From nobody Tue Sep 6 15:25:48 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B145112B1FF for ; Tue, 6 Sep 2016 15:25:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.028 X-Spam-Level: X-Spam-Status: No, score=-16.028 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.508, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zXXhwan9fL1n for ; Tue, 6 Sep 2016 15:25:46 -0700 (PDT) Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA53812B165 for ; Tue, 6 Sep 2016 15:25:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=11547; q=dns/txt; s=iport; t=1473200745; x=1474410345; h=from:to:subject:date:message-id:mime-version; bh=3QzsW2JAP97amWnD36eP2GuKs/mz/H6Pvki4ixbPzK8=; b=CzjROAIf4Gvv/5wgdnxOvI/2e/Uo87hgJM4LKuUYHsZf4eGEuTCc/JvZ P3lCv4f529jmQ0V4mCk1K3aWukj9Kzg/m/wZR56HIf+4nxkyjIS9i9rEJ q7OQwxnxomP5mFLh12YhoNVfUHqm5fNTRvHQLBXVRBYHDt99Y7YS5vx8n U=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BiAABYQc9X/5BdJa1DFwMZAQEBAQEBA?= =?us-ascii?q?QEBAQGCeg8kAQEBAQEeV3wHhCuIfKV7gn6CD4EcBWEmhRdfHoFIOBQBAgEBAQE?= =?us-ascii?q?BAQFeJ4RmAiNDIQQBNAQMBgIEGRckAgEEARqIQg4tr0SFE4cRAQEBAQEBAQECA?= =?us-ascii?q?QEBAQEBAQEBEA4FjnwtJgomB4I0gloFiRCQQwGGIIV7gxOBdRc3hBCJCwKGcol?= =?us-ascii?q?TAR42gl8bgQJLcAGFPX8BAQE?= X-IronPort-AV: E=Sophos;i="5.30,293,1470700800"; d="scan'208,217";a="149708199" Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Sep 2016 22:25:44 +0000 Received: from XCH-RCD-008.cisco.com (xch-rcd-008.cisco.com [173.37.102.18]) by rcdn-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id u86MPiLV004529 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 6 Sep 2016 22:25:44 GMT Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-RCD-008.cisco.com (173.37.102.18) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 6 Sep 2016 17:25:43 -0500 Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Tue, 6 Sep 2016 17:25:43 -0500 From: "Max Pritikin (pritikin)" To: "Jason Coleman (colemaj)" , "mcr+ietf@sandelman.ca" , "ietf@sandeep.de" , "Michael Behringer (mbehring)" , "alper.yegin@yegin.org" , "jiangsheng@huawei.com" , "leo.liubing@huawei.com" , "brian.e.carpenter@gmail.com" , "kwatsen@juniper.net" , "anima-bootstrap@ietf.org" , "tte+anima@cs.fau.de" Thread-Topic: UPDATE: Weekly anima-bootstrap meeting Thread-Index: AdIIjJyVsl3sxGXZtESwhir0RfpNbw== Date: Tue, 6 Sep 2016 22:25:43 +0000 Message-ID: <77a08305bd734624902d983e5466e8de@XCH-ALN-013.cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.99.106.14] Content-Type: multipart/alternative; boundary="_000_77a08305bd734624902d983e5466e8deXCHALN013ciscocom_" MIME-Version: 1.0 Archived-At: Subject: [Anima-bootstrap] UPDATE: Weekly anima-bootstrap meeting X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Sep 2016 22:25:48 -0000 --_000_77a08305bd734624902d983e5466e8deXCHALN013ciscocom_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable This replaces the ongoing bootstrap design team standing meeting. It should= be at the same time etc. Just a new webex link. This recurring meeting ter= minates at the Seoul meeting (at which point we can reschedule). Etherpad: http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceFont= =3Dtrue (note typo in boostrapping) =97=97=97 -- Do not delete or change any of the following text. -- Join WebEx meeting Meeting number: 201 064 739 Meeting password: arWidrPz (27943779 from phones) If you are a host, go here to view host information. Join by phone +1-408-525-6800 Call-in toll number (US/Canada) +1-866-432-9903 Call-in toll-free number (US/Canada) Access code: 201 064 739 Global call-in numbers | Toll-free calling restric= tions Can't join the meeting? Contact support. IMPORTANT NOTICE: Please note that this WebEx service allows audio and othe= r information sent during the session to be recorded, which may be discover= able in a legal matter. By joining this session, you automatically consent = to such recordings. If you do not consent to being recorded, discuss your c= oncerns with the host or do not join the session.. --_000_77a08305bd734624902d983e5466e8deXCHALN013ciscocom_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable

This replaces the ongoing bootstrap design team standing meeting. It s= hould be at the same time etc. Just a new webex link. This recurring meetin= g terminates at the Seoul meeting (at which point we can reschedule).

Etherpad:
http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceF= ont=3Dtrue
(note typo in boostrapping)

=97=97=97




-- Do not delete or change any= of the following text. --


Join WebEx meeting
Meeting number: 201 064 7= 39
Meeting password: arWidrPz (27943779 from phones)


If you are a host, go here to view host information.

Join by phone
+1-408-525= -6800 Call-in toll number (US/Canada)
+1-866-432= -9903 Call-in toll-free number (US/Canada)
Access code: 201 064 739<= /font>
Global call-in numbers | Toll-free calling restriction= s


Can't join the meeting? Contact support.

IMPORTANT NOTICE: Please = note that this WebEx service allows audio and other information sent during= the session to be recorded, which may be discoverable in a legal matter. B= y joining this session, you automatically consent to such recordings. If you do not consent to being recorded, discu= ss your concerns with the host or do not join the session.. --_000_77a08305bd734624902d983e5466e8deXCHALN013ciscocom_ Content-Type: text/calendar; charset="utf-8"; method=REQUEST Content-Transfer-Encoding: base64 QkVHSU46VkNBTEVOREFSDQpNRVRIT0Q6UkVRVUVTVA0KUFJPRElEOk1pY3Jvc29mdCBFeGNoYW5n ZSBTZXJ2ZXIgMjAxMA0KVkVSU0lPTjoyLjANCkJFR0lOOlZUSU1FWk9ORQ0KVFpJRDpNb3VudGFp biBTdGFuZGFyZCBUaW1lDQpCRUdJTjpTVEFOREFSRA0KRFRTVEFSVDoxNjAxMDEwMVQwMjAwMDAN ClRaT0ZGU0VURlJPTTotMDYwMA0KVFpPRkZTRVRUTzotMDcwMA0KUlJVTEU6RlJFUT1ZRUFSTFk7 SU5URVJWQUw9MTtCWURBWT0xU1U7QllNT05USD0xMQ0KRU5EOlNUQU5EQVJEDQpCRUdJTjpEQVlM SUdIVA0KRFRTVEFSVDoxNjAxMDEwMVQwMjAwMDANClRaT0ZGU0VURlJPTTotMDcwMA0KVFpPRkZT RVRUTzotMDYwMA0KUlJVTEU6RlJFUT1ZRUFSTFk7SU5URVJWQUw9MTtCWURBWT0yU1U7QllNT05U SD0zDQpFTkQ6REFZTElHSFQNCkVORDpWVElNRVpPTkUNCkJFR0lOOlZFVkVOVA0KT1JHQU5JWkVS O0NOPU1heCBQcml0aWtpbiAocHJpdGlraW4pOk1BSUxUTzpwcml0aWtpbkBjaXNjby5jb20NCkFU VEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRS VUU7Q049SmFzb24gQ29sZQ0KIG1hbiAoY29sZW1haik6TUFJTFRPOmNvbGVtYWpAY2lzY28uY29t DQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNW UD1UUlVFO0NOPW1jcitpZXRmQHMNCiBhbmRlbG1hbi5jYTpNQUlMVE86bWNyK2lldGZAc2FuZGVs bWFuLmNhDQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJ T047UlNWUD1UUlVFO0NOPWlldGZAc2FuZGUNCiBlcC5kZTpNQUlMVE86aWV0ZkBzYW5kZWVwLmRl DQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNW UD1UUlVFO0NOPU1pY2hhZWwgQmUNCiBocmluZ2VyIChtYmVocmluZyk6TUFJTFRPOm1iZWhyaW5n QGNpc2NvLmNvbQ0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9TkVFRFMt QUNUSU9OO1JTVlA9VFJVRTtDTj1hbHBlci55ZWdpDQogbkB5ZWdpbi5vcmc6TUFJTFRPOmFscGVy LnllZ2luQHllZ2luLm9yZw0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9 TkVFRFMtQUNUSU9OO1JTVlA9VFJVRTtDTj1qaWFuZ3NoZW5nDQogQGh1YXdlaS5jb206TUFJTFRP OmppYW5nc2hlbmdAaHVhd2VpLmNvbQ0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFS VFNUQVQ9TkVFRFMtQUNUSU9OO1JTVlA9VFJVRTtDTj1sZW8ubGl1YmluDQogZ0BodWF3ZWkuY29t Ok1BSUxUTzpsZW8ubGl1YmluZ0BodWF3ZWkuY29tDQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJ UEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1UUlVFO0NOPWJyaWFuLmUuY2ENCiBycGVu dGVyQGdtYWlsLmNvbTpNQUlMVE86YnJpYW4uZS5jYXJwZW50ZXJAZ21haWwuY29tDQpBVFRFTkRF RTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1UUlVFO0NO PWt3YXRzZW5AanUNCiBuaXBlci5uZXQ6TUFJTFRPOmt3YXRzZW5AanVuaXBlci5uZXQNCkFUVEVO REVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7 Q049YW5pbWEtYm9vdA0KIHN0cmFwQGlldGYub3JnOk1BSUxUTzphbmltYS1ib290c3RyYXBAaWV0 Zi5vcmcNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElP TjtSU1ZQPVRSVUU7Q049dHRlK2FuaW1hQA0KIGNzLmZhdS5kZTpNQUlMVE86dHRlK2FuaW1hQGNz LmZhdS5kZQ0KREVTQ1JJUFRJT047TEFOR1VBR0U9ZW4tVVM6XG5cblRoaXMgcmVwbGFjZXMgdGhl IG9uZ29pbmcgYm9vdHN0cmFwIGRlc2lnbiB0DQogZWFtIHN0YW5kaW5nIG1lZXRpbmcuIEl0IHNo b3VsZCBiZSBhdCB0aGUgc2FtZSB0aW1lIGV0Yy4gSnVzdCBhIG5ldyB3ZWJleCANCiBsaW5rLiBU aGlzIHJlY3VycmluZyBtZWV0aW5nIHRlcm1pbmF0ZXMgYXQgdGhlIFNlb3VsIG1lZXRpbmcgKGF0 IHdoaWNoIHBvaQ0KIG50IHdlIGNhbiByZXNjaGVkdWxlKS5cblxuXG5FdGhlcnBhZDpcbmh0dHA6 Ly9ldGhlcnBhZC50b29scy5pZXRmLm9yZzo5MDAwDQogL3AvYW5pbWEtYm9vc3RyYXBwaW5nP3Vz ZU1vbm9zcGFjZUZvbnQ9dHJ1ZVxuKG5vdGUgdHlwbyBpbiBib29zdHJhcHBpbmcpXG4NCiBcblxu 4oCU4oCU4oCUXG5cblxuXG5cblxuXG4tLSBEbyBub3QgZGVsZXRlIG9yIGNoYW5nZSBhbnkgb2Yg dGhlIGZvbGxvd2luZw0KICB0ZXh0LiAtLVxuXG5cbkpvaW4gV2ViRXggbWVldGluZzxodHRwczov L2Npc2NvLndlYmV4LmNvbS9jaXNjb3NhbGVzL2oucGhwDQogP01USUQ9bWEwNjNkOWVmZWVkZTY2 ODY1OGU3NWU2M2Q4NzcwMDVmPlxuTWVldGluZyBudW1iZXI6IDIwMSAwNjQgNzM5XG5NZWUNCiB0 aW5nIHBhc3N3b3JkOiBhcldpZHJQeiAoMjc5NDM3NzkgZnJvbSBwaG9uZXMpXG5cblxuSWYgeW91 IGFyZSBhIGhvc3RcLCBnbw0KICBoZXJlPGh0dHBzOi8vY2lzY28ud2ViZXguY29tL2Npc2Nvc2Fs ZXMvai5waHA/TVRJRD1tNTBjNDI3N2Y1YzU1NjdmMWE2MjNkDQogOWU2OGQ5NTQ2MzM+IHRvIHZp ZXcgaG9zdCBpbmZvcm1hdGlvbi5cblxuSm9pbiBieSBwaG9uZVxuKzEtNDA4LTUyNS02ODAwIEMN CiBhbGwtaW4gdG9sbCBudW1iZXIgKFVTL0NhbmFkYSlcbisxLTg2Ni00MzItOTkwMyBDYWxsLWlu IHRvbGwtZnJlZSBudW1iZXIgKA0KIFVTL0NhbmFkYSlcbkFjY2VzcyBjb2RlOiAyMDEgMDY0IDcz OVxuR2xvYmFsIGNhbGwtaW4gbnVtYmVyczxodHRwczovL2Npc2NvDQogLndlYmV4LmNvbS9jaXNj b3NhbGVzL2dsb2JhbGNhbGxpbi5waHA/c2VydmljZVR5cGU9TUMmRUQ9MzYyMTI3Mzk3JnRvbGxG cmUNCiBlPTE+ICB8ICBUb2xsLWZyZWUgY2FsbGluZyByZXN0cmljdGlvbnM8aHR0cHM6Ly93d3cu d2ViZXguY29tL3BkZi90b2xsZnJlZQ0KIF9yZXN0cmljdGlvbnMucGRmPlxuXG5cbkNhbid0IGpv aW4gdGhlIG1lZXRpbmc/IENvbnRhY3Qgc3VwcG9ydC48aHR0cHM6Ly9jDQogaXNjby53ZWJleC5j b20vY2lzY29zYWxlcy9tYz5cblxuSU1QT1JUQU5UIE5PVElDRTogUGxlYXNlIG5vdGUgdGhhdCB0 aGlzIFcNCiBlYkV4IHNlcnZpY2UgYWxsb3dzIGF1ZGlvIGFuZCBvdGhlciBpbmZvcm1hdGlvbiBz ZW50IGR1cmluZyB0aGUgc2Vzc2lvbiB0bw0KICBiZSByZWNvcmRlZFwsIHdoaWNoIG1heSBiZSBk aXNjb3ZlcmFibGUgaW4gYSBsZWdhbCBtYXR0ZXIuIEJ5IGpvaW5pbmcgdGhpDQogcyBzZXNzaW9u XCwgeW91IGF1dG9tYXRpY2FsbHkgY29uc2VudCB0byBzdWNoIHJlY29yZGluZ3MuIElmIHlvdSBk byBub3QgY28NCiBuc2VudCB0byBiZWluZyByZWNvcmRlZFwsIGRpc2N1c3MgeW91ciBjb25jZXJu cyB3aXRoIHRoZSBob3N0IG9yIGRvIG5vdCBqbw0KIGluIHRoZSBzZXNzaW9uLi5cbg0KUlJVTEU6 RlJFUT1XRUVLTFk7VU5USUw9MjAxNjExMDhUMTYwMDAwWjtJTlRFUlZBTD0xO0JZREFZPVRVO1dL U1Q9U1UNClNVTU1BUlk7TEFOR1VBR0U9ZW4tVVM6VVBEQVRFOiBXZWVrbHkgYW5pbWEtYm9vdHN0 cmFwIG1lZXRpbmcNCkRUU1RBUlQ7VFpJRD1Nb3VudGFpbiBTdGFuZGFyZCBUaW1lOjIwMTYwOTEz VDA5MDAwMA0KRFRFTkQ7VFpJRD1Nb3VudGFpbiBTdGFuZGFyZCBUaW1lOjIwMTYwOTEzVDEwMDAw MA0KVUlEOjg5QTJFOUJFLTY5QUYtNDc5QS1BMDVBLTFFNUIyRERCQ0IzMw0KQ0xBU1M6UFVCTElD DQpQUklPUklUWTo1DQpEVFNUQU1QOjIwMTYwOTA2VDIyMjU0M1oNClRSQU5TUDpPUEFRVUUNClNU QVRVUzpDT05GSVJNRUQNClNFUVVFTkNFOjANCkxPQ0FUSU9OO0xBTkdVQUdFPWVuLVVTOndlYmV4 DQpYLU1JQ1JPU09GVC1DRE8tQVBQVC1TRVFVRU5DRTowDQpYLU1JQ1JPU09GVC1DRE8tT1dORVJB UFBUSUQ6MjExNDUzMzAyNw0KWC1NSUNST1NPRlQtQ0RPLUJVU1lTVEFUVVM6VEVOVEFUSVZFDQpY LU1JQ1JPU09GVC1DRE8tSU5URU5ERURTVEFUVVM6QlVTWQ0KWC1NSUNST1NPRlQtQ0RPLUFMTERB WUVWRU5UOkZBTFNFDQpYLU1JQ1JPU09GVC1DRE8tSU1QT1JUQU5DRToxDQpYLU1JQ1JPU09GVC1D RE8tSU5TVFRZUEU6MQ0KWC1NSUNST1NPRlQtRElTQUxMT1ctQ09VTlRFUjpGQUxTRQ0KQkVHSU46 VkFMQVJNDQpERVNDUklQVElPTjpSRU1JTkRFUg0KVFJJR0dFUjtSRUxBVEVEPVNUQVJUOi1QVDE1 TQ0KQUNUSU9OOkRJU1BMQVkNCkVORDpWQUxBUk0NCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5EQVIN Cg== --_000_77a08305bd734624902d983e5466e8deXCHALN013ciscocom_-- From nobody Mon Sep 12 05:45:06 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97BD712B275; Mon, 12 Sep 2016 05:45:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aC8jrE1aG3rV; Mon, 12 Sep 2016 05:45:00 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6481512B0FF; Mon, 12 Sep 2016 05:44:59 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id D5E892009E; Mon, 12 Sep 2016 08:57:30 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 404146392D; Mon, 12 Sep 2016 08:44:58 -0400 (EDT) From: Michael Richardson To: tisch-security <6tisch-security@ietf.org>, "anima-bootstrap\@ietf.org" In-Reply-To: <1ed0a6c6bbbe481fab1bc1c6e36c53d2@XCH-RCD-001.cisco.com> References: <24944.1471387601@obiwan.sandelman.ca> <1ed0a6c6bbbe481fab1bc1c6e36c53d2@XCH-RCD-001.cisco.com> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: Re: [Anima-bootstrap] [6tisch-security] developments on 6tisch join scheduling X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Sep 2016 12:45:01 -0000 --=-=-= Content-Type: text/plain {after some days in the drafts queue} Pascal Thubert (pthubert) wrote: > About your subdivision: > One may note that to root sees it all, and it the ultimate limit of the > bandwidth that may be given to join process. Yes. Very much agreed, and I want to subordinate all join scheduling to the limit that the root has established. > The bigger the network the slower a given JA can accept new joins. And > the deeper the JA, the more overall resources will be consumed by a > join. > Since this is dynamic and dependent on the network, it may be that we > need the root to provide JAs with a MTBJ (mean time between joins) that > depends on the rank or something. Yes, that was essentially my goal. > We can wonder if the root itself could be the proxy, being triggered by > a DAR message as you described. The root can afford to maintain an EST > session. > The root would arbitrate when that request is being served. And that > the root may instruct in the DAC when the device is entitled to > continue its join process. Yes, this is what I want to do: add something to the DAC that instructions the new device when it should retry. > For this purpose, the DIO may contain new information about root > capabilities in the DODAG Configuration option. I agree that the root ought to have the resources to maintain sessions if needed, but I don't know if we need that. The DTLS (or EDHOC) session itself needs to extend to the new pledge for cryptographic reasons. >> What is needed is a way to adjust things so that the pledges will attempt to join >> in a way that does not overwhelm the network, and more so, that the proxy >> nodes can easily police that they are doing so. ... >> This is where the hard part is, how to come up with a simple to describe, and >> simple to code algorithm which would fill up the available bandwidth, and be >> easily subdividable. Upon further reflection, I think that the 6LBR shall decide and provide the interval via the DAC. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9ajR4CLcPvd0N1lAQJRSwf/SIGs7p3vqyhjPyGd4pDMtEHtNVHH1lM/ Hk+iZgZfO+M/GVnar645Hls8hB2OO4Sjj3lEiheV6SgcDtkwMh2Y613PgTofiOue fsQuCIEjhN7eVlqY468/WPQ2jNQwtCh2kUUpmmSXlUDaAkIBreBdfn3XxrXz2e2K MeiTJe4mpyI9la5qMFgR5QEM43oIMY4MqR6vSwodSvA1aH+h8ITpX4jz2aTMH8/6 O3Imlo3pWhxMzP278rSyASG1jtGzjKQlpgFYqgfeNS83oCEmMZwp97omRqhiPnr9 rfw4a/ZKThVaYrZ40Y/VAqAy7+bnqXjdUJWO1TanVGb+NS2+mMgLpg== =Z98j -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Sep 13 08:32:57 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51D9A12B4F3 for ; Tue, 13 Sep 2016 08:32:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.027 X-Spam-Level: X-Spam-Status: No, score=-16.027 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q70QqR4MvvgZ for ; Tue, 13 Sep 2016 08:32:51 -0700 (PDT) Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BC2612B3E9 for ; Tue, 13 Sep 2016 08:00:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=11547; q=dns/txt; s=iport; t=1473778806; x=1474988406; h=from:to:subject:date:message-id:mime-version; bh=+FNrk0u0I/nz0EYNnWLEr//7rYW5QU6Xk6qWggK6EIQ=; b=XRM9QW5mFDod9SnI0Kl3fizhXsPjnELffzZVy4n3rU1ZiEFF8rXh1zkM e8A3bTqjU/YYRytP825/QYU1FGsZh/hdhncwILgTvYSh0tOqGv2pXgtYa tEyK0gJ77oVBCvBDsDSXLXykYm/pESu033IXvhKfYUG+MqX/9PXn8tPiP o=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AXAAAGFNhX/5tdJa1DFwMZAQEBAQEBA?= =?us-ascii?q?QEBAQEHAQEBAQGDBw8kAQEBAQEeV3wHhCyJAKYSgn6CD4EcBWImhRlfHoEwOBQ?= =?us-ascii?q?BAgEBAQEBAQFeJ4RmAiNDIQQBNAQMBgIEGRckAgEEARqIQg4tsFGFE4cfAQEBA?= =?us-ascii?q?QEBAQECAQEBAQEBAQEBEA4Fjn4tJgomB4I0gloFiROQUgGGJIYCgyKBdRc3hBK?= =?us-ascii?q?JEgKGeYlZAR42gnMbgQNLcAGGEH8BAQE?= X-IronPort-AV: E=Sophos;i="5.30,329,1470700800"; d="scan'208,217";a="322350696" Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Sep 2016 15:00:05 +0000 Received: from XCH-ALN-014.cisco.com (xch-aln-014.cisco.com [173.36.7.24]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id u8DF05VT013510 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 13 Sep 2016 15:00:05 GMT Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-ALN-014.cisco.com (173.36.7.24) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 13 Sep 2016 10:00:01 -0500 Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Tue, 13 Sep 2016 10:00:01 -0500 From: "Max Pritikin (pritikin)" To: "ietf@sandeep.de" , "mcr+ietf@sandelman.ca" , "anima-bootstrap@ietf.org" , "alper.yegin@yegin.org" , "jiangsheng@huawei.com" , "leo.liubing@huawei.com" , "Michael Behringer (mbehring)" , "brian.e.carpenter@gmail.com" , "Jason Coleman (colemaj)" , "kwatsen@juniper.net" , "tte+anima@cs.fau.de" Thread-Topic: UPDATE: Weekly anima-bootstrap meeting Thread-Index: AdIIjJyVsl3sxGXZtESwhir0RfpNbw== Date: Tue, 13 Sep 2016 15:00:01 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.99.106.14] Content-Type: multipart/alternative; boundary="_000_d3728d5953274ad8a66d8b660ae4fcdeXCHALN013ciscocom_" MIME-Version: 1.0 Archived-At: Subject: [Anima-bootstrap] UPDATE: Weekly anima-bootstrap meeting X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Sep 2016 15:32:56 -0000 --_000_d3728d5953274ad8a66d8b660ae4fcdeXCHALN013ciscocom_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable This replaces the ongoing bootstrap design team standing meeting. It should= be at the same time etc. Just a new webex link. This recurring meeting ter= minates at the Seoul meeting (at which point we can reschedule). Etherpad: http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceFont= =3Dtrue (note typo in boostrapping) =97=97=97 -- Do not delete or change any of the following text. -- Join WebEx meeting Meeting number: 201 064 739 Meeting password: arWidrPz (27943779 from phones) If you are a host, go here to view host information. Join by phone +1-408-525-6800 Call-in toll number (US/Canada) +1-866-432-9903 Call-in toll-free number (US/Canada) Access code: 201 064 739 Global call-in numbers | Toll-free calling restric= tions Can't join the meeting? Contact support. IMPORTANT NOTICE: Please note that this WebEx service allows audio and othe= r information sent during the session to be recorded, which may be discover= able in a legal matter. By joining this session, you automatically consent = to such recordings. If you do not consent to being recorded, discuss your c= oncerns with the host or do not join the session.. --_000_d3728d5953274ad8a66d8b660ae4fcdeXCHALN013ciscocom_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable

