> _______________________________________________ >>>> Rucus mailing list >>>> Rucus@ietf.org >>>> https://www.ietf.org/mailman/listinfo/rucus >>> >>> _______________________________________________ >>> Rucus mailing list >>> Rucus@ietf.org >>> https://www.ietf.org/mailman/listinfo/rucus >> >> _______________________________________________ >> Rucus mailing list >> Rucus@ietf.org >> https://www.ietf.org/mailman/listinfo/rucus >> > _______________________________________________ > Rucus mailing list > Rucus@ietf.org > https://www.ietf.org/mailman/listinfo/rucus _______________________________________________ Rucus mailing list Rucus@ietf.org https://www.ietf.org/mailman/listinfo/rucus
- [Rucus] Charter proposal Jan Seedorf
- Re: [Rucus] Charter proposal Cullen Jennings
- Re: [Rucus] Charter proposal Juergen Quittek
- Re: [Rucus] Charter proposal Saverio Niccolini
- Re: [Rucus] Charter proposal Jan Seedorf
- Re: [Rucus] Charter proposal Cullen Jennings