IETF114 ANIMA WG Meeting Agenda and Notes

# IETF114 ANIMA WG Meeting Agenda and Notes **IETF114 is the second hybrid IETF meeting. Please familiarize yourself with the new&changed procedures for participating in-person or remote: https://www.ietf.org/how/meetings/114/preparation/** Master on https://codimd.ietf.org/notes-ietf-114-anima Monday, July 25th, Session III Indepependence A/B, 1900-2100 UTC (3:00 PM - 5 PM local time) Note taker: Rob Wilton + collaborative Local attendance in room: 13 people , Meetecho counts 29. ## 00 15:00 - 15:10 Chair slides Presenter: Toerless Eckert (local), Sheng Jiang (remote) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-00-chair-slides-00 Affiliation change of chair Sheng Jiang since last IETF: Huawei -> Individual ### No slots requested WG documents #### draft-ietf-anima-brski-cloud-04 (was -03 at IETF113) Michael speaking: - In same state as for 113, would like a WG last call, waiting for a lamps doc. #### draft-ietf-anima-voucher-delegation-02 (was -01 since Jun 2021) Michael Richardson: - Some parallel work from outside/3rd party related, needs more attention, - but could help. - #### draft-ietf-anima-rfc8366bis-00 (no update since IETF113) Michael: - Need to decide whether it should go to internet standard or not. Serves adocument to add work to as it arised from the other BRSKI work. Discussions had, see github ? ## 01 15:10 - 15:15 Update on JWS voucher (5 minutes) Draft: draft-ietf-anima-jws-voucher-04 (was -03 at IETF113) Presenter: Steffen Fries (remote) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-update-on-jws-signed-vouchers-00 Toerless: please improve changelog to add names of who provided input/reviewed, ideally also with version number. May want to add acknowledgement section/sentence somewhere too. Any additional [RFC-editor: To be removed] section summarizing interop/implementation information is useful as well for progressing the document. ## 02 15:15 - 15:25 Update BRSKI with Pledge in Responder Mode (BRSKI-PRM) (10 minutes Draft: draft-ietf-anima-brski-prm-04 (was -02 at IETF113) Presenter: Steffen Fries (remote) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-update-brski-with-pledge-in-responder-mode-brski-prm-00 Toerless (in response to Steffen reporting on unsuccessful attempts to get SVG into the document): Sorry for wasting authors time trying to get SVG into document. unfortunatly, the IETF is IMHO in a worse situation (more useless requirements) than it was in the past where i did see good pictures in RFC.. XMLv3 related. Not sure how fast this can improve. Toerless: same doc/process comments as on prior slot document. Michael: Question for Benoit. We are augmenting YANG and using it for data at rest. Want to have the union of all the extensions. (A->B, A->C, but we also want D which is A+B+C!) Toerless: have not found good prior evidence for YANG being used for data-at-rest. Rob Wilson: happy to have a discussion at some time, schedule a meeting. Rob Wilton: existing document from data at rest, https://www.ietf.org/rfc/rfc9195.html (and the companion https://www.ietf.org/rfc/rfc9196.html) ## 03 15:25 - 15:35 Update on BRSKI alternative enrollment (BRSKI-AE) (10 Minutes) Draft: draft-ietf-anima-brski-ae-02 (was draft-ietf-anima-brski-async-enroll-05 at IETF113) Presenter: David von Oheimb (remote) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-update-on-brski-ae-alternative-enrollment-protocols-in-brski-00 Toerless: name change from asynchronuous to alternative (enrolments) since IETF113 Raise of hands: 6 people said they have read the document, 8 not. ## 04 15:35 - 15:50 Update on ANIMA GRASP distribution (15 minutes) Draft: draft-ietf-anima-grasp-distribution-05 (ws -04 at IETF113) Presenter: Xun Xiao (remote) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-04-update-on-anima-grasp-distribution-00 Toerless: When we were doing ANIMA, the idea was to replace the whole control plane with an ACP, but ended up with an additional ACP. With these futuristic requirements we might end up getting back to what ACP was initially focussed. Toerless: It would be good to have proof of running code. Michael: I don't see any point in the document unless it describes **something that can (or is) being implemented**. Otherwise I don't see the point in the document, and don't even think that it is worth spending time reviewing it further. Discussion about how to best create an example that is specific enough that it can be implemented, becuase the draft is completely missing that. COuld end up as an appendix, but its core to make readers more confident how to interpret the text of the document for solutions. Secondly, avoid referring in use-case justifications on examples which are known to have choosen different paths (e.g.: 3GPP). ## 05 15:50 - 16:00 Update on ANIMA network service auto deployment (10 minutes) Draft: draft-ietf-anima-network-service-auto-deployment-02 (was -01 at IETF113) Presenter: Yujing Zhou (remote) Slides: https://datatracker.ietf.org/meeting/114/session/anima#:~:text=05%20An%20Auto%2Ddeployment%20Mechanism%20for%20Resource%2Dbased%20Network%20Services Toerless: Have you done any prototype implementation at all? E.g., on top of Brian's GRASP implementation. Audio problems... ## 06 16:00 - 16:10 Update on constrained BRSKI join proxy (10 minutes) Draft: draft-ietf-anima-constrained-join-proxy-11 (was -05 at IETF113) Draft: draft-ietf-anima-constrained-voucher-18 (was -16 at IETF113) Presenter: Michael Richardson (local) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-constrained-join-proxy-changes-from-ad-and-review-comments-01 Toerless: prefers stateless because of state attack issues only existing against the registrar, but not the proxy. This issue often only discovered late in IESG security review. But hard to make MUST recommendations based on only that. Rob Wilton: Try to constrain the MTI (Mandatory to implement) options. Rob: create new scheme, right way to do. Carsten: RFC2383 ? <> neds to include a link. Maybe use the HTTP way. Plumbing specific way. Invent something that makes life easier for us. Right now, state of the art is to come up with a scheme describe what it does, and put it there. Carsten got sucked into this due to RT= part, which is fine, but the link part (< scheme:/... >) is under discussion. Carsten: place that defines jpy should be place that also uses it with the CoRE scheme (aka: need to add scheme definition to join-proxy) Michael: will proceed accordingly. ## 07 16:10 - 16:20 EMU EAP Onboarding (5~10 minutes) Draft: draft-richardson-emu-eap-onboarding-00 (new since IETF113) Presenter: Michael Richardson (local) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-using-unauthenticated-eap-to-connect-for-rfc8995-onboarding-01 Alan DeKok: rfc7170 - people are pushing all type of things into EAP. What we should have done is ... don't do anything in EAP other than authentication. ## 08 16:20 - 16:30 Update on Autoconfiguration via DNS (5 minutes) Draft: draft-eckert-anima-services-dns-autoconfig-03 (no change since IETF113) Draft: draft-eckert-anima-grasp-dnssd-01 (no change since IETF113) Presenter: Toerless Eckert (local) Slides: https://datatracker.ietf.org/meeting/114/materials/slides-114-anima-08-dns-sd-compatible-auto-configuration-of-anima-infrastructure-services-00 Skipped due to running of time. # TBD Toerless: Highest priority brski-cloud, do WG last call, toerless to do review. Michael: schedule meeting with Rob Wilson and potentially other YANG experts to review/discuss YAG strategy in BRSKI