This replaces the ongoing bootstrap design team standing meeting. It s= hould be at the same time etc. Just a new webex link. This recurring meetin= g terminates at the Seoul meeting (at which point we can reschedule).

Etherpad:
http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceF= ont=3Dtrue
(note typo in boostrapping)

=97=97=97




-- Do not delete or change any= of the following text. --


Join WebEx meeting
Meeting number: 201 064 7= 39
Meeting password: arWidrPz (27943779 from phones)


If you are a host, go here to view host information.

Join by phone
+1-408-525= -6800 Call-in toll number (US/Canada)
+1-866-432= -9903 Call-in toll-free number (US/Canada)
Access code: 201 064 739<= /font>
Global call-in numbers | Toll-free calling restriction= s


Can't join the meeting? Contact support.

IMPORTANT NOTICE: Please = note that this WebEx service allows audio and other information sent during= the session to be recorded, which may be discoverable in a legal matter. B= y joining this session, you automatically consent to such recordings. If you do not consent to being recorded, discu= ss your concerns with the host or do not join the session.. --_000_d3728d5953274ad8a66d8b660ae4fcdeXCHALN013ciscocom_ Content-Type: text/calendar; charset="utf-8"; method=REQUEST Content-Transfer-Encoding: base64 QkVHSU46VkNBTEVOREFSDQpNRVRIT0Q6UkVRVUVTVA0KUFJPRElEOk1pY3Jvc29mdCBFeGNoYW5n ZSBTZXJ2ZXIgMjAxMA0KVkVSU0lPTjoyLjANCkJFR0lOOlZUSU1FWk9ORQ0KVFpJRDpNb3VudGFp biBTdGFuZGFyZCBUaW1lDQpCRUdJTjpTVEFOREFSRA0KRFRTVEFSVDoxNjAxMDEwMVQwMjAwMDAN ClRaT0ZGU0VURlJPTTotMDYwMA0KVFpPRkZTRVRUTzotMDcwMA0KUlJVTEU6RlJFUT1ZRUFSTFk7 SU5URVJWQUw9MTtCWURBWT0xU1U7QllNT05USD0xMQ0KRU5EOlNUQU5EQVJEDQpCRUdJTjpEQVlM SUdIVA0KRFRTVEFSVDoxNjAxMDEwMVQwMjAwMDANClRaT0ZGU0VURlJPTTotMDcwMA0KVFpPRkZT RVRUTzotMDYwMA0KUlJVTEU6RlJFUT1ZRUFSTFk7SU5URVJWQUw9MTtCWURBWT0yU1U7QllNT05U SD0zDQpFTkQ6REFZTElHSFQNCkVORDpWVElNRVpPTkUNCkJFR0lOOlZFVkVOVA0KT1JHQU5JWkVS O0NOPU1heCBQcml0aWtpbiAocHJpdGlraW4pOk1BSUxUTzpwcml0aWtpbkBjaXNjby5jb20NCkFU VEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRS VUU7Q049aWV0ZkBzYW5kZQ0KIGVwLmRlOk1BSUxUTzppZXRmQHNhbmRlZXAuZGUNCkFUVEVOREVF O1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049 bWNyK2lldGZAcw0KIGFuZGVsbWFuLmNhOk1BSUxUTzptY3IraWV0ZkBzYW5kZWxtYW4uY2ENCkFU VEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRS VUU7Q049YW5pbWEtYm9vdA0KIHN0cmFwQGlldGYub3JnOk1BSUxUTzphbmltYS1ib290c3RyYXBA aWV0Zi5vcmcNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFD VElPTjtSU1ZQPVRSVUU7Q049YWxwZXIueWVnaQ0KIG5AeWVnaW4ub3JnOk1BSUxUTzphbHBlci55 ZWdpbkB5ZWdpbi5vcmcNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5F RURTLUFDVElPTjtSU1ZQPVRSVUU7Q049amlhbmdzaGVuZw0KIEBodWF3ZWkuY29tOk1BSUxUTzpq aWFuZ3NoZW5nQGh1YXdlaS5jb20NCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRT VEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049bGVvLmxpdWJpbg0KIGdAaHVhd2VpLmNvbTpN QUlMVE86bGVvLmxpdWJpbmdAaHVhd2VpLmNvbQ0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBB TlQ7UEFSVFNUQVQ9TkVFRFMtQUNUSU9OO1JTVlA9VFJVRTtDTj1NaWNoYWVsIEJlDQogaHJpbmdl ciAobWJlaHJpbmcpOk1BSUxUTzptYmVocmluZ0BjaXNjby5jb20NCkFUVEVOREVFO1JPTEU9UkVR LVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049YnJpYW4uZS5j YQ0KIHJwZW50ZXJAZ21haWwuY29tOk1BSUxUTzpicmlhbi5lLmNhcnBlbnRlckBnbWFpbC5jb20N CkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQ PVRSVUU7Q049SmFzb24gQ29sZQ0KIG1hbiAoY29sZW1haik6TUFJTFRPOmNvbGVtYWpAY2lzY28u Y29tDQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047 UlNWUD1UUlVFO0NOPWt3YXRzZW5AanUNCiBuaXBlci5uZXQ6TUFJTFRPOmt3YXRzZW5AanVuaXBl ci5uZXQNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElP TjtSU1ZQPVRSVUU7Q049dHRlK2FuaW1hQA0KIGNzLmZhdS5kZTpNQUlMVE86dHRlK2FuaW1hQGNz LmZhdS5kZQ0KREVTQ1JJUFRJT047TEFOR1VBR0U9ZW4tVVM6XG5cblRoaXMgcmVwbGFjZXMgdGhl IG9uZ29pbmcgYm9vdHN0cmFwIGRlc2lnbiB0DQogZWFtIHN0YW5kaW5nIG1lZXRpbmcuIEl0IHNo b3VsZCBiZSBhdCB0aGUgc2FtZSB0aW1lIGV0Yy4gSnVzdCBhIG5ldyB3ZWJleCANCiBsaW5rLiBU aGlzIHJlY3VycmluZyBtZWV0aW5nIHRlcm1pbmF0ZXMgYXQgdGhlIFNlb3VsIG1lZXRpbmcgKGF0 IHdoaWNoIHBvaQ0KIG50IHdlIGNhbiByZXNjaGVkdWxlKS5cblxuXG5FdGhlcnBhZDpcbmh0dHA6 Ly9ldGhlcnBhZC50b29scy5pZXRmLm9yZzo5MDAwDQogL3AvYW5pbWEtYm9vc3RyYXBwaW5nP3Vz ZU1vbm9zcGFjZUZvbnQ9dHJ1ZVxuKG5vdGUgdHlwbyBpbiBib29zdHJhcHBpbmcpXG4NCiBcblxu 4oCU4oCU4oCUXG5cblxuXG5cblxuXG4tLSBEbyBub3QgZGVsZXRlIG9yIGNoYW5nZSBhbnkgb2Yg dGhlIGZvbGxvd2luZw0KICB0ZXh0LiAtLVxuXG5cbkpvaW4gV2ViRXggbWVldGluZzxodHRwczov L2Npc2NvLndlYmV4LmNvbS9jaXNjb3NhbGVzL2oucGhwDQogP01USUQ9bWEwNjNkOWVmZWVkZTY2 ODY1OGU3NWU2M2Q4NzcwMDVmPlxuTWVldGluZyBudW1iZXI6IDIwMSAwNjQgNzM5XG5NZWUNCiB0 aW5nIHBhc3N3b3JkOiBhcldpZHJQeiAoMjc5NDM3NzkgZnJvbSBwaG9uZXMpXG5cblxuSWYgeW91 IGFyZSBhIGhvc3RcLCBnbw0KICBoZXJlPGh0dHBzOi8vY2lzY28ud2ViZXguY29tL2Npc2Nvc2Fs ZXMvai5waHA/TVRJRD1tNTBjNDI3N2Y1YzU1NjdmMWE2MjNkDQogOWU2OGQ5NTQ2MzM+IHRvIHZp ZXcgaG9zdCBpbmZvcm1hdGlvbi5cblxuSm9pbiBieSBwaG9uZVxuKzEtNDA4LTUyNS02ODAwIEMN CiBhbGwtaW4gdG9sbCBudW1iZXIgKFVTL0NhbmFkYSlcbisxLTg2Ni00MzItOTkwMyBDYWxsLWlu IHRvbGwtZnJlZSBudW1iZXIgKA0KIFVTL0NhbmFkYSlcbkFjY2VzcyBjb2RlOiAyMDEgMDY0IDcz OVxuR2xvYmFsIGNhbGwtaW4gbnVtYmVyczxodHRwczovL2Npc2NvDQogLndlYmV4LmNvbS9jaXNj b3NhbGVzL2dsb2JhbGNhbGxpbi5waHA/c2VydmljZVR5cGU9TUMmRUQ9MzYyMTI3Mzk3JnRvbGxG cmUNCiBlPTE+ICB8ICBUb2xsLWZyZWUgY2FsbGluZyByZXN0cmljdGlvbnM8aHR0cHM6Ly93d3cu d2ViZXguY29tL3BkZi90b2xsZnJlZQ0KIF9yZXN0cmljdGlvbnMucGRmPlxuXG5cbkNhbid0IGpv aW4gdGhlIG1lZXRpbmc/IENvbnRhY3Qgc3VwcG9ydC48aHR0cHM6Ly9jDQogaXNjby53ZWJleC5j b20vY2lzY29zYWxlcy9tYz5cblxuSU1QT1JUQU5UIE5PVElDRTogUGxlYXNlIG5vdGUgdGhhdCB0 aGlzIFcNCiBlYkV4IHNlcnZpY2UgYWxsb3dzIGF1ZGlvIGFuZCBvdGhlciBpbmZvcm1hdGlvbiBz ZW50IGR1cmluZyB0aGUgc2Vzc2lvbiB0bw0KICBiZSByZWNvcmRlZFwsIHdoaWNoIG1heSBiZSBk aXNjb3ZlcmFibGUgaW4gYSBsZWdhbCBtYXR0ZXIuIEJ5IGpvaW5pbmcgdGhpDQogcyBzZXNzaW9u XCwgeW91IGF1dG9tYXRpY2FsbHkgY29uc2VudCB0byBzdWNoIHJlY29yZGluZ3MuIElmIHlvdSBk byBub3QgY28NCiBuc2VudCB0byBiZWluZyByZWNvcmRlZFwsIGRpc2N1c3MgeW91ciBjb25jZXJu cyB3aXRoIHRoZSBob3N0IG9yIGRvIG5vdCBqbw0KIGluIHRoZSBzZXNzaW9uLi5cbg0KUlJVTEU6 RlJFUT1XRUVLTFk7VU5USUw9MjAxNjExMDhUMTYwMDAwWjtJTlRFUlZBTD0xO0JZREFZPVRVO1dL U1Q9U1UNClNVTU1BUlk7TEFOR1VBR0U9ZW4tVVM6VVBEQVRFOiBXZWVrbHkgYW5pbWEtYm9vdHN0 cmFwIG1lZXRpbmcNCkRUU1RBUlQ7VFpJRD1Nb3VudGFpbiBTdGFuZGFyZCBUaW1lOjIwMTYwOTEz VDA5MDAwMA0KRFRFTkQ7VFpJRD1Nb3VudGFpbiBTdGFuZGFyZCBUaW1lOjIwMTYwOTEzVDEwMDAw MA0KVUlEOjg5QTJFOUJFLTY5QUYtNDc5QS1BMDVBLTFFNUIyRERCQ0IzMw0KQ0xBU1M6UFVCTElD DQpQUklPUklUWTo1DQpEVFNUQU1QOjIwMTYwOTEzVDE1MDAwMVoNClRSQU5TUDpPUEFRVUUNClNU QVRVUzpDT05GSVJNRUQNClNFUVVFTkNFOjENCkxPQ0FUSU9OO0xBTkdVQUdFPWVuLVVTOndlYmV4 DQpYLU1JQ1JPU09GVC1DRE8tQVBQVC1TRVFVRU5DRToxDQpYLU1JQ1JPU09GVC1DRE8tT1dORVJB UFBUSUQ6MjExNDUzMzAyNw0KWC1NSUNST1NPRlQtQ0RPLUJVU1lTVEFUVVM6VEVOVEFUSVZFDQpY LU1JQ1JPU09GVC1DRE8tSU5URU5ERURTVEFUVVM6QlVTWQ0KWC1NSUNST1NPRlQtQ0RPLUFMTERB WUVWRU5UOkZBTFNFDQpYLU1JQ1JPU09GVC1DRE8tSU1QT1JUQU5DRToxDQpYLU1JQ1JPU09GVC1D RE8tSU5TVFRZUEU6MQ0KWC1NSUNST1NPRlQtRElTQUxMT1ctQ09VTlRFUjpGQUxTRQ0KQkVHSU46 VkFMQVJNDQpERVNDUklQVElPTjpSRU1JTkRFUg0KVFJJR0dFUjtSRUxBVEVEPVNUQVJUOi1QVDE1 TQ0KQUNUSU9OOkRJU1BMQVkNCkVORDpWQUxBUk0NCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5EQVIN Cg== --_000_d3728d5953274ad8a66d8b660ae4fcdeXCHALN013ciscocom_-- From nobody Tue Sep 13 19:18:08 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3935512B173; Tue, 13 Sep 2016 19:18:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FpOtVR33lCir; Tue, 13 Sep 2016 19:18:05 -0700 (PDT) Received: from mail-pa0-x232.google.com (mail-pa0-x232.google.com [IPv6:2607:f8b0:400e:c03::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 74A1212B128; Tue, 13 Sep 2016 19:18:05 -0700 (PDT) Received: by mail-pa0-x232.google.com with SMTP id id6so161956pad.3; Tue, 13 Sep 2016 19:18:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:organization:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=lII9quktdeEIhzU+YqTxAvvA2j3/KMMVFQRiqVlJR4U=; b=kKsLLct+51hTypDMFa68i+X6T0xu5R/Fpvy8r7HU/3Lm9Kx3J1DNjqJYyr46khHsCy YOaKFj5+m2Mn0ed3uzUL8BLtm10WQZaFlgtnFwz3p5PkTOVHLnVawG+SF5gypILZcbF4 XAaAos//fJcIbRJXI/yR1G3DnbB8tuDLlTY/qb3iIEwdppGusj3YBcj7F2PDSYrvMf6k 1gPsHu7DwxB53M3MPWDRJQvwZGgEZgvXsAJnbleGok/Yk4jBO6BKVV+6nygENgG41d/E u0qCEt1TvYvzvudmVkdD4WL4VI1Gtwj+Yctfb8YsWF2kWpVVj2CC9BPNfPjbv9oO1qZX /APQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:from:organization:subject:message-id:date :user-agent:mime-version:content-transfer-encoding; bh=lII9quktdeEIhzU+YqTxAvvA2j3/KMMVFQRiqVlJR4U=; b=dvQlBoMQbLUqtHKMsuSj/GCfjjTCiZf42JzhxRlCwQuRVQ25DMQpZWvm3ewW6LF+In fbEr2OPXB8G8CM7GMuGPjuQfaOPfVukSxB3t42/XRyQgqxOryiHhQhCsp8qlxdhuGpMk hZN4NpQhCcmyGScRtOvpXyLT6cmHHKlZAQI1xqWSJU3D4gGk/LI7hx4f5g3X7t1u3LnP gqCh6h/JN/09rthRpnFCeYVHUuJaZJczwZf0E9/6eb+Fzu69vY1w2Djd3mu05QLORsOx VOt7wqO0JSkFsE4xMWpvTjr5stIAfd7lNtdVIslh/bWm4saLOqwixPi9afcmneZqB/Wb bYlA== X-Gm-Message-State: AE9vXwOkMweKdiOEIRkxiIrHNUfMPIu9Rj61EAxytS1cv7JqT75t8Ed6qQKh8FhneFaVVw== X-Received: by 10.66.43.82 with SMTP id u18mr258884pal.28.1473819484818; Tue, 13 Sep 2016 19:18:04 -0700 (PDT) Received: from ?IPv6:2001:df0:0:2006:c0da:ac17:5f6d:8e76? ([2001:df0:0:2006:c0da:ac17:5f6d:8e76]) by smtp.gmail.com with ESMTPSA id tj5sm1103323pab.37.2016.09.13.19.18.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Sep 2016 19:18:03 -0700 (PDT) To: Anima signaling DT , anima-bootstrap@ietf.org From: Brian E Carpenter Organization: University of Auckland Message-ID: Date: Wed, 14 Sep 2016 14:18:04 +1200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: [Anima-bootstrap] GRASP and BRSKI X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Sep 2016 02:18:07 -0000 (apologies for any duplicates) I've been playing around to verify that GRASP as currently defined can support the secure bootstrap discovery requirements (i.e. proxy discovering registrars, and joining node (pledge) discovering proxies). I think we agreed that a registrar should broadcast its presence (by flooding out its coordinates across the AN), so that's what I modelled. Toerless wanted to emulate the priority/weight parameters available in mDNS and to know the distance (hop count) to each registrar. I included that; it would be easy to remove. There seemed to be some lack of consensus about whether pledges should broadcast their presence (by sending a link-local discovery multicast) or whether the proxy should broadcast *its* presence (by flooding out its coordinates on-link). I modelled both methods. The bootstrap team does need to choose. Pledge broadcasts: - pledge has to do two steps [discover() and synchronize()] instead of one [get_flood()]. - on-link attacker knows that the pledge exists and (knowing its address) might be able to intercept its subsequent unicast BRSKI messages if promiscuous mode is possible. - nothing stops an attacker from discovering the proxy by acting like a pledge and then attacking it directly. Proxy broadcasts: - on-link attacker will not be told that a pledge exists (but might still be able to intercept its unicast BRSKI messages if promiscuous mode is possible). - nothing stops an attacker from attacking the proxy directly. Running code, of a sort, is at https://www.cs.auckland.ac.nz/~brian/graspy/brski/ Please start with the README file. Regards Brian From nobody Wed Sep 14 17:05:17 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E900912B0E8 for ; Wed, 14 Sep 2016 17:05:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5K9UDqwT9-pB for ; Wed, 14 Sep 2016 17:05:13 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26EBA12B0FA for ; Wed, 14 Sep 2016 17:05:13 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id AC74B2009E for ; Wed, 14 Sep 2016 20:17:52 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id A4AD56392D for ; Wed, 14 Sep 2016 20:05:11 -0400 (EDT) From: Michael Richardson To: anima-bootstrap X-Attribution: mcr X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 00:05:16 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable This set of minutes covers meetings in August 2016 and September 2016, up to September 13, 2016. Warning: fixed-width ASCII art, pick the right font, or it will probably be unreadable. Please contribute corrections. Previous minutes were posted on August 16 for meetings after IETF96. https://www.ietf.org/mail-archive/web/netconf/current/msg11652.html A history of meetings covered: 2016-08-23 - Max, Kent, mcr on mobile 2016-08-30 - mcr away camping, Max got dragged elsewhere, meeting was cancelled. 2016-09-06 - Max, Kent, mcr 2016-09-13 - Max, Kent, mcr, Toerless, Michael Behringer (muted entire ti= me?) Future meetings: 2016-09-20, 2016-09-27, 2016-10-04, 2016-10-11, 2016-10-18, 2016-10-25, 2016-11-01. 2016-11-08 -- cancelled, too close to IETF97. 0) the old webex expired, and a new one was created. WEEKLY INVITE, SEE ANIMA BOOTSTRAP WIKI: https://trac.tools.ietf.org/wg/anima/trac/wiki/Bootstrap 1) The chairs queried us about whether we were "done yet", and the answer w= as that we need another two weeks to beat on your document. EXEC SUMMARY: We have essentially specified pretty much everything, but some doubts have arrived as to whether our chosen architecture and technologies are the best, and we are letting ourselves decide if there are some critical decisions we should revise NOW. In particular, those decisions align the technology better with both NETCONF and IoT needs, and may be also result in a simpler security footprint. 2016-08-23 - Max, Kent, mcr on mobile 2016-08-30 - mcr away camping 2016-09-06 - Max, Kent, mcr 2016-09-13 - Max, Kent, mcr, Toerless, Michael Behringer (muted entire ti= me?) 2) At the 2016-08-16, as previously minuted, the decision arrived that we want to have a WG document (Informational) about the ownership voucher. During subsequent discussions, further discussions suggest that in fact it = is not a private matter, and that it probably (reading between lines) should be a standards track specification, or a reference to such a document. It was suggested that OAUTH bound tokens might provide the right model, or perhaps JSON Web Tokens, or ??? cf: https://tools.ietf.org/html/rfc6750 https://tools.ietf.org/html/draft-wahlstroem-ace-cbor-web-token-00 We discussed whether we could just have the ownership voucher definition pasted into the BRSKI document in a way that made it clear it was mostly identical to the netconf format, but the pushback was that having it in a clear document referenced by both made it clear that it was the same thin= g. The value of having a single document was mostly a process simplification concern, and letting us move forward. ACTION: Kent said he would start a document in his git repo, but I don't think that actually happened yet, unless it was system-keychain? 3) mcr was uncomfortable with the level of detail/protocol around getting the pledge to put the "right things" into the CSR. A number pointers were inserted into the notes: https://tools.ietf.org/html/draft-ietf-anima-bootstrapping-keyinfra-03#se= ction-5.7.2 https://tools.ietf.org/html/draft-ietf-netconf-system-keychain-00#section= -3 section https://tools.ietf.org/html/draft-ietf-netconf-system-keychain-00= #section-2.3 includes YANG action statement "generate-certifacte-signing-request" that takes input PKCS#10 structures 'subject' and 'attributes', and generates output structure 'certificate-signing-request' (the CSR itself). ACTION ITEM (max): form an articulate position on how this push model discussion migth integrate with the anima pull model -- as a thoug= ht excercise. NOTE from mcr: 6tisch would prefer a pull model (server/NMS initiated) as well for bandwidth management reasons, and I'm trying to reverse it back to client initiated, with some way to manage bandwidth... 4) the 2016-09-06 and 2016-09-13 meetings dealt a lot with the notion of roles and role reversals, and much terminology was abused, and confused. We wrote some definitions, which are reorganized in these minutes as follow= s: Actors are: 1) new device ("pledge") 2) registrar (ANIMA term) management system (NETCONF) ("NMS") JCE (6tisch) The roles that can be taken are: a) TCP-initiator ("SYN") b) TCP-responder ("SYN+ACK") c) TLS-client d) TLS-server e) HTTP client/CoAP client f) HTTP server/CoAP server g) RESTCONF client / 6p client h) RESTCONF server / 6p server i) EST (7030) client j) EST (7030) server I) The ANIMA cast list is as follows: i) pledge is TCP-initiator, TLS-client, HTTP/EST client. ii) registar is TCP-responder, TLS-server, EST server. II) In NETCONF, cast list is as follows: i) pledge is TCP-initiator, TLS-server, RESTCONF server. ii) NMS is TCP-responder, TLS-client, RESTCONF client. III) In 6tisch, cast list is as follows: i) pledge is DAD-client, DTLS-server, CoAP server, 6p server. ii) JCE is DTLS-client, CoAP-client, 6p client. [Only maybe DTLS is replaced with EDHOC] We had some significant discussions about the advantage of the NETCONF "call-home" role reversal, and explained in this time sequence diagram that has the TCP and TLS activities: FIGURE 20160906: Solution Overview NETCONF/RESTCONF NETCONF/RESTCONF Server (h) Client (g) (anima new device) (anima registrar) | | | 1. TCP | |-------------SYN------------------->| Just a SYN, SYN/ACK. |<------------SYN/ACK----------------| | | | | | 2. SSH/TLS | |<------------ClientHello------------| same TCP connection. |-------------ServerHello-(cert)---->| Registrar verifies | | 802.1AR cert, and | | obtains auth token |<------------client cert------------| <- client cert | | =3D ownership voucher/au= th | | token |<------------extension auth token---| * modification or | | extensions to TLS handsha= ke | | | | (NOTE: This is an idea | | around optimizing the | | initial authentication. | | netconf/restconf | | DOES NOT explore this eit= her) | continue with BRSKI or | | NETCONF/RESTCONF etc: | | 3. NETCONF/RESTCONF | |<-----------------------------------| | | Note: arrows point from the "client" to the "server" at each protocol layer It was noting: By flipping the TLS connection the handshake works out nice= ly in our favor: the TLSCertificate payload is the 802.1AR cert and then *after* it is authenticated the client could respond with the ownership voucher cert assuming the necessary extension could be defined. some additional TLS time sequence diagrams: https://www.cs.cmu.edu/~mmaass/tpm_tls/report.html or http://etutorials.org/shared/images/tutorials/tutorial_113/09fig03.gif or https://tools.ietf.org/html/rfc5878#section-6 Compare this to the flow in BRSKI: https://tools.ietf.org/html/draft-ietf-anima-bootstrapping-keyinfra-03#s= ection-3 at about: | TLS via the Circuit Proxy | |<--Registrar TLS server authentication---| | | [PROVISIONAL accept of server cert] | P | P---IEEE 802.1AR client authentication--->| P | [then doing REST stuff to get out of P state] We discussed at length: Is this optimization worth pursuing NOW or can it be handled as a true optimization in later work? ** delaying this incurs technical debt ** It might involve the REST interface being flipped. This makes re-use of existing libraries harder. This netconf draft addresses how the interface might be implmented: https://tools.ietf.org/html/draft-ietf-netconf-system-keychain-00 (thus DRAFT vs EST RFC7030) Our path to RFC is quicker/easier if we reference RFCs. But this role reversal isn't a bad idea at all!!! But from this it appears that the =E2=80=9Cserver=E2=80=9D is consistently = the device. See also: https://tools.ietf.org/html/rfc6241 (netconf) =E2=80=9Cthe client can be a script or application typically running as part of a network manager. The server is typically a network device. The terms "device" and "server" are used interchangeably in this document=E2=80=9D QUESTION: in all of netconf/restconf is the device always passive? ACTION ITEM FOR MAX: Continue this conversastion with a more detailed discussion of what the netconf provisional state actually is (they don't spell it out). Tentative plan: maintain current flows and work toward optimization in netconf by partnering with netconf folks? 5) We discussed: https://tools.ietf.org/html/draft-ietf-netconf-system-keychain-00 could replace [suppliment] EST, but needs some extensions for ANIMA. (It can't replace because the server isn't long term appropriate for knowing when the client needs to obtain a new cert etc. I think its suppliment). This is contrasted to netconf, where the management infrastructure is driving the state machine. So the mgmt drives to push the initial certificate. But, certificates have lifetimes, and (unless they are ~infinite~), the client knows when it needs to renew the certificate, and so it still has = to have a state machine to enable to renew. Renew is built-in to EST, but system-keychain doesn't deal with it? Kent: client can send notification, but agrees that client has to initiate the callback, so that the NMS can push a new certificate down. A lot of the discussion then revolved around if we could reduce the time/complexity of the provisional state, as it is a likely avenue of attack or implementation flaws. - flipping the TLS connection and having a TLS extension for the auth token / ownership voucher this would require a new doc for a TLS extensi= on. +--------------+ | Start | | | +------+-------+ | +------v-------+ | Discover | +------------> | | +------+-------+ | | | +------v-------+ | | Identity | ^------------+ | | rejected +------+-------+ | | <-- 1. moving imprint to here as part of | | TLS handshake this reduces the | | provisional state. | +------v-------+ This is an interesting/great/cool | | | optimization but would slow us down a l= ot | | | to define the needed extension auth to= ken. | | Request | | | Join | | +------+-------+ | | | +------v-------+ | | Imprint | Optional ^------------+ <--+Manual input | Bad Vendor +------+-------+ | response | | +------v-------+ | | Enroll | <-- 2. should this be driven by the | | | registrar/netconf style server ^------------+ | as server side state | | | (e.g. netconf-system-keychain) | Enroll +------+-------+ this is implied because the order of | | the TLS in netconf call home | Failure | but we could swap the roles again | | to get back to EST (current anima draf= t) | +------v-------+ | | Being | ^------------+ Managed | Factory +--------------+ reset We discussed the question as to whether or not a decision about 1, and 2 were linked in any way? Does TRUE(1) force TRUE(2)? (NO) Does FALSE(2) imply FALSE(1)? (NO) ACTION ITEM for MCR: Can we use RFC5878 (SAML) to replace ownership / auth token extension need? Here is a TLS State diagram adapted from RFC5878, section 6, anotated to include where the provision state would be. Client Server ClientHello (no extensions) --------> |0 ServerHello (no extensions) |0 Certificate* |0 ServerKeyExchange* |0 CertificateRequest* |0 <-------- ServerHelloDone |0 Certificate* |0 ClientKeyExchange |0 CertificateVerify* |0 [ChangeCipherSpec] |0 Finished --------> |1 [ChangeCipherSpec] |0 <-------- Finished |1 { THIS IS PROVISIONAL STATE!!!! } ClientHello (w/ extensions) --------> |1 ServerHello (w/ extensions) |1 SupplementalData (w/ authz data)* |1 Certificate* |1 ServerKeyExchange* |1 CertificateRequest* |1 <-------- ServerHelloDone |1 SupplementalData (w/ authz data)* |1 Certificate* |1 ClientKeyExchange |1 CertificateVerify* |1 [ChangeCipherSpec] |1 Finished --------> |2 [ChangeCipherSpec] |1 <-------- Finished |2 SAML would work well, if a bit verbose, but this will fail for bearer tokens!!! https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-err= ata-2.0-wd-06-diff.pdf JWT might be simpler. PLEDGE REGISTRAR <--MITM-- ClientHello (w/ extensions) ServerHello (no extensions) ---MITM-> Certificate (IDevID) ServerKeyExchange* (DH) CertificateRequest ServerHelloDone =2D- Michael Richardson , Sandelman Software Works -=3D IPv6 IoT consulting =3D- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9nltICLcPvd0N1lAQLptAf7BhNXUWeRNtP9WFs/x+stiEKOJwfXUyzR cPveHIAH2Q3H8IJaGXZo0jXxpsh81ONunOMMCe/bpsaX6SIgP7v5zQd0pOCiIQCS 9K5ip5b6hnByaohonpXw39ReLpBezg048tLEZFTiFtaJhM6BzeK4jQ/sdzx9tMlJ FDM7VtXljp0vp6gIyhWnK30+GZ5Hq+9sZkVt17TGBOp0uTufv21TOiMDN47ka3A9 gj6tjklz4pmOSdu1i03RU3mJeShm65GA/0eLjIvYHNpISnVDUJXiWuIXN+wWzx9/ HyRn55krF1p3/ZgPvSUsCPuLq6AgAh7FW9HjAnrCfz6pGMUzid0pSA== =MrG/ -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Sep 14 17:31:46 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79C4A12B02F; Wed, 14 Sep 2016 17:31:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iu5oYymYTURi; Wed, 14 Sep 2016 17:31:40 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABC4F12B008; Wed, 14 Sep 2016 17:31:39 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id A57F32009E; Wed, 14 Sep 2016 20:44:17 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 8B30F6392D; Wed, 14 Sep 2016 20:31:36 -0400 (EDT) From: Michael Richardson To: anima-bootstrap , Kent Watsen , netconf@ietf.org X-Attribution: mcr X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: [Anima-bootstrap] comments on draft-kwatsen-netconf-ownership-voucher X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 00:31:41 -0000 --=-=-= Content-Type: text/plain Kent, I read the quick document you crafted yesterday. I think it captures most of what matters, thank you! module: ietf-ownership-voucher +--rw voucher +--rw assertion enumeration +--rw owner-id string +--rw unique-id* string +--rw created-on yang:date-and-time +--rw expires-on? yang:date-and-time +--rw nonce? string +--rw additional-data? I think that additional-data is probably undesireable. I think that we need to say that owner-id is actually a hash of public key. I don't think we can let it be a DN, as that implies some of connection to some PKI to verify it, and the only point is that we don't have anything that the vendor didn't burn in. I would appreciate an example mapped out in JSON. Could it really be a JWT? Do we already have such a mapping elsewhere? Is there any reason we couldn't use the JWT/rfc7519 notation, so that the mapping just works out? Maybe I'm missing the value of the YANG here. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9nr5YCLcPvd0N1lAQIGggf/TkK26gU4DI3xMIxvYBEOI69iPU3iHHX5 BFMQO16klDYe/RWf0N+bt8s70Z1xBY5POywmRRR/0koGWyWSvE3GZLGl5KFiwq70 mTYNPx2QVKFmyIvOvs9dGsQnXJ8ETXLLZIUsXaxx8hXKpHV4xD1GrTYH5AvDKGEX EulW5MoFr7umHswAo/nQgSypUK2EBCIBwz1KTFGpuVSklHbax714n0ndoURCi48K /5pyFL/qD+CCnFfF4DkP8jG5DiSrzkDzRaIJI2bz2hq999M96vN/3+7cG1VhHmOS fcOeD1/4xkI17npTf4bb7NrUUm746lGASI26A+B4mzLqdlU2wzZ2bg== =OziE -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Sep 14 17:55:48 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51DD612B0ED for ; Wed, 14 Sep 2016 17:55:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bcDAHsMummeA for ; Wed, 14 Sep 2016 17:55:44 -0700 (PDT) Received: from mail-pa0-x22d.google.com (mail-pa0-x22d.google.com [IPv6:2607:f8b0:400e:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8E6212B0D0 for ; Wed, 14 Sep 2016 17:55:44 -0700 (PDT) Received: by mail-pa0-x22d.google.com with SMTP id wk8so10328763pab.1 for ; Wed, 14 Sep 2016 17:55:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=Q9KSoMobUGunHnKTPVyT0QMOKIfoKa7jBD451QUgb1s=; b=JjGUbKHnzcwZ/feD24RGwMIJpWYD7dLJA2ZL6qEZxYV8VBIXTfmKI4n1YznyBgjb5y wP4lbugQYewfWe/KIDYw/tx6Oox8ZgLy0p0w2kL97igO33ReIATmw0W22pUUFy1w37BL RVX64mLP9iKCCz319DOYxWRgb3TUaKyHMk5URWozan3d6GYf3JuVcjKQwZ54B8imrhp7 aMluSH1uURvKytT/ytOaOF/lTWMCsovfg5ap5K6LYZu3naHC5JCHFGI32ad32cxv8iOU uE5pgFjv6pTkNDYtz67vU1tAMtn2YuFHsvLzp08ZZso5VHkHK8rgCWArkglFl/x8e7MH AM1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=Q9KSoMobUGunHnKTPVyT0QMOKIfoKa7jBD451QUgb1s=; b=h+XxUj1h322YjqHDJrqPF50HGJ76dugqcQ0G4K6VaIfcxUGgaj8dgXNoiOtyohFuyi QFTlNy9W47a7+r3gJynBQ/SR+5AeutQM8f5/I9QigVfQvknES4WQ9WiyRBR95N7uhpnu kvGs/gBGsTBK8exzIdLX/CxUwLl/8JEvH7k18nrLuIrhpVYAyx6NxMcLkA0uamZhtkL/ BxMHmJXHrWjLFc1oEB2ilxQgoZPo772TEvvMsBQQXmMaF9KYFdYc1WDmf2LkBgU88twE HKHUoi2OHrXKxeB+s/sJQr4QLTFUzrT7Ya8LcZnCAKYeVnIYhx0StTf7a2jyWc3e/uCw wGEA== X-Gm-Message-State: AE9vXwPBsu63OMVEdGFcwXhpgCUxS3SITB4JXOkL08fE4bPqNrhtaDa6LxoT7jNx18VLJw== X-Received: by 10.66.67.51 with SMTP id k19mr9713204pat.55.1473900944245; Wed, 14 Sep 2016 17:55:44 -0700 (PDT) Received: from [192.168.178.23] ([118.148.126.145]) by smtp.gmail.com with ESMTPSA id p73sm29534112pfj.35.2016.09.14.17.55.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Sep 2016 17:55:43 -0700 (PDT) To: Michael Richardson , anima-bootstrap References: <10796.1473897911@obiwan.sandelman.ca> From: Brian E Carpenter Organization: University of Auckland Message-ID: <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> Date: Thu, 15 Sep 2016 12:55:48 +1200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <10796.1473897911@obiwan.sandelman.ca> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 00:55:46 -0000 > I) The ANIMA cast list is as follows: > i) pledge is TCP-initiator, TLS-client, HTTP/EST client. > ii) registar is TCP-responder, TLS-server, EST server. Where's the proxy in that? And didn't we say we'd also have a COAP option? (That was my understanding in Berlin; hence the Python models that I sent yesterday.) Brian From nobody Wed Sep 14 18:00:40 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61CD212B107 for ; Wed, 14 Sep 2016 18:00:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZODknED-LKDD for ; Wed, 14 Sep 2016 18:00:37 -0700 (PDT) Received: from mail-pf0-x22a.google.com (mail-pf0-x22a.google.com [IPv6:2607:f8b0:400e:c00::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACF0012B0F7 for ; Wed, 14 Sep 2016 17:51:24 -0700 (PDT) Received: by mail-pf0-x22a.google.com with SMTP id z123so10839272pfz.2 for ; Wed, 14 Sep 2016 17:51:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=PUFFk1lmhQy8XJ9aqUPu0g6gpTLXIHwa+q4Aax67JfQ=; b=gcPBQYvkbg6nZVL1BvlPRdrozHS2li03BrwqYaGJjticKH7O3yU2uTGT+auq8V2r4i dv2kIYVM/Jp+5rbnrIHByDId980rMCpBssVm3AubmSb5CtsHwVLjimtanc3MzS82I99i W6d1o+59ETuUG58XL1tJ06VEM7DnItPG8NsFK1oEmDFOCzx2YaRSKBP1kDj7wUv3yU2Z O/pfOVeJnW11rzfoAHf56O6IV/cDPhu6lVw8RDANQsTf3fQYiaxxNgZ1B7KBVWfDGzsd OFSpwdcuxw6rbc2cQM2VSDagCDo2Y/G3sEiDJ01ty+IIPlw8oVGckSD61HEOVL/ygISP fc/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=PUFFk1lmhQy8XJ9aqUPu0g6gpTLXIHwa+q4Aax67JfQ=; b=RFlL6nWcUbEUWQiXGnuLczXolqO1GVZTiMF++iZlMCaKmG9Q/AY7lLknNh8eYWUNga 12EKDDll27QVPAh84Q5fTcbH/X/GTH3I53FcJD5WYFNKohRzmTBiR/T1I2sPnWzmUGDu gJEGbOQYGC4m0xHy6Be8q6V/yFAknCsGSDOPec2D2ojvXSgXQlDlAlhZ0+1QnF2rEQWW HW9CfKRyHrTqsn+kmbfo9qG82RDBcck7KxBAcHPZzJuMkq/usMNE9tfzlV0/rOiJMcb6 kwcH6YzDSAcP5oBeBmdqb48TPdt36L2njhcxdKomZHWaJFdxrtuUIsrF6NB4xUamAmyO zlfQ== X-Gm-Message-State: AE9vXwP8ZTzpxWVjVmfDsd6ZwlWzIGtYAfJjeO1SkK3LnkDEt5ZgH/XkXd4KrovMEy7s2Q== X-Received: by 10.98.51.131 with SMTP id z125mr9686692pfz.109.1473900683928; Wed, 14 Sep 2016 17:51:23 -0700 (PDT) Received: from [192.168.178.23] ([118.148.126.145]) by smtp.gmail.com with ESMTPSA id bm8sm529462pac.16.2016.09.14.17.51.21 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Sep 2016 17:51:22 -0700 (PDT) To: anima-bootstrap@ietf.org References: <16280.1473899496@obiwan.sandelman.ca> From: Brian E Carpenter Organization: University of Auckland Message-ID: <9eaf22f7-2bdf-e196-fd31-4df65590da4e@gmail.com> Date: Thu, 15 Sep 2016 12:51:27 +1200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <16280.1473899496@obiwan.sandelman.ca> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [Anima-bootstrap] comments on draft-kwatsen-netconf-ownership-voucher X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 01:00:39 -0000 On 15/09/2016 12:31, Michael Richardson wrote: > > Kent, I read the quick document you crafted yesterday. I think it captures > most of what matters, thank you! > > module: ietf-ownership-voucher > +--rw voucher > +--rw assertion enumeration > +--rw owner-id string > +--rw unique-id* string > +--rw created-on yang:date-and-time > +--rw expires-on? yang:date-and-time > +--rw nonce? string > +--rw additional-data? > > I think that additional-data is probably undesireable. > I think that we need to say that owner-id is actually a hash of public key. > I don't think we can let it be a DN, as that implies some of connection to > some PKI to verify it, and the only point is that we don't have anything > that the vendor didn't burn in. > > I would appreciate an example mapped out in JSON. How about CBOR diagnostic notation? Won't we want to represent things in CBOR at least as often as in JSON? > Could it really be a JWT? Do we already have such a mapping elsewhere? > Is there any reason we couldn't use the JWT/rfc7519 notation, so that the > mapping just works out? Maybe I'm missing the value of the YANG here. Generality? Brian From nobody Wed Sep 14 18:25:21 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E98412B111 for ; Wed, 14 Sep 2016 18:25:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R3y9CrbKn_Fa for ; Wed, 14 Sep 2016 18:25:18 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB5EC12B10E for ; Wed, 14 Sep 2016 18:25:17 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id E38C22009E; Wed, 14 Sep 2016 21:37:55 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id B36486392D; Wed, 14 Sep 2016 21:25:14 -0400 (EDT) From: Michael Richardson To: Brian E Carpenter In-Reply-To: <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> References: <10796.1473897911@obiwan.sandelman.ca> <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Cc: anima-bootstrap Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 01:25:20 -0000 --=-=-= Content-Type: text/plain Brian E Carpenter wrote: >> I) The ANIMA cast list is as follows: >> i) pledge is TCP-initiator, TLS-client, HTTP/EST client. >> ii) registar is TCP-responder, TLS-server, EST server. > Where's the proxy in that? And didn't we say we'd also have a COAP option? The proxy is in between, but doesn't provide functions above layer-3ish. I ommited it for clarity :-) -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9n4d4CLcPvd0N1lAQLQTQf+PnF51IajAkVlzXl+io0m/AQA45Ca0ita Py/WxLBPy2oBhN8HiDP3UjvF3WPVxLnq9rEO+6rQJrSi8/6lfoLqUHD0/HhJ2Uks n2NhPTb7QfzQBnNpnZrYAIiRncTn8xfew91rNvuUl+8ISVRatgg18QLPkAK+fMJR 9/hCJsAmcgLfFJEy5Cu0yJAanvDiXR16YAW1AGAVAMA6f4Qw1AuuKomtlseCtgJY QZ3EwVStxtvi1veqCdhIXdVdxatdGkX62lnVYaGc1N7w79pl7BwzVHDh3qVtjXQs pHIbSZlMPrFW3RV+bTdKXEo6rtkS/oDr4MDmRVjFhUkLrPUAuzdHEw== =x/Ww -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Sep 14 18:32:30 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23E1912B122 for ; Wed, 14 Sep 2016 18:32:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.388 X-Spam-Level: X-Spam-Status: No, score=-2.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XSVNdlnN2lOV for ; Wed, 14 Sep 2016 18:32:27 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AC7B12B129 for ; Wed, 14 Sep 2016 18:32:27 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 87C952009E for ; Wed, 14 Sep 2016 21:45:05 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 4D9E16392D for ; Wed, 14 Sep 2016 21:32:24 -0400 (EDT) From: Michael Richardson cc: anima-bootstrap In-Reply-To: <10796.1473897911@obiwan.sandelman.ca> References: <10796.1473897911@obiwan.sandelman.ca> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 01:32:29 -0000 --=-=-= Content-Type: text/plain Michael Richardson wrote: > We had some significant discussions about the advantage of the NETCONF > "call-home" role reversal, and explained in this time sequence diagram that > has the TCP and TLS activities: ... > It was noting: By flipping the TLS connection the handshake works out nicely > in our favor: the TLSCertificate payload is the 802.1AR cert and then > *after* it is authenticated the client could respond with the ownership > voucher cert assuming the necessary extension could be defined. having just read more TLS1.3 stuff... ADDITIONALLY, TLS 1.3 is much more IKEv2 like, in that it does privacy first using an optional DH, and the client is expected to guess what the server wants, and if it gets it wrong, the server will use HelloRetryRequest to tell it what it wants. So by reversing the things, we remove a bunch of guessing on the part of the new pledge, and let the Registrar deal with supporting all ciphers/groups under the sun, with the new pledge being deployed with only the latest useful things (plus whatever gets defined as SHOULD+). -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9n6JYCLcPvd0N1lAQIGTwf9HB69SLvshfAgqcY9topEymt+v5z54/jw SCUCyjya8TIPBTEJ3sapry0fi7cgOOdp5Z80mM5M+dY9aJ0CdznILweKP2B7Hegt dl4THS0nm2jUfN3531FN444FaGABCv90m6JyghpYPxzQvMdGCHhlg7XAqGKjTQ3L O4hw2h0TwR7DF5GlAbdcC43Oc63cYEPQLywIgc0Sw2O7awyOvdMa2OEZstBYztZq mlqKDJIZILQk8tGgnuOOtLXR/ba5KmqG8rkQ60vZIGq3pbQv/e2qncLO5DyJHP8q aWBALPxx7U6wgEy13u+0hM09qM9fOVEd7aURIDoNNQuz45fz3c965A== =nbyW -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Sep 14 18:54:07 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1CA712B122 for ; Wed, 14 Sep 2016 18:54:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XZ84ICGA2QgB for ; Wed, 14 Sep 2016 18:54:03 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DF4312B0E4 for ; Wed, 14 Sep 2016 18:54:03 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id D83902009E for ; Wed, 14 Sep 2016 22:06:43 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 90A446392D for ; Wed, 14 Sep 2016 21:54:02 -0400 (EDT) From: Michael Richardson To: anima-bootstrap X-Attribution: mcr X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: [Anima-bootstrap] on using TLS Authorization Extension (RFC5878) for ownership voucher transfer X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 01:54:06 -0000 --=-=-= Content-Type: text/plain I gave myself the homework: ACTION ITEM for MCR: Can we use RFC5878 (SAML) to replace ownership / auth token extension need? RFC5878 defines the: Transport Layer Security (TLS) Authorization Extensions Abstract This document specifies authorization extensions to the Transport Layer Security (TLS) Handshake Protocol. Extensions are carried in the client and server hello messages to confirm that both parties support the desired authorization data types. Then, if supported by both the client and the server, authorization information, such as attribute certificates (ACs) or Security Assertion Markup Language (SAML) assertions, is exchanged in the supplemental data handshake message. As it says, in this document we methods to transfer PKIX ACs, and SAML assertions are defined. In other documents: RFC 6042 Transport Layer Security (TLS) Authorization Using KeyNote RFC 7562 Transport Layer Security (TLS) Authorization Using Digital Transmission Content Protection (DTCP) Certificates RFC 6406 Session PEERing for Multimedia INTerconnect (SPEERMINT) Architecture (but, I can't figure out why it is referenced) (as well as TLS1.3 and an IANA update document) My opinion is that we don't want to go the direction of ASN.1 based ACs. I looked over SAML again, and I think that more XML is also not something we want. If you looking for SAML docs: https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf Keynote can do what we want, but it will require a unique parser for this RFC822-like format. That may well be reuseable code on some platforms though. (Given SIP, HTTP, etc. also use that format). It is already defined, and I think has some deployment (still checking though) JSON Web Tokens do very much what we want. Writing a draft to say how to put them into a TLS Authorization Extension would be pretty short, 6042 is very short and simple. The IANA registry is "Specification Required", and JWT is quite active, so I think it would be quick. (I have BCC'ed Mike Jones, but I don't think he needs replies too) In addition, we would need to define a claim for JWT to say "ownership", it would look something like: { "iss": "http://manufacturer.example.com/", "sub": "http://network.operator.example.net/", <- really HASH "aud": "device:12345678", <- device specific "owned_by":true <- something we'd have to register. } which then gets base64 encoded and signed according to the JSON Web Signature. It could alternatively be encrypted for privacy. ======= HOWEVER. RFC5878's Security Consideration section notes two issues with this extension, which is that the ownership voucher would be passed in the clear. For signed objects which mention the network which will own the device, this is a privacy problem only. For bearer tokens, this is a big problem as it would disclose the bearer token to third parties. 5878 suggests doing an initial TLS handshake, relying upon the privacy provide, and then rekeying with the extensions. If both ends needed authorization extensions to function, then the first TLS handshake would be trivially man-in-the-middle attacked. Fortunately in our case, regardless of whether which direction initiates, the pledge can be authenticated to the registrar using the Manufacturer Installed Certificate. Here is a state diagram from 5878, annotated a bit. 0 - no confidentiality. 1 - confidentiality+authentication by pledge certificate only. 2 - full authentication. I added in the middle, essentially, we have the exact same provisional state that we had before!!! Except that it's a potentially buried in the TLS state machine, rather than in the application state machine, and again, this only matters if we want to support bearar tokens. I think that bearer tokens are useful. They would be things obtained from a QR code on the side of package for instance. Putting an ownership token is not the only way to use that, it could also just be PSK. I've looked through TLS1.3, and while the extension would be encrypted in 1.3, it would be sent by the peer prior to that peer verifying the Finished message which authenticates that peer. We could send the extension afterwards, but then we still wind up with a "provisional" state of some kind. Again, possibly it will all be down in the TLS state machine. Client Server ClientHello (no extensions) --------> |0 ServerHello (no extensions) |0 Certificate* |0 ServerKeyExchange* |0 CertificateRequest* |0 <-------- ServerHelloDone |0 Certificate* |0 ClientKeyExchange |0 CertificateVerify* |0 [ChangeCipherSpec] |0 Finished --------> |1 [ChangeCipherSpec] |0 <-------- Finished |1 { THIS IS PROVISIONAL STATE!!!! } ClientHello (w/ extensions) --------> |1 ServerHello (w/ extensions) |1 SupplementalData (w/ authz data)* |1 Certificate* |1 ServerKeyExchange* |1 CertificateRequest* |1 <-------- ServerHelloDone |1 SupplementalData (w/ authz data)* |1 Certificate* |1 ClientKeyExchange |1 CertificateVerify* |1 [ChangeCipherSpec] |1 Finished --------> |2 [ChangeCipherSpec] |1 <-------- Finished |2 Here is some thinking about flipped, with a MITM marked for TLS 1.2. PLEDGE REGISTRAR <--MITM-- ClientHello (w/ extensions) ServerHello (no extensions) ---MITM-> Certificate (IDevID) ServerKeyExchange* (DH) CertificateRequest ServerHelloDone -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9n/N4CLcPvd0N1lAQLfuAf9Hw7cPOoAB3g2wnL3RSM9oxYnAPeRdcLm oSbjBcydwG0Z2K5VWsNKUs4A0BdFBGapVtYDGIfbK+WNmmAHdeW/wkwe6ejGN8Sy 3pq5TQPwxjIZHLlP+5LLG9DDdTxC7m9OGHwE/HuJHUFfTE8UZ0DSqgKN8UelXAyy OOddKJKmlxpaA917pDABcwiRoQ4lMf+l0KSQWmpsQdrna6BJqveFiJqdvUmD9vmd zfmYTpduHBqmp4RFS8GovqcZwAaCVplaRBPwYpINWU89JtCfqyvnNsJVRQzQ2hZu dEqjtJ7fv5ON12exu2R5iitvCuvQXOpcW3+aVVQCg2cng0sG/oDmZA== =TFCf -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Sep 14 18:54:49 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3205D12B05F for ; Wed, 14 Sep 2016 18:54:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eEhEUFcAwFI0 for ; Wed, 14 Sep 2016 18:54:47 -0700 (PDT) Received: from mail-pf0-x231.google.com (mail-pf0-x231.google.com [IPv6:2607:f8b0:400e:c00::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4145E12B03F for ; Wed, 14 Sep 2016 18:54:46 -0700 (PDT) Received: by mail-pf0-x231.google.com with SMTP id p64so11307288pfb.1 for ; Wed, 14 Sep 2016 18:54:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=YFScUP/9IKSw0zKzXYKRRLuqCrFmxguVs048+ryKPOU=; b=MnvRop7hiwDd4JTt9QRjP5R5d4cPxlo7l/1UwkkElwQDC0UADo+2GT91BUF6SZqysa MSlFvh41dSgZDwyriLrPAdtBvCeRQ6zq3bPMPTgQD8or7zzBhJf13VCbTGUxQPd0p0Hf IZSvqyvL/jsq+O04tWOjn9Qpx9xipN5fpuLkB7ybpy696zzAOhAjfjfVfsTZmtSBZWky uGndzOgnO9hQHmwatuZw/OaMZaj93YNSRBpjN+q5i99RFYP38QQPy/1luuh45a+uzkHA pSS9vS7pGyv+eqb4EgGQ4pYqajRhX0gUjWe4zviWzHjdbX0fayRi+RWl5gF3QMSHYkrq o5+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=YFScUP/9IKSw0zKzXYKRRLuqCrFmxguVs048+ryKPOU=; b=bj1bqv4gPFOg/6S5LTE1oGc/52MuqXlkD37A47hzUdv9cZfDN3ovmBdroxSQnyASuU a5rU3KzGZYjWHO1OZaIS359rPk1tCagt+6jxgvKraQOb4bWzDLliFnD8udI3svHBbEO2 +xHnC2DNjtUtpUz8fiKWW6wRuXzmCtSSUpG0MTt7got973mQYCssjjFA8OC8nTUmVBTr O3gf4rV9+h1nZxwoZHDh/SgRqiJsQeDYRUqpMtyX6S+/W8OMFGH9zUDl/lXQ1Ma++DUI ViRclD6fziJbi/J55PK1AaO6iOgDCZ7ffXaitH7VLuU8WwKPGdWv4pdgZnk3dfEJ4y3y hcYg== X-Gm-Message-State: AE9vXwOOboG457Pon+YjDD/7IYECrfjSVTTcR2YKs/aibfZK1YqYsWcJc36i/wx8vHIxzA== X-Received: by 10.98.78.138 with SMTP id c132mr10113135pfb.67.1473904485525; Wed, 14 Sep 2016 18:54:45 -0700 (PDT) Received: from [192.168.178.23] ([118.148.126.145]) by smtp.gmail.com with ESMTPSA id e187sm40744864pfa.58.2016.09.14.18.54.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Sep 2016 18:54:44 -0700 (PDT) To: Michael Richardson References: <10796.1473897911@obiwan.sandelman.ca> <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> <28340.1473902714@obiwan.sandelman.ca> From: Brian E Carpenter Organization: University of Auckland Message-ID: <05ae8cf7-3924-c5f0-e65b-fcf18a4e0b6d@gmail.com> Date: Thu, 15 Sep 2016 13:54:49 +1200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <28340.1473902714@obiwan.sandelman.ca> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Cc: anima-bootstrap Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 01:54:49 -0000 On 15/09/2016 13:25, Michael Richardson wrote: > > Brian E Carpenter wrote: > >> I) The ANIMA cast list is as follows: > >> i) pledge is TCP-initiator, TLS-client, HTTP/EST client. > >> ii) registar is TCP-responder, TLS-server, EST server. > > > Where's the proxy in that? And didn't we say we'd also have a COAP option? > > The proxy is in between, but doesn't provide functions above layer-3ish. > I ommited it for clarity :-) OK. But layer 4 probably - it seems likely that we would terminate a TLS session at the proxy and make another one between the proxy and the registrar. (That's the bit I *didn't* model in my Python demos.) Brian From nobody Thu Sep 15 05:52:33 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E240212B5A5 for ; Thu, 15 Sep 2016 05:52:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W7J1ha4hn-rW for ; Thu, 15 Sep 2016 05:52:30 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD3AE12B54D for ; Thu, 15 Sep 2016 05:49:35 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id E5ED8E1D6; Thu, 15 Sep 2016 09:02:17 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 169AE6392C; Thu, 15 Sep 2016 08:49:35 -0400 (EDT) From: Michael Richardson To: Brian E Carpenter In-Reply-To: <05ae8cf7-3924-c5f0-e65b-fcf18a4e0b6d@gmail.com> References: <10796.1473897911@obiwan.sandelman.ca> <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> <28340.1473902714@obiwan.sandelman.ca> <05ae8cf7-3924-c5f0-e65b-fcf18a4e0b6d@gmail.com> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Cc: anima-bootstrap Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 12:52:32 -0000 --=-=-= Content-Type: text/plain Brian E Carpenter wrote: >> Brian E Carpenter wrote: >> >> I) The ANIMA cast list is as follows: >> >> i) pledge is TCP-initiator, TLS-client, HTTP/EST client. >> >> ii) registar is TCP-responder, TLS-server, EST server. >> >> > Where's the proxy in that? And didn't we say we'd also have a COAP option? >> >> The proxy is in between, but doesn't provide functions above layer-3ish. >> I ommited it for clarity :-) > OK. But layer 4 probably - it seems likely that we would terminate a TLS > session at the proxy and make another one between the proxy and the > registrar. (That's the bit I *didn't* model in my Python demos.) No, we don't want to do that for a number of reasons: In no particular order: 1) The proxy isn't trusted, and doesn't know how to trust the pledge. While it has a local domain certificate, it has no knowledge about the Manufacturer Installed Certificate (the IDevID) that the pledge provides. The pledge has no way to trust the proxy: this is what the ownership voucher is for (and causes us some challenge to get right), and I don't think we want to extend the trust conveyed by the ownership voucher to the network operator, transitively, to all of the operators' machines. 2) The proxy may not have resources to terminate a possibly large number of TLS connections. We want to make being a proxy as inexpensive as possible, particularly given that this function (along with the rest of the ACP processing) likely resides on a control plane CPU. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9qY24CLcPvd0N1lAQLbvggAu5tM7K1nSU2ZV4Jmx0Dv3NO3Tw/sUzcY AMQJ1cIXL9SggQzNP8DQ/T6Og0MuVt0FZbBFyb33DMC4sGsiYQH+rFmPJaNnxOIJ VRf6AW7a370xom+7y/Z4URdNsT4l4hWmd0jIEIm221laT1mMlpdQ1rTx4BAlBThb ftjVLGxbLJcPOwCNM2afJvxEQvZlID19HjubrifgyHOiIH+TVA1mX8VOcygYyLLb 1H1htCoZUmY2ETp5Fp5kGR2YBEg3nDChmQ/aaFow1V42TtKveWlesWdGrfxlcdP3 QFXRmbVGIFkU22F5IpXkDZRDWgNtak8IhW/QcXINfTRJSfZI7L0Z1w== =3u7J -----END PGP SIGNATURE----- --=-=-=-- From nobody Thu Sep 15 13:13:10 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC01012B0CB for ; Thu, 15 Sep 2016 13:13:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8jhWT-Prbf3Y for ; Thu, 15 Sep 2016 13:13:07 -0700 (PDT) Received: from mail-pf0-x232.google.com (mail-pf0-x232.google.com [IPv6:2607:f8b0:400e:c00::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C0A112B023 for ; Thu, 15 Sep 2016 13:13:07 -0700 (PDT) Received: by mail-pf0-x232.google.com with SMTP id p64so19882287pfb.1 for ; Thu, 15 Sep 2016 13:13:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=P3DqH4EriRJnlLeUpHR6742wOrUeFs+9ufw9V5wCCTc=; b=VkBBs8n9sryQzFXbnk4M6E6VEwXGu3YzwH9lOzP2zPD2n7TUehn8IcME0Dr0y4UePa sFQqBphrqhv5pdwpoWZ5efL0y0K2SobCoXUCwUQZMyAaVIJ/lKWRJpyTzEDXfVrmhGFD 5HuSPSWcJn9YLRmByoInxSUiVDbn9WwOWaZ6I10O93+UgyTyQsH71wbCY3r8iphS7YUQ 7937dHo1dLrDV2tbUUv7C19MBicf5ySbZG1m5K/LUeAtqT0fw8dziVawwf1XqxI6i5YQ Y1xy0Xm0rhRmwUQQHEafZw88NkG9QiIhARVOmiJYailtaWIkRtZ5/xoZg81upLytEDyQ s0Sw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=P3DqH4EriRJnlLeUpHR6742wOrUeFs+9ufw9V5wCCTc=; b=TykyBwPnusPlsWarcTltxbRMBO2Nir88u/skWhPlYMxzc5auCKPhdN0FlPJ6obRq37 6iqGYHd3B2XsFRw5i8gEeJ7/7L3SiCyW7hY4PhEtQ3IXt1tKLo5P8t+ZQnPJsiwDbVw5 TKDSF4RAR+77qcX0JW9y2G6KHzXnJEWFQdmk/C0DMLTeNtEjnjeqOy1fFn6wqTwWPgMz egOm1RlyMNNb8tH5AJnAQjy29piB3KNi5fQHHQP7MU6OkyaFiLQuCxmlsTwmrrjNyclf b86O4uN+S02ia1gaYbXXd/0yMA1v4aE4WMu9+9TCcnddm1t1YWB6U/nnKtBuyeymjstQ CliQ== X-Gm-Message-State: AE9vXwN5Htk2bjdhIoyx+P1aHrRQNUYRvzkGd+S+eDIszs74GX9MfQAyTwGYGDTMgyHwKg== X-Received: by 10.98.93.204 with SMTP id n73mr17386765pfj.87.1473970386514; Thu, 15 Sep 2016 13:13:06 -0700 (PDT) Received: from [192.168.178.23] ([118.148.71.236]) by smtp.gmail.com with ESMTPSA id gm1sm1145030pac.2.2016.09.15.13.13.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Sep 2016 13:13:05 -0700 (PDT) To: Michael Richardson References: <10796.1473897911@obiwan.sandelman.ca> <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> <28340.1473902714@obiwan.sandelman.ca> <05ae8cf7-3924-c5f0-e65b-fcf18a4e0b6d@gmail.com> <11222.1473943775@obiwan.sandelman.ca> From: Brian E Carpenter Organization: University of Auckland Message-ID: <82575003-5339-c171-5cbb-1db8e4006f2f@gmail.com> Date: Fri, 16 Sep 2016 08:13:10 +1200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <11222.1473943775@obiwan.sandelman.ca> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Cc: anima-bootstrap Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Sep 2016 20:13:09 -0000 On 16/09/2016 00:49, Michael Richardson wrote: > > Brian E Carpenter wrote: > >> Brian E Carpenter wrote: > >> >> I) The ANIMA cast list is as follows: > >> >> i) pledge is TCP-initiator, TLS-client, HTTP/EST client. > >> >> ii) registar is TCP-responder, TLS-server, EST server. > >> > >> > Where's the proxy in that? And didn't we say we'd also have a COAP option? > >> > >> The proxy is in between, but doesn't provide functions above layer-3ish. > >> I ommited it for clarity :-) > > > OK. But layer 4 probably - it seems likely that we would terminate a TLS > > session at the proxy and make another one between the proxy and the > > registrar. (That's the bit I *didn't* model in my Python demos.) > > No, we don't want to do that for a number of reasons: So, accepting those reasons, if (for example) we do the first suggestion in draft-richardson-anima-state-for-joinrouter-01: "3.1. method 1: Circuit Proxy method In response to discovery, the circuit proxy would return a link-local address on the joining router. The joining router would have a TCP (or UDP/CoAP) port open on that interface. It would accept connections on that port, and would turn around and create a new TCP connection to the registrar." Can TLS just ride over such a relayed TCP connection? And so on for the other models in anima-state-for-joinrouter. I do think this needs to be resolved before we can say the model is complete. Brian > > In no particular order: > > 1) The proxy isn't trusted, and doesn't know how to trust the pledge. > > While it has a local domain certificate, it has no knowledge about the > Manufacturer Installed Certificate (the IDevID) that the pledge provides. > > The pledge has no way to trust the proxy: this is what the ownership > voucher is for (and causes us some challenge to get right), and I don't > think we want to extend the trust conveyed by the ownership voucher to the > network operator, transitively, to all of the operators' machines. > > 2) The proxy may not have resources to terminate a possibly large number of TLS > connections. We want to make being a proxy as inexpensive as possible, > particularly given that this function (along with the rest of the ACP > processing) likely resides on a control plane CPU. > > > > > -- > Michael Richardson , Sandelman Software Works > -= IPv6 IoT consulting =- > > > From nobody Fri Sep 16 08:47:22 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED44212B2A3 for ; Fri, 16 Sep 2016 08:47:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.409 X-Spam-Level: X-Spam-Status: No, score=-3.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x3XFSx7xxA_7 for ; Fri, 16 Sep 2016 08:47:20 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4916012B29D for ; Fri, 16 Sep 2016 08:47:20 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 74207203B0; Fri, 16 Sep 2016 12:00:05 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id D145C6392C; Fri, 16 Sep 2016 11:47:18 -0400 (EDT) From: Michael Richardson To: Brian E Carpenter In-Reply-To: <82575003-5339-c171-5cbb-1db8e4006f2f@gmail.com> References: <10796.1473897911@obiwan.sandelman.ca> <1521461d-b050-8dcb-fd75-de846fa23a85@gmail.com> <28340.1473902714@obiwan.sandelman.ca> <05ae8cf7-3924-c5f0-e65b-fcf18a4e0b6d@gmail.com> <11222.1473943775@obiwan.sandelman.ca> <82575003-5339-c171-5cbb-1db8e4006f2f@gmail.com> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Cc: anima-bootstrap Subject: Re: [Anima-bootstrap] DRAFT minutes up to 2016-09-13 X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Sep 2016 15:47:22 -0000 --=-=-= Content-Type: text/plain Brian E Carpenter wrote: >> Brian E Carpenter wrote: >> >> Brian E Carpenter wrote: >> >> >> I) The ANIMA cast list is as follows: >> >> >> i) pledge is TCP-initiator, TLS-client, HTTP/EST client. >> >> >> ii) registar is TCP-responder, TLS-server, EST server. >> >> >> >> > Where's the proxy in that? And didn't we say we'd also have a COAP option? >> >> >> >> The proxy is in between, but doesn't provide functions above layer-3ish. >> >> I ommited it for clarity :-) >> >> > OK. But layer 4 probably - it seems likely that we would terminate a TLS >> > session at the proxy and make another one between the proxy and the >> > registrar. (That's the bit I *didn't* model in my Python demos.) >> >> No, we don't want to do that for a number of reasons: > So, accepting those reasons, if (for example) we do the first > suggestion in draft-richardson-anima-state-for-joinrouter-01: > "3.1. method 1: Circuit Proxy method > In response to discovery, the circuit proxy would return a link-local > address on the joining router. The joining router would have a TCP > (or UDP/CoAP) port open on that interface. It would accept > connections on that port, and would turn around and create a new TCP > connection to the registrar." > Can TLS just ride over such a relayed TCP connection? Yes, the circuit proxy plugs two layer-4s together. TLS is a "layer-5" here. It just goes through, unexamined, by the proxy. > And so on for the other models in anima-state-for-joinrouter. I do > think this needs to be resolved before we can say the model is complete. > Brian -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV9wUBICLcPvd0N1lAQLHJggAp9LGH0yIeRpRgr6t6dOfWX86YHZfNuia Kj3fZYammx2m8uDya4tCp245XtLeCz0L11dgVn9qijQDAt2Vlv39cdk3dAPAuS5d XqLY8jLQY57vhhhvDCbGfBJxzgFT7502SFdiSpRjEx0wIkDQSAl6CIIQt++o1DLS SowB8DwSvlaWYghT7ltzmrzeBtWO+DMX/22uo2rAT5PaEntq885vujNT4GFok6fJ KBC/IB4aIXqZdnKuYgQFGJINqviI0EPqdFlpFY8K3zgYrKt7jF5AUY8MMAUz6sRU y5I9kX5rb9pez5gZzDdjonD0Dlq/lHmfxD1pJ5Ns1+V3E53Cc2brag== =FFOI -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Sep 20 08:38:51 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59E8F12B380 for ; Tue, 20 Sep 2016 08:38:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.836 X-Spam-Level: X-Spam-Status: No, score=-16.836 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aqE7NQITL3qL for ; Tue, 20 Sep 2016 08:38:43 -0700 (PDT) Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0238D12B79A for ; Tue, 20 Sep 2016 08:34:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7796; q=dns/txt; s=iport; t=1474385668; x=1475595268; h=from:to:subject:date:message-id:mime-version; bh=MZzkMgyHWGocqtBEsSstyzUyaYLT39g6wX3jggoBzZg=; b=jcjA4QwSTm80G7A6hHTJg5dRAetnk4YHFFsb8m6R0457CvmAP7DUzb+7 E9xgdRFTlm72jkZsG5QsuhVvFqmrMxc1g9o8khS8dJNnRy8pPOFXbMAkk nAzV0ZmnQtAB3blG+s2FMp9dDDOaXCy0VN9xpkoRKnsAt2AC+qzuyUMDJ 4=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AFAAAMVuFX/5tdJa1EFwMZAQEBAQEBA?= =?us-ascii?q?QEBAQEHAQEBAQGDOwEBAQEBHld8B4QsiQCpM4IPgR0FYiaFGV8egUU4FAECAQE?= =?us-ascii?q?BAQEBAV4nhGYCI0MhBAE0BAwGAgQZFyQCAQQBGohCDi2vXYUVh0EBAQEBAQEBA?= =?us-ascii?q?QIBAQEBAQEBAQEQDgWPDi0mCiYHgjSCWgWZcQGGJYYDgy6BdRc3hBWJGAKHAol?= =?us-ascii?q?cAR42gxgbgQVLcgGGaH8BAQE?= X-IronPort-AV: E=Sophos;i="5.30,368,1470700800"; d="scan'208";a="149218375" Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Sep 2016 15:34:28 +0000 Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id u8KFYSX8029969 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 20 Sep 2016 15:34:28 GMT Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 20 Sep 2016 10:34:26 -0500 Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Tue, 20 Sep 2016 10:34:26 -0500 From: "Max Pritikin (pritikin)" To: "mcr+ietf@sandelman.ca" , "leo.liubing@huawei.com" , "brian.e.carpenter@gmail.com" , "Jason Coleman (colemaj)" , "Michael Behringer (mbehring)" , "anima-bootstrap@ietf.org" , "alper.yegin@yegin.org" , "tte+anima@cs.fau.de" , "ietf@sandeep.de" , "jiangsheng@huawei.com" , "kwatsen@juniper.net" Thread-Topic: UPDATE: Weekly anima-bootstrap meeting Thread-Index: AdIIjJyVsl3sxGXZtESwhir0RfpNbw== Date: Tue, 20 Sep 2016 15:34:26 +0000 Message-ID: <35974519e85648f9b5370107ccb95568@XCH-ALN-013.cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.99.106.4] Content-Type: multipart/alternative; boundary="_002_35974519e85648f9b5370107ccb95568XCHALN013ciscocom_" MIME-Version: 1.0 Archived-At: Subject: [Anima-bootstrap] UPDATE: Weekly anima-bootstrap meeting X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Sep 2016 15:38:48 -0000 --_002_35974519e85648f9b5370107ccb95568XCHALN013ciscocom_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable This replaces the ongoing bootstrap design team standing meeting. It should= be at the same time etc. Just a new webex link. This recurring meeting ter= minates at the Seoul meeting (at which point we can reschedule). Etherpad: http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceFont= =3Dtrue (note typo in boostrapping) =97=97=97 -- Do not delete or change any of the following text. -- Join WebEx meeting Meeting number: 201 064 739 Meeting password: arWidrPz (27943779 from phones) If you are a host, go here to view host information. Join by phone +1-408-525-6800 Call-in toll number (US/Canada) +1-866-432-9903 Call-in toll-free number (US/Canada) Access code: 201 064 739 Global call-in numbers | Toll-free calling restric= tions Can't join the meeting? Contact support. IMPORTANT NOTICE: Please note that this WebEx service allows audio and othe= r information sent during the session to be recorded, which may be discover= able in a legal matter. By joining this session, you automatically consent = to such recordings. If you do not consent to being recorded, discuss your c= oncerns with the host or do not join the session..= --_002_35974519e85648f9b5370107ccb95568XCHALN013ciscocom_ Content-Type: text/calendar; charset="utf-8"; method=REQUEST Content-Transfer-Encoding: base64 QkVHSU46VkNBTEVOREFSDQpNRVRIT0Q6UkVRVUVTVA0KUFJPRElEOk1pY3Jvc29mdCBFeGNoYW5n ZSBTZXJ2ZXIgMjAxMA0KVkVSU0lPTjoyLjANCkJFR0lOOlZUSU1FWk9ORQ0KVFpJRDpNb3VudGFp biBTdGFuZGFyZCBUaW1lDQpCRUdJTjpTVEFOREFSRA0KRFRTVEFSVDoxNjAxMDEwMVQwMjAwMDAN ClRaT0ZGU0VURlJPTTotMDYwMA0KVFpPRkZTRVRUTzotMDcwMA0KUlJVTEU6RlJFUT1ZRUFSTFk7 SU5URVJWQUw9MTtCWURBWT0xU1U7QllNT05USD0xMQ0KRU5EOlNUQU5EQVJEDQpCRUdJTjpEQVlM SUdIVA0KRFRTVEFSVDoxNjAxMDEwMVQwMjAwMDANClRaT0ZGU0VURlJPTTotMDcwMA0KVFpPRkZT RVRUTzotMDYwMA0KUlJVTEU6RlJFUT1ZRUFSTFk7SU5URVJWQUw9MTtCWURBWT0yU1U7QllNT05U SD0zDQpFTkQ6REFZTElHSFQNCkVORDpWVElNRVpPTkUNCkJFR0lOOlZFVkVOVA0KT1JHQU5JWkVS O0NOPU1heCBQcml0aWtpbiAocHJpdGlraW4pOk1BSUxUTzpwcml0aWtpbkBjaXNjby5jb20NCkFU VEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRS VUU7Q049bWNyK2lldGZAcw0KIGFuZGVsbWFuLmNhOk1BSUxUTzptY3IraWV0ZkBzYW5kZWxtYW4u Y2ENCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtS U1ZQPVRSVUU7Q049bGVvLmxpdWJpbg0KIGdAaHVhd2VpLmNvbTpNQUlMVE86bGVvLmxpdWJpbmdA aHVhd2VpLmNvbQ0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9TkVFRFMt QUNUSU9OO1JTVlA9VFJVRTtDTj1icmlhbi5lLmNhDQogcnBlbnRlckBnbWFpbC5jb206TUFJTFRP OmJyaWFuLmUuY2FycGVudGVyQGdtYWlsLmNvbQ0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBB TlQ7UEFSVFNUQVQ9TkVFRFMtQUNUSU9OO1JTVlA9VFJVRTtDTj1KYXNvbiBDb2xlDQogbWFuIChj b2xlbWFqKTpNQUlMVE86Y29sZW1hakBjaXNjby5jb20NCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJ Q0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049TWljaGFlbCBCZQ0KIGhy aW5nZXIgKG1iZWhyaW5nKTpNQUlMVE86bWJlaHJpbmdAY2lzY28uY29tDQpBVFRFTkRFRTtST0xF PVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1UUlVFO0NOPWFuaW1h LWJvb3QNCiBzdHJhcEBpZXRmLm9yZzpNQUlMVE86YW5pbWEtYm9vdHN0cmFwQGlldGYub3JnDQpB VFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1U UlVFO0NOPWFscGVyLnllZ2kNCiBuQHllZ2luLm9yZzpNQUlMVE86YWxwZXIueWVnaW5AeWVnaW4u b3JnDQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047 UlNWUD1UUlVFO0NOPXR0ZSthbmltYUANCiBjcy5mYXUuZGU6TUFJTFRPOnR0ZSthbmltYUBjcy5m YXUuZGUNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElP TjtSU1ZQPVRSVUU7Q049aWV0ZkBzYW5kZQ0KIGVwLmRlOk1BSUxUTzppZXRmQHNhbmRlZXAuZGUN CkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQ PVRSVUU7Q049amlhbmdzaGVuZw0KIEBodWF3ZWkuY29tOk1BSUxUTzpqaWFuZ3NoZW5nQGh1YXdl aS5jb20NCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElP TjtSU1ZQPVRSVUU7Q049a3dhdHNlbkBqdQ0KIG5pcGVyLm5ldDpNQUlMVE86a3dhdHNlbkBqdW5p cGVyLm5ldA0KREVTQ1JJUFRJT047TEFOR1VBR0U9ZW4tVVM6VGhpcyByZXBsYWNlcyB0aGUgb25n b2luZyBib290c3RyYXAgZGVzaWduIHRlYW0gDQogc3RhbmRpbmcgbWVldGluZy4gSXQgc2hvdWxk IGJlIGF0IHRoZSBzYW1lIHRpbWUgZXRjLiBKdXN0IGEgbmV3IHdlYmV4IGxpbmsNCiAuIFRoaXMg cmVjdXJyaW5nIG1lZXRpbmcgdGVybWluYXRlcyBhdCB0aGUgU2VvdWwgbWVldGluZyAoYXQgd2hp Y2ggcG9pbnQgdw0KIGUgY2FuIHJlc2NoZWR1bGUpLlxuXG5cbkV0aGVycGFkOlxuaHR0cDovL2V0 aGVycGFkLnRvb2xzLmlldGYub3JnOjkwMDAvcC9hDQogbmltYS1ib29zdHJhcHBpbmc/dXNlTW9u b3NwYWNlRm9udD10cnVlXG4obm90ZSB0eXBvIGluIGJvb3N0cmFwcGluZylcblxuXG4NCiDigJTi gJTigJRcblxuXG5cblxuXG5cbi0tIERvIG5vdCBkZWxldGUgb3IgY2hhbmdlIGFueSBvZiB0aGUg Zm9sbG93aW5nIHRleA0KIHQuIC0tXG5cblxuSm9pbiBXZWJFeCBtZWV0aW5nPGh0dHBzOi8vY2lz Y28ud2ViZXguY29tL2Npc2Nvc2FsZXMvai5waHA/TVRJDQogRD1tYTA2M2Q5ZWZlZWRlNjY4NjU4 ZTc1ZTYzZDg3NzAwNWY+XG5NZWV0aW5nIG51bWJlcjogMjAxIDA2NCA3Mzlcbk1lZXRpbmcNCiAg cGFzc3dvcmQ6IGFyV2lkclB6ICgyNzk0Mzc3OSBmcm9tIHBob25lcylcblxuXG5JZiB5b3UgYXJl IGEgaG9zdFwsIGdvIGhlcg0KIGU8aHR0cHM6Ly9jaXNjby53ZWJleC5jb20vY2lzY29zYWxlcy9q LnBocD9NVElEPW01MGM0Mjc3ZjVjNTU2N2YxYTYyM2Q5ZTY4DQogZDk1NDYzMz4gdG8gdmlldyBo b3N0IGluZm9ybWF0aW9uLlxuXG5Kb2luIGJ5IHBob25lXG4rMS00MDgtNTI1LTY4MDAgQ2FsbC0N CiBpbiB0b2xsIG51bWJlciAoVVMvQ2FuYWRhKVxuKzEtODY2LTQzMi05OTAzIENhbGwtaW4gdG9s bC1mcmVlIG51bWJlciAoVVMvQw0KIGFuYWRhKVxuQWNjZXNzIGNvZGU6IDIwMSAwNjQgNzM5XG5H bG9iYWwgY2FsbC1pbiBudW1iZXJzPGh0dHBzOi8vY2lzY28ud2ViDQogZXguY29tL2Npc2Nvc2Fs ZXMvZ2xvYmFsY2FsbGluLnBocD9zZXJ2aWNlVHlwZT1NQyZFRD0zNjIxMjczOTcmdG9sbEZyZWU9 MT4NCiAgIHwgIFRvbGwtZnJlZSBjYWxsaW5nIHJlc3RyaWN0aW9uczxodHRwczovL3d3dy53ZWJl eC5jb20vcGRmL3RvbGxmcmVlX3Jlcw0KIHRyaWN0aW9ucy5wZGY+XG5cblxuQ2FuJ3Qgam9pbiB0 aGUgbWVldGluZz8gQ29udGFjdCBzdXBwb3J0LjxodHRwczovL2Npc2NvDQogLndlYmV4LmNvbS9j aXNjb3NhbGVzL21jPlxuXG5JTVBPUlRBTlQgTk9USUNFOiBQbGVhc2Ugbm90ZSB0aGF0IHRoaXMg V2ViRXgNCiAgc2VydmljZSBhbGxvd3MgYXVkaW8gYW5kIG90aGVyIGluZm9ybWF0aW9uIHNlbnQg ZHVyaW5nIHRoZSBzZXNzaW9uIHRvIGJlIA0KIHJlY29yZGVkXCwgd2hpY2ggbWF5IGJlIGRpc2Nv dmVyYWJsZSBpbiBhIGxlZ2FsIG1hdHRlci4gQnkgam9pbmluZyB0aGlzIHNlDQogc3Npb25cLCB5 b3UgYXV0b21hdGljYWxseSBjb25zZW50IHRvIHN1Y2ggcmVjb3JkaW5ncy4gSWYgeW91IGRvIG5v dCBjb25zZW4NCiB0IHRvIGJlaW5nIHJlY29yZGVkXCwgZGlzY3VzcyB5b3VyIGNvbmNlcm5zIHdp dGggdGhlIGhvc3Qgb3IgZG8gbm90IGpvaW4gdA0KIGhlIHNlc3Npb24uLg0KU1VNTUFSWTtMQU5H VUFHRT1lbi1VUzpVUERBVEU6IFdlZWtseSBhbmltYS1ib290c3RyYXAgbWVldGluZw0KRFRTVEFS VDtUWklEPU1vdW50YWluIFN0YW5kYXJkIFRpbWU6MjAxNjA5MjBUMDkwMDAwDQpEVEVORDtUWklE PU1vdW50YWluIFN0YW5kYXJkIFRpbWU6MjAxNjA5MjBUMTAwMDAwDQpVSUQ6ODlBMkU5QkUtNjlB Ri00NzlBLUEwNUEtMUU1QjJEREJDQjMzDQpSRUNVUlJFTkNFLUlEO1RaSUQ9TW91bnRhaW4gU3Rh bmRhcmQgVGltZToyMDE2MDkyMFQwOTAwMDANCkNMQVNTOlBVQkxJQw0KUFJJT1JJVFk6NQ0KRFRT VEFNUDoyMDE2MDkyMFQxNTM0MjZaDQpUUkFOU1A6T1BBUVVFDQpTVEFUVVM6Q09ORklSTUVEDQpT RVFVRU5DRToyDQpMT0NBVElPTjtMQU5HVUFHRT1lbi1VUzp3ZWJleA0KWC1NSUNST1NPRlQtQ0RP LUFQUFQtU0VRVUVOQ0U6Mg0KWC1NSUNST1NPRlQtQ0RPLU9XTkVSQVBQVElEOjIxMTQ1MzMwMjcN ClgtTUlDUk9TT0ZULUNETy1CVVNZU1RBVFVTOlRFTlRBVElWRQ0KWC1NSUNST1NPRlQtQ0RPLUlO VEVOREVEU1RBVFVTOkJVU1kNClgtTUlDUk9TT0ZULUNETy1BTExEQVlFVkVOVDpGQUxTRQ0KWC1N SUNST1NPRlQtQ0RPLUlNUE9SVEFOQ0U6MQ0KWC1NSUNST1NPRlQtQ0RPLUlOU1RUWVBFOjMNClgt TUlDUk9TT0ZULURJU0FMTE9XLUNPVU5URVI6RkFMU0UNCkJFR0lOOlZBTEFSTQ0KREVTQ1JJUFRJ T046UkVNSU5ERVINClRSSUdHRVI7UkVMQVRFRD1TVEFSVDotUFQ0TQ0KQUNUSU9OOkRJU1BMQVkN CkVORDpWQUxBUk0NCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5EQVINCg== --_002_35974519e85648f9b5370107ccb95568XCHALN013ciscocom_-- From nobody Tue Sep 20 11:20:31 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D916012B124 for ; Tue, 20 Sep 2016 11:20:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.836 X-Spam-Level: X-Spam-Status: No, score=-16.836 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CTBbMTk1Qy4b for ; Tue, 20 Sep 2016 11:20:25 -0700 (PDT) Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 520C612B431 for ; Tue, 20 Sep 2016 11:20:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8460; q=dns/txt; s=iport; t=1474395625; x=1475605225; h=from:to:subject:date:message-id:mime-version; bh=lYhQUh/TtkbDOwMxrRZzcbg6wy6mduDlNbt2MOKp8kQ=; b=a48eQykklhGZ/nTW4achiOKq90PSmbX1hAuBgIzQTydYgPIPKQFS4wrk H73z4dtQZjAoE50ihOC5NGlcuUHQGyn2bq8QhsxqQrM8gI0PgmmG8Ynqe XKlKM876fR0CWWWMkbtm5CYbIEcm2kG+Y/Lf5xjv+9nG/iLJjLvkn0vGH s=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0ALAAC+fOFX/4QNJK08BxcDGQEBAQEBA?= =?us-ascii?q?QEBAQEBBwEBAQEBgzsBAQEBAR5XfIQziQCpM4IPgR0FYiaFGV8egUU4FAECAQE?= =?us-ascii?q?BAQEBAV4nhGYCI0MlAQYuBAwGAgQwJAMEAYhcDi2TIJ0mhRWHRAEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBDw6IM4ZgLSYKJgeCNCuCLwWZcQGGJYYDgzWBbhc3hBWJGAK?= =?us-ascii?q?HAolcAR42gxgbgQVLcgGHZwEBAQ?= X-IronPort-AV: E=Sophos;i="5.30,369,1470700800"; d="scan'208";a="324109860" Received: from alln-core-10.cisco.com ([173.36.13.132]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 20 Sep 2016 18:20:24 +0000 Received: from XCH-ALN-010.cisco.com (xch-aln-010.cisco.com [173.36.7.20]) by alln-core-10.cisco.com (8.14.5/8.14.5) with ESMTP id u8KIKOF1010023 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 20 Sep 2016 18:20:24 GMT Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-ALN-010.cisco.com (173.36.7.20) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 20 Sep 2016 13:20:23 -0500 Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Tue, 20 Sep 2016 13:20:23 -0500 From: "Max Pritikin (pritikin)" To: "Jason Coleman (colemaj)" , "Michael Behringer (mbehring)" , "alper.yegin@yegin.org" , "anima-bootstrap@ietf.org" , "brian.e.carpenter@gmail.com" , "ietf@sandeep.de" , "jiangsheng@huawei.com" , "kwatsen@juniper.net" , "leo.liubing@huawei.com" , "mcr+ietf@sandelman.ca" , "tte+anima@cs.fau.de" Thread-Topic: UPDATE: Weekly anima-bootstrap meeting Thread-Index: AQHSE2unJ9m3P+oi90m5VsfpDYKSrA== Date: Tue, 20 Sep 2016 18:20:23 +0000 Message-ID: <4DE020ED-53CF-4DF0-A273-182DE0D4FE39@cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted Content-Type: multipart/alternative; boundary="_002_4DE020ED53CF4DF0A273182DE0D4FE39ciscocom_" MIME-Version: 1.0 Archived-At: Subject: [Anima-bootstrap] UPDATE: Weekly anima-bootstrap meeting X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Sep 2016 18:20:28 -0000 --_002_4DE020ED53CF4DF0A273182DE0D4FE39ciscocom_ Content-Type: text/plain; charset="utf-8" Content-ID: <0AB95A95A9BDC94194882EE18E92352C@emea.cisco.com> Content-Transfer-Encoding: base64 VGhpcyByZXBsYWNlcyB0aGUgb25nb2luZyBib290c3RyYXAgZGVzaWduIHRlYW0gc3RhbmRpbmcg bWVldGluZy4gSXQgc2hvdWxkIGJlIGF0IHRoZSBzYW1lIHRpbWUgZXRjLiBKdXN0IGEgbmV3IHdl YmV4IGxpbmsuIFRoaXMgcmVjdXJyaW5nIG1lZXRpbmcgdGVybWluYXRlcyBhdCB0aGUgU2VvdWwg bWVldGluZyAoYXQgd2hpY2ggcG9pbnQgd2UgY2FuIHJlc2NoZWR1bGUpLg0KDQoNCg0KDQoNCkV0 aGVycGFkOg0KDQpodHRwOi8vZXRoZXJwYWQudG9vbHMuaWV0Zi5vcmc6OTAwMC9wL2FuaW1hLWJv b3N0cmFwcGluZz91c2VNb25vc3BhY2VGb250PXRydWUNCg0KKG5vdGUgdHlwbyBpbiBib29zdHJh cHBpbmcpDQoNCg0KDQoNCg0K4oCU4oCU4oCUDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCi0t IERvIG5vdCBkZWxldGUgb3IgY2hhbmdlIGFueSBvZiB0aGUgZm9sbG93aW5nIHRleHQuIC0tDQoN Cg0KDQoNCg0KSm9pbiBXZWJFeCBtZWV0aW5nPGh0dHBzOi8vY2lzY28ud2ViZXguY29tL2Npc2Nv c2FsZXMvai5waHA/TVRJRD1tYTA2M2Q5ZWZlZWRlNjY4NjU4ZTc1ZTYzZDg3NzAwNWY+DQoNCk1l ZXRpbmcgbnVtYmVyOiAyMDEgMDY0IDczOQ0KDQpNZWV0aW5nIHBhc3N3b3JkOiBhcldpZHJQeiAo Mjc5NDM3NzkgZnJvbSBwaG9uZXMpDQoNCg0KDQoNCg0KSWYgeW91IGFyZSBhIGhvc3QsIGdvIGhl cmU8aHR0cHM6Ly9jaXNjby53ZWJleC5jb20vY2lzY29zYWxlcy9qLnBocD9NVElEPW01MGM0Mjc3 ZjVjNTU2N2YxYTYyM2Q5ZTY4ZDk1NDYzMz4gdG8gdmlldyBob3N0IGluZm9ybWF0aW9uLg0KDQoN Cg0KSm9pbiBieSBwaG9uZQ0KDQorMS00MDgtNTI1LTY4MDAgQ2FsbC1pbiB0b2xsIG51bWJlciAo VVMvQ2FuYWRhKQ0KDQorMS04NjYtNDMyLTk5MDMgQ2FsbC1pbiB0b2xsLWZyZWUgbnVtYmVyIChV Uy9DYW5hZGEpDQoNCkFjY2VzcyBjb2RlOiAyMDEgMDY0IDczOQ0KDQpHbG9iYWwgY2FsbC1pbiBu dW1iZXJzPGh0dHBzOi8vY2lzY28ud2ViZXguY29tL2Npc2Nvc2FsZXMvZ2xvYmFsY2FsbGluLnBo cD9zZXJ2aWNlVHlwZT1NQyZFRD0zNjIxMjczOTcmdG9sbEZyZWU9MT4gIHwgIFRvbGwtZnJlZSBj YWxsaW5nIHJlc3RyaWN0aW9uczxodHRwczovL3d3dy53ZWJleC5jb20vcGRmL3RvbGxmcmVlX3Jl c3RyaWN0aW9ucy5wZGY+DQoNCg0KDQoNCg0KQ2FuJ3Qgam9pbiB0aGUgbWVldGluZz8gQ29udGFj dCBzdXBwb3J0LjxodHRwczovL2Npc2NvLndlYmV4LmNvbS9jaXNjb3NhbGVzL21jPg0KDQoNCg0K SU1QT1JUQU5UIE5PVElDRTogUGxlYXNlIG5vdGUgdGhhdCB0aGlzIFdlYkV4IHNlcnZpY2UgYWxs b3dzIGF1ZGlvIGFuZCBvdGhlciBpbmZvcm1hdGlvbiBzZW50IGR1cmluZyB0aGUgc2Vzc2lvbiB0 byBiZSByZWNvcmRlZCwgd2hpY2ggbWF5IGJlIGRpc2NvdmVyYWJsZSBpbiBhIGxlZ2FsIG1hdHRl ci4gQnkgam9pbmluZyB0aGlzIHNlc3Npb24sIHlvdSBhdXRvbWF0aWNhbGx5IGNvbnNlbnQgdG8g c3VjaCByZWNvcmRpbmdzLiBJZiB5b3UgZG8gbm90IGNvbnNlbnQgdG8gYmVpbmcgcmVjb3JkZWQs IGRpc2N1c3MgeW91ciBjb25jZXJucyB3aXRoIHRoZSBob3N0IG9yIGRvIG5vdCBqb2luIHRoZSBz ZXNzaW9uLi4NCg== --_002_4DE020ED53CF4DF0A273182DE0D4FE39ciscocom_ Content-Type: text/calendar; charset="utf-8"; method=REQUEST Content-Transfer-Encoding: base64 QkVHSU46VkNBTEVOREFSDQpNRVRIT0Q6UkVRVUVTVA0KUFJPRElEOk1pY3Jvc29mdCBFeGNoYW5n ZSBTZXJ2ZXIgMjAxMA0KVkVSU0lPTjoyLjANCkJFR0lOOlZUSU1FWk9ORQ0KVFpJRDpBbWVyaWNh L0RlbnZlcg0KQkVHSU46U1RBTkRBUkQNCkRUU1RBUlQ6MTYwMTAxMDFUMDIwMDAwDQpUWk9GRlNF VEZST006LTA2MDANClRaT0ZGU0VUVE86LTA3MDANClJSVUxFOkZSRVE9WUVBUkxZO0lOVEVSVkFM PTE7QllEQVk9MVNVO0JZTU9OVEg9MTENCkVORDpTVEFOREFSRA0KQkVHSU46REFZTElHSFQNCkRU U1RBUlQ6MTYwMTAxMDFUMDIwMDAwDQpUWk9GRlNFVEZST006LTA3MDANClRaT0ZGU0VUVE86LTA2 MDANClJSVUxFOkZSRVE9WUVBUkxZO0lOVEVSVkFMPTE7QllEQVk9MlNVO0JZTU9OVEg9Mw0KRU5E OkRBWUxJR0hUDQpFTkQ6VlRJTUVaT05FDQpCRUdJTjpWRVZFTlQNCk9SR0FOSVpFUjtDTj1NYXgg UHJpdGlraW4gKHByaXRpa2luKTpNQUlMVE86cHJpdGlraW5AY2lzY28uY29tDQpBVFRFTkRFRTtS T0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1UUlVFO0NOPUph c29uIENvbGUNCiBtYW4gKGNvbGVtYWopOk1BSUxUTzpjb2xlbWFqQGNpc2NvLmNvbQ0KQVRURU5E RUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9TkVFRFMtQUNUSU9OO1JTVlA9VFJVRTtD Tj1NaWNoYWVsIEJlDQogaHJpbmdlciAobWJlaHJpbmcpOk1BSUxUTzptYmVocmluZ0BjaXNjby5j b20NCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtS U1ZQPVRSVUU7Q049YWxwZXIueWVnaQ0KIG5AeWVnaW4ub3JnOk1BSUxUTzphbHBlci55ZWdpbkB5 ZWdpbi5vcmcNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFD VElPTjtSU1ZQPVRSVUU7Q049YW5pbWEtYm9vdA0KIHN0cmFwQGlldGYub3JnOk1BSUxUTzphbmlt YS1ib290c3RyYXBAaWV0Zi5vcmcNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJQ0lQQU5UO1BBUlRT VEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049YnJpYW4uZS5jYQ0KIHJwZW50ZXJAZ21haWwu Y29tOk1BSUxUTzpicmlhbi5lLmNhcnBlbnRlckBnbWFpbC5jb20NCkFUVEVOREVFO1JPTEU9UkVR LVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049aWV0ZkBzYW5k ZQ0KIGVwLmRlOk1BSUxUTzppZXRmQHNhbmRlZXAuZGUNCkFUVEVOREVFO1JPTEU9UkVRLVBBUlRJ Q0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049amlhbmdzaGVuZw0KIEBo dWF3ZWkuY29tOk1BSUxUTzpqaWFuZ3NoZW5nQGh1YXdlaS5jb20NCkFUVEVOREVFO1JPTEU9UkVR LVBBUlRJQ0lQQU5UO1BBUlRTVEFUPU5FRURTLUFDVElPTjtSU1ZQPVRSVUU7Q049a3dhdHNlbkBq dQ0KIG5pcGVyLm5ldDpNQUlMVE86a3dhdHNlbkBqdW5pcGVyLm5ldA0KQVRURU5ERUU7Uk9MRT1S RVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9TkVFRFMtQUNUSU9OO1JTVlA9VFJVRTtDTj1sZW8ubGl1 YmluDQogZ0BodWF3ZWkuY29tOk1BSUxUTzpsZW8ubGl1YmluZ0BodWF3ZWkuY29tDQpBVFRFTkRF RTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1UUlVFO0NO PW1jcitpZXRmQHMNCiBhbmRlbG1hbi5jYTpNQUlMVE86bWNyK2lldGZAc2FuZGVsbWFuLmNhDQpB VFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1U UlVFO0NOPXR0ZSthbmltYUANCiBjcy5mYXUuZGU6TUFJTFRPOnR0ZSthbmltYUBjcy5mYXUuZGUN CkRFU0NSSVBUSU9OO0xBTkdVQUdFPWVuLVVTOlRoaXMgcmVwbGFjZXMgdGhlIG9uZ29pbmcgYm9v dHN0cmFwIGRlc2lnbiB0ZWFtIA0KIHN0YW5kaW5nIG1lZXRpbmcuIEl0IHNob3VsZCBiZSBhdCB0 aGUgc2FtZSB0aW1lIGV0Yy4gSnVzdCBhIG5ldyB3ZWJleCBsaW5rDQogLiBUaGlzIHJlY3Vycmlu ZyBtZWV0aW5nIHRlcm1pbmF0ZXMgYXQgdGhlIFNlb3VsIG1lZXRpbmcgKGF0IHdoaWNoIHBvaW50 IHcNCiBlIGNhbiByZXNjaGVkdWxlKS5cblxuXG5cblxuXG5FdGhlcnBhZDpcblxuaHR0cDovL2V0 aGVycGFkLnRvb2xzLmlldGYub3JnOg0KIDkwMDAvcC9hbmltYS1ib29zdHJhcHBpbmc/dXNlTW9u b3NwYWNlRm9udD10cnVlXG5cbihub3RlIHR5cG8gaW4gYm9vc3RyYXBwDQogaW5nKVxuXG5cblxu XG5cbuKAlOKAlOKAlFxuXG5cblxuXG5cblxuXG5cblxuXG5cblxuXG4tLSBEbyBub3QgZGVsZXRl IG9yIGMNCiBoYW5nZSBhbnkgb2YgdGhlIGZvbGxvd2luZyB0ZXh0LiAtLVxuXG5cblxuXG5cbkpv aW4gV2ViRXggbWVldGluZzxodHRwczovLw0KIGNpc2NvLndlYmV4LmNvbS9jaXNjb3NhbGVzL2ou cGhwP01USUQ9bWEwNjNkOWVmZWVkZTY2ODY1OGU3NWU2M2Q4NzcwMDVmPlxuDQogXG5NZWV0aW5n IG51bWJlcjogMjAxIDA2NCA3MzlcblxuTWVldGluZyBwYXNzd29yZDogYXJXaWRyUHogKDI3OTQz Nzc5IGZyb20NCiAgcGhvbmVzKVxuXG5cblxuXG5cbklmIHlvdSBhcmUgYSBob3N0XCwgZ28gaGVy ZTxodHRwczovL2Npc2NvLndlYmV4LmNvbS9jaQ0KIHNjb3NhbGVzL2oucGhwP01USUQ9bTUwYzQy NzdmNWM1NTY3ZjFhNjIzZDllNjhkOTU0NjMzPiB0byB2aWV3IGhvc3QgaW5mb3JtDQogYXRpb24u XG5cblxuXG5Kb2luIGJ5IHBob25lXG5cbisxLTQwOC01MjUtNjgwMCBDYWxsLWluIHRvbGwgbnVt YmVyIChVUy9DYW4NCiBhZGEpXG5cbisxLTg2Ni00MzItOTkwMyBDYWxsLWluIHRvbGwtZnJlZSBu dW1iZXIgKFVTL0NhbmFkYSlcblxuQWNjZXNzIGNvZA0KIGU6IDIwMSAwNjQgNzM5XG5cbkdsb2Jh bCBjYWxsLWluIG51bWJlcnM8aHR0cHM6Ly9jaXNjby53ZWJleC5jb20vY2lzY29zYWxlDQogcy9n bG9iYWxjYWxsaW4ucGhwP3NlcnZpY2VUeXBlPU1DJkVEPTM2MjEyNzM5NyZ0b2xsRnJlZT0xPiAg fCAgVG9sbC1mcmVlIGMNCiBhbGxpbmcgcmVzdHJpY3Rpb25zPGh0dHBzOi8vd3d3LndlYmV4LmNv bS9wZGYvdG9sbGZyZWVfcmVzdHJpY3Rpb25zLnBkZj5cbg0KIFxuXG5cblxuXG5DYW4ndCBqb2lu IHRoZSBtZWV0aW5nPyBDb250YWN0IHN1cHBvcnQuPGh0dHBzOi8vY2lzY28ud2ViZXguY29tDQog L2Npc2Nvc2FsZXMvbWM+XG5cblxuXG5JTVBPUlRBTlQgTk9USUNFOiBQbGVhc2Ugbm90ZSB0aGF0 IHRoaXMgV2ViRXggc2VydmkNCiBjZSBhbGxvd3MgYXVkaW8gYW5kIG90aGVyIGluZm9ybWF0aW9u IHNlbnQgZHVyaW5nIHRoZSBzZXNzaW9uIHRvIGJlIHJlY29yZA0KIGVkXCwgd2hpY2ggbWF5IGJl IGRpc2NvdmVyYWJsZSBpbiBhIGxlZ2FsIG1hdHRlci4gQnkgam9pbmluZyB0aGlzIHNlc3Npb25c DQogLCB5b3UgYXV0b21hdGljYWxseSBjb25zZW50IHRvIHN1Y2ggcmVjb3JkaW5ncy4gSWYgeW91 IGRvIG5vdCBjb25zZW50IHRvIGINCiBlaW5nIHJlY29yZGVkXCwgZGlzY3VzcyB5b3VyIGNvbmNl cm5zIHdpdGggdGhlIGhvc3Qgb3IgZG8gbm90IGpvaW4gdGhlIHNlcw0KIHNpb24uLlxuDQpSUlVM RTpGUkVRPVdFRUtMWTtVTlRJTD0yMDE2MTEwOFQxNjAwMDBaO0lOVEVSVkFMPTE7QllEQVk9VFU7 V0tTVD1TVQ0KU1VNTUFSWTtMQU5HVUFHRT1lbi1VUzpVUERBVEU6IFdlZWtseSBhbmltYS1ib290 c3RyYXAgbWVldGluZw0KRFRTVEFSVDtUWklEPUFtZXJpY2EvRGVudmVyOjIwMTYwOTEzVDA5MDAw MA0KRFRFTkQ7VFpJRD1BbWVyaWNhL0RlbnZlcjoyMDE2MDkxM1QxMDAwMDANClVJRDo4OUEyRTlC RS02OUFGLTQ3OUEtQTA1QS0xRTVCMkREQkNCMzMNCkNMQVNTOlBVQkxJQw0KUFJJT1JJVFk6NQ0K RFRTVEFNUDoyMDE2MDkyMFQxNDQ2MTZaDQpUUkFOU1A6T1BBUVVFDQpTVEFUVVM6Q09ORklSTUVE DQpTRVFVRU5DRTowDQpMT0NBVElPTjtMQU5HVUFHRT1lbi1VUzp3ZWJleA0KWC1NSUNST1NPRlQt Q0RPLUFQUFQtU0VRVUVOQ0U6MA0KWC1NSUNST1NPRlQtQ0RPLUJVU1lTVEFUVVM6VEVOVEFUSVZF DQpYLU1JQ1JPU09GVC1DRE8tSU5URU5ERURTVEFUVVM6QlVTWQ0KWC1NSUNST1NPRlQtQ0RPLUFM TERBWUVWRU5UOkZBTFNFDQpYLU1JQ1JPU09GVC1DRE8tSU1QT1JUQU5DRToxDQpYLU1JQ1JPU09G VC1DRE8tSU5TVFRZUEU6MQ0KWC1NSUNST1NPRlQtRElTQUxMT1ctQ09VTlRFUjpGQUxTRQ0KQkVH SU46VkFMQVJNDQpERVNDUklQVElPTjpSRU1JTkRFUg0KVFJJR0dFUjtSRUxBVEVEPVNUQVJUOi1Q VDE1TQ0KQUNUSU9OOkRJU1BMQVkNCkVORDpWQUxBUk0NCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5E QVINCg== --_002_4DE020ED53CF4DF0A273182DE0D4FE39ciscocom_-- From nobody Thu Sep 22 17:18:45 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E424512B8C4 for ; Thu, 22 Sep 2016 17:18:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.217 X-Spam-Level: X-Spam-Status: No, score=-4.217 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4JTrCz4Jz2ad for ; Thu, 22 Sep 2016 17:18:41 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E2AA12B8AA for ; Thu, 22 Sep 2016 17:18:40 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 4E826E1E0; Thu, 22 Sep 2016 20:31:47 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 073F26392D; Thu, 22 Sep 2016 20:18:39 -0400 (EDT) From: Michael Richardson To: "Max Pritikin \(pritikin\)" In-Reply-To: <4DE020ED-53CF-4DF0-A273-182DE0D4FE39@cisco.com> References: <4DE020ED-53CF-4DF0-A273-182DE0D4FE39@cisco.com> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Cc: "tte+anima@cs.fau.de" , "ietf@sandeep.de" , "alper.yegin@yegin.org" , "Michael Behringer \(mbehring\)" , "anima-bootstrap@ietf.org" , "leo.liubing@huawei.com" , "kwatsen@juniper.net" , "Jason Coleman \(colemaj\)" , "jiangsheng@huawei.com" Subject: Re: [Anima-bootstrap] UPDATE: Weekly anima-bootstrap meeting X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Sep 2016 00:18:43 -0000 --=-=-= Content-Type: text/plain Kent and I couldn't use the new webex as it takes a CEC login to start it. No place to enter the host key. After some typing at each other, we decided to cancel. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV+R03ICLcPvd0N1lAQIi3ggAonVNu+Sx4HY5vzUzsS3cG5GFHjhA+8Qi TJDHmkS3isxm3QC4ssdqVa3yltUH4+vUL3C6KsG+dStkiDeZNZCWcHu55kNztGeD RnG8UX3ZlGKV5273v6aEAjraPXUyRvw1FJW7q+5TNQ/s++Vg9aWK/c+wT4dm0g8E ecl3tapDHPzuIilXIrADOFO0EX7YheVVXoKK7j3e16JhldTtgI7gS9NWsBN3SjW/ Jg5hgRrLiheesuEl3NYrxfIaSB+adUY1hgRnGtk1Hq0QGIuVM2Ea7YtBh/tbJvhf ldhFJb8lKT0LuSsWJEXFQiyMhlSSiH8PSXm8AVFRA36up+B7YF2ScA== =mb0Q -----END PGP SIGNATURE----- --=-=-=-- From nobody Thu Sep 22 18:21:31 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A568712B67C for ; Thu, 22 Sep 2016 18:21:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mQs8qIE3aXGO for ; Thu, 22 Sep 2016 18:21:28 -0700 (PDT) Received: from mail-pa0-x22a.google.com (mail-pa0-x22a.google.com [IPv6:2607:f8b0:400e:c03::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4352E12B59C for ; Thu, 22 Sep 2016 18:21:26 -0700 (PDT) Received: by mail-pa0-x22a.google.com with SMTP id oz2so34509042pac.2 for ; Thu, 22 Sep 2016 18:21:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=AL/xMZO30vsk5f1xH6r7FcwtZeA5HQSxuvzJ3mLjwr0=; b=T9fyUDUbeJlDIAsS4O1EiyGvL7lUJkhi1koNBigrYEQmCk3SYPYNUxsPcCWQrJqnC3 9+wpelC8JG3uM6P62eI+acKYGFSaj6Tk67lxXxvCYKQfCz1XYfsqJrCimTJPXvK9jSKn CwsCdsqtwQsniowXC3QrJX9QZ+RrFayrSynG+TH2/YKMBiVdMzUs95g+OizZncKHs+cF P9Bs9FkNh14RCaq5zkdvMAGtL3TNJyVcvRMDiWVinz2J5TNYsjpuIC95O4k2CHYehmhR EVZnzhxjj0m6BZFzTz6TtdQ0ZW0rVmcj8N6Y+2JVZG57LmayU/m9d88VbdUGLtcnDdGd cG4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=AL/xMZO30vsk5f1xH6r7FcwtZeA5HQSxuvzJ3mLjwr0=; b=E1j0FGF6cTvFoR577GPunu1Cy03EOef6RBpHIPlL9uQToKN7wjB8uK6BRpluInJvu5 ZaBZXQ+8EMcuIdX1xp8yAfgDoD0iOasS5wvzoQWdpT2CdJQkXYiQIKO8C7JaFnI9M5Ko GkoQ0iPrlS8jas8h9OE02JmnJoySh9FFRSd4fiK2RbYjkd7OgoIECfw2x7irKNvjFvUS 6Mcagl8QImH7AKhS5vMAUsk7dmU9IOPaGA3YWj3jSby4clzJ9UPjOyE7Kf47WkzkrY1y d3Xl0yZRTkG4Gc0fwUm8vDWfSDkkrQhHnaaKuilMLdtTG4WijevXn79WzEJOnIsPZerM W1dg== X-Gm-Message-State: AE9vXwM/AGUyuMaFtMqj/Rrnfk6OZXg0xTWqj2+maADZDeG0HMWFFmlKC0Xp9VpvHE4Ywg== X-Received: by 10.66.158.233 with SMTP id wx9mr8192892pab.2.1474593685699; Thu, 22 Sep 2016 18:21:25 -0700 (PDT) Received: from ?IPv6:2406:e007:5237:1:28cc:dc4c:9703:6781? ([2406:e007:5237:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id p73sm6127396pfk.60.2016.09.22.18.21.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 22 Sep 2016 18:21:24 -0700 (PDT) To: Michael Richardson References: <20160718170810.GX7377@cisco.com> <4b913a43-7248-deb2-3f26-834240ea7dff@gmail.com> <20160912213631.GD15177@faui40p.informatik.uni-erlangen.de> <20160913005250.GI15177@faui40p.informatik.uni-erlangen.de> <521f4ddc-e169-02c6-0180-dfea5d74c293@gmail.com> <28428.1474589565@obiwan.sandelman.ca> From: Brian E Carpenter Organization: University of Auckland Message-ID: <84aa9220-9e3a-4873-d4d0-54f85a267436@gmail.com> Date: Fri, 23 Sep 2016 13:21:32 +1200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <28428.1474589565@obiwan.sandelman.ca> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Cc: anima-bootstrap@ietf.org Subject: Re: [Anima-bootstrap] Brian: Text to discover "Registrars" via GRASP X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Sep 2016 01:21:29 -0000 On 23/09/2016 12:12, Michael Richardson wrote: > > {why isn't this on the list???} Assuming you mean the bootstrap DT list, only because it started as a very specific discussion point. So now it's on the list. > > Brian E Carpenter wrote: > > On 13/09/2016 12:52, Toerless Eckert wrote: > >> On Tue, Sep 13, 2016 at 11:12:20AM +1200, Brian E Carpenter wrote: >>>>>> Currently we have: >>>>>> BRSKY via TLS/TCP >>>>>> BRSKY via CoAP/dTLS/UDP via IPIP > >> > >> I am actually confused right now why i added the "IPIP" into the mix... > >> *head* *scratching* > > > Yes, if you're inside the ACP it certainly seems redundant. > > Either there are TCP/UDP circuit layer proxies (aka NAT66s or application > layer alg-gateways), or there is an IPIP layer. In the later case, the > packets look like: > > pledge proxy registrar > A ----- src:llA/dst:llP----> ---src:acpP/dst:acpR------> R > IPIP:src:llA/dst:llP > > We need the IPIP layer on the ACP side because the pledge/proxy > communication is link-local only. Sure. And I think we do need to settle the question of which method is used. What is the advantage in the registrar seeing the link-local addresses, which are never supposed to be visible off-link? Would it help for diagnostics? If we want that, we want IPIP. If not, NAT66 would need to clamber over innumerable dead bodies). So then a transport proxy seems best (to preserve end2end TLS). > If the CoAP and TCP versions are different ASAs, then they can return > different addresses and port numbers. > If they are on the same ASA, I guess, yes, we need to return to answers. Right. I assumed the second case for my demo code because it's more demanding on GRASP. Brian From nobody Mon Sep 26 14:54:47 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B77012B2FF for ; Mon, 26 Sep 2016 14:54:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.515 X-Spam-Level: X-Spam-Status: No, score=-6.515 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.316] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ulXV1AwDocRS for ; Mon, 26 Sep 2016 14:54:34 -0700 (PDT) Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04BD412B343 for ; Mon, 26 Sep 2016 14:54:33 -0700 (PDT) Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [131.188.34.77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 362E458C4B1; Mon, 26 Sep 2016 23:54:32 +0200 (CEST) Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id 167C7B0A961; Mon, 26 Sep 2016 23:54:31 +0200 (CEST) Date: Mon, 26 Sep 2016 23:54:31 +0200 From: Toerless Eckert To: "Max Pritikin (pritikin)" , anima-bootstrap@ietf.org Message-ID: <20160926215431.GB9776@faui40p.informatik.uni-erlangen.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Archived-At: Cc: "mcr+ietf@sandelman.ca" , "Michael Behringer \(mbehring\)" Subject: [Anima-bootstrap] anima-bootstrap: Working conference/webex ? X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Sep 2016 21:54:36 -0000 Do we have a working webex/conference tool setup for tomorrow and the coming tuesdays ? Last week, it was Max'ex Cisco webex and no one could dial. I can ask for an IETF webex account to set up a new IETF webex, biut i think for tomorrow, that would be too late. Suggestions ? Cheers Toerless From nobody Mon Sep 26 16:10:43 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 520B612B36D for ; Mon, 26 Sep 2016 16:10:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -16.837 X-Spam-Level: X-Spam-Status: No, score=-16.837 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 680gV9eS1Q_v for ; Mon, 26 Sep 2016 16:10:40 -0700 (PDT) Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DD0D12B375 for ; Mon, 26 Sep 2016 16:10:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=768; q=dns/txt; s=iport; t=1474931440; x=1476141040; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=4ZluyNFBRKb+KJ84pIugUfN+5RS45UArJNFezAIH76Y=; b=QI6y25VZnL7dbeEg1a9ZNlOe4B3Ywp+AIjU8sPKFxLjHUxHoeLXbsPgB xfeNtzaz9CIriDbuJEnsZlApEQ9aArSW/0LYHyfOByW6rlI8zXD/vBQ52 8XkLecDvlwX4vgfFbpuSlzza3ANE2Bgtn61RdgyPaQV/CeEqclk4lZImu Q=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A5BgBiqulX/5BdJa1dGgEBAQECAQEBA?= =?us-ascii?q?QgBAQEBgz0BAQEBAR6BUwe4e4IEhh4CHIFGORMBAgEBAQEBAQFeJ4RhAQEBAwE?= =?us-ascii?q?jETQRBQsCAQgYAgIRFQICAjAVEAIEDgWIQwizWoxuAQEBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBHIEGhy0IglCBPAGDRoJFK4IvAQSZdgGPZ4FYjhOMa4N7AR8BNIMmgV9?= =?us-ascii?q?yhmB/AQEB?= X-IronPort-AV: E=Sophos;i="5.30,401,1470700800"; d="scan'208";a="327599428" Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2016 23:10:39 +0000 Received: from XCH-ALN-007.cisco.com (xch-aln-007.cisco.com [173.36.7.17]) by rcdn-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id u8QNAdZq002679 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 26 Sep 2016 23:10:39 GMT Received: from xch-aln-013.cisco.com (173.36.7.23) by XCH-ALN-007.cisco.com (173.36.7.17) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 26 Sep 2016 18:10:38 -0500 Received: from xch-aln-013.cisco.com ([173.36.7.23]) by XCH-ALN-013.cisco.com ([173.36.7.23]) with mapi id 15.00.1210.000; Mon, 26 Sep 2016 18:10:38 -0500 From: "Max Pritikin (pritikin)" To: Toerless Eckert Thread-Topic: anima-bootstrap: Working conference/webex ? Thread-Index: AQHSGECTvfq0JKLZCk6l3XLkQmFXh6CMubMA Date: Mon, 26 Sep 2016 23:10:38 +0000 Message-ID: References: <20160926215431.GB9776@faui40p.informatik.uni-erlangen.de> In-Reply-To: <20160926215431.GB9776@faui40p.informatik.uni-erlangen.de> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.99.106.4] Content-Type: text/plain; charset="utf-8" Content-ID: <2CABB6E1468F7243A811CFC13433E2AA@emea.cisco.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 Archived-At: Cc: "mcr+ietf@sandelman.ca" , "anima-bootstrap@ietf.org" , "Michael Behringer \(mbehring\)" Subject: Re: [Anima-bootstrap] anima-bootstrap: Working conference/webex ? X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Sep 2016 23:10:41 -0000 SeKAmWxsIGJlIG9uIHRoZSBjYWxsIGluIHRoZSBtb3JuaW5nIHNvIGl0IHNob3VsZCBwcm9jZWVk IHdpdGhvdXQgZGlmZmljdWx0eS4gSSBhZ3JlZSB0aGF0IHlvdSBoYXZpbmcgYW4gSUVURiBhY2Nv dW50IGlzIGEgZ29vZCBpZGVhLg0KDQotIG1heA0KDQo+IE9uIFNlcCAyNiwgMjAxNiwgYXQgMzo1 NCBQTSwgVG9lcmxlc3MgRWNrZXJ0IDx0dGUraWV0ZkBjcy5mYXUuZGU+IHdyb3RlOg0KPiANCj4g RG8gd2UgaGF2ZSBhIHdvcmtpbmcgd2ViZXgvY29uZmVyZW5jZSB0b29sIHNldHVwIGZvciB0b21v cnJvdyBhbmQNCj4gdGhlIGNvbWluZyB0dWVzZGF5cyA/IExhc3Qgd2VlaywgaXQgd2FzIE1heCdl eCBDaXNjbyAgd2ViZXggYW5kDQo+IG5vIG9uZSBjb3VsZCBkaWFsLg0KPiANCj4gSSBjYW4gYXNr IGZvciBhbiBJRVRGIHdlYmV4IGFjY291bnQgdG8gc2V0IHVwIGEgbmV3IElFVEYgd2ViZXgsIGJp dXQgaQ0KPiB0aGluayBmb3IgdG9tb3Jyb3csIHRoYXQgd291bGQgYmUgdG9vIGxhdGUuDQo+IA0K PiBTdWdnZXN0aW9ucyA/DQo+IA0KPiBDaGVlcnMNCj4gICAgVG9lcmxlc3MNCg0K From nobody Tue Sep 27 07:05:29 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6089E12B1E3 for ; Tue, 27 Sep 2016 07:05:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.215 X-Spam-Level: X-Spam-Status: No, score=-4.215 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RP_MATCHES_RCVD=-2.316] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SqjJ14IS6EgP for ; Tue, 27 Sep 2016 07:05:22 -0700 (PDT) Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6FC412B1E7 for ; Tue, 27 Sep 2016 07:05:21 -0700 (PDT) Received: from faui40p.informatik.uni-erlangen.de (faui40p.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:77]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 4665358C4B3; Tue, 27 Sep 2016 16:05:20 +0200 (CEST) Received: by faui40p.informatik.uni-erlangen.de (Postfix, from userid 10463) id 33329B0A976; Tue, 27 Sep 2016 16:05:20 +0200 (CEST) Date: Tue, 27 Sep 2016 16:05:20 +0200 From: Toerless Eckert To: Michael Richardson , anima-bootstrap@ietf.org Message-ID: <20160927140520.GE9776@faui40p.informatik.uni-erlangen.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Archived-At: Cc: "Max Pritikin \(pritikin\)" , "Michael Behringer \(mbehring\)" Subject: [Anima-bootstrap] Anima-bootstrap meeting ? X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Sep 2016 14:05:28 -0000 The cisco webex from Max is not working / started ... ? Do we have a meeting ? Cheers Toerless From nobody Tue Sep 27 14:46:43 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34AA612B279 for ; Tue, 27 Sep 2016 14:46:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.216 X-Spam-Level: X-Spam-Status: No, score=-4.216 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001, WEIRD_PORT=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HvsY_uIzVE4j for ; Tue, 27 Sep 2016 14:46:36 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0211212B268 for ; Tue, 27 Sep 2016 14:46:35 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id A5E8C2009E for ; Tue, 27 Sep 2016 17:59:59 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id CE83D6392D for ; Tue, 27 Sep 2016 17:46:34 -0400 (EDT) From: Michael Richardson To: "anima-bootstrap\@ietf.org" In-Reply-To: References: <20160926215431.GB9776@faui40p.informatik.uni-erlangen.de> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: Re: [Anima-bootstrap] anima-bootstrap: Working conference/webex ? X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Sep 2016 21:46:38 -0000 --=-=-= Content-Type: text/plain here are the ietf.webex.com for the next few weeks (until Nov. 8, but I think we might want to cancel the week before IETF). I'll repeat this in the minutes, and I updated the ics invite that likely has beaten this email. https://ietf.webex.com/ietf/j.php?MTID=m0e0d148dad8af4468112c83bbb3181bc http://etherpad.tools.ietf.org:9000/p/anima-boostrapping?useMonospaceFont=true 648 921 326 Meeting password: boostrap Audio connection: 1-877-668-4493 Call-in toll free number (US/Canada) 1-650-479-3208 Call-in toll number (US/Canada) Show toll-free dialing restrictions Access code: 648 921 326 -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV+rouICLcPvd0N1lAQJdNAf+KyRAx14+N6QcsNojK8kHUeZa1VbJYboS Kd44BxbAQCrJkmPQwtM+M0iGlGBEoltQYFFnUoB6iENsa8v07dFHzNcz+GCQIpZl NpBLj6HJ9QNFxnlSFRlJMAom3F6zDFGiwjWWTFkvdekv3xokYOIIQrDVLjxqwccz AbsZUz4Ukn0EttLIaVR4Tt3FoF2vXpf9SiM5dexWunvbxkdNJlO0KHqAbnlmE5/9 Q+7iRorWWAhT6W2A6ZngxWQQTuZpk2RE/lIM9d8OrR9jjtvC2w9p8CfPLn0d6GBA aOswnLaLDGHzkMZb2RBQxBP1+AcvORdT6zT4kNzOeY1LDdnj2RHiOg== =4WVA -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Sep 27 14:57:52 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE91F12B2F1 for ; Tue, 27 Sep 2016 14:57:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.217 X-Spam-Level: X-Spam-Status: No, score=-4.217 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iGEWx8uEs0iG for ; Tue, 27 Sep 2016 14:57:50 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D9B812B185 for ; Tue, 27 Sep 2016 14:57:50 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 5CC6F2009E for ; Tue, 27 Sep 2016 18:11:14 -0400 (EDT) Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 82A9D6392D for ; Tue, 27 Sep 2016 17:57:49 -0400 (EDT) From: Michael Richardson To: "anima-bootstrap\@ietf.org" In-Reply-To: References: <20160926215431.GB9776@faui40p.informatik.uni-erlangen.de> X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: Re: [Anima-bootstrap] anima-bootstrap: Working conference/webex ? X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Sep 2016 21:57:52 -0000 --=-=-= Content-Type: text/plain Also, I want to point out that the meeting is anchored at 1500UTC, which means that Nov. 1, it moves an hour as we change our clocks. Alas, in my google calendar, I have yet to find a way to actually pick UTC as a timezone (hints welcome), so in mine, it's anchored to Amsterdam/France, which makes it even more confusing. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV+rrWoCLcPvd0N1lAQJ/3Af/bzm0LIlMwxgt+Kk1qdQTvo/a5EBcGlnP YICACDk4oJnO1k1+OAXSib8lHCvlBPvPIOqs7xFttTCSKtVMapzOSnT8mrbwIzEP RoTh4KB/8MvSMsWG2fjS5GS+D3nd+g57dAFj8A5gx3Ya4l+nqB74Fa/mMXqfNZK6 kys8XrlTWb7qoJA8+g+J2JF5YiX0VbyWLqbso9JX/grHvbuBRsha9p+ozz9Uek3k Dl6MKooAkc0Zs9mwBKnoJ25/DYfFgoSyVftFpF5uXeZvdPq1xLntkKCVrqTbj7Ur KR3JcP4sclfvV1vxaQboqenhkEpKgbn8qE5o5kE4hJCdO8GGWMXwCQ== =1xmj -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Sep 27 15:40:41 2016 Return-Path: X-Original-To: anima-bootstrap@ietfa.amsl.com Delivered-To: anima-bootstrap@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 578ED12B40C for ; Tue, 27 Sep 2016 15:40:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6AqEvB0dVkg0 for ; Tue, 27 Sep 2016 15:40:38 -0700 (PDT) Received: from mailhost.informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0287612B4FF for ; Tue, 27 Sep 2016 15:40:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de Received: from submithost.informatik.uni-bremen.de (submithost.informatik.uni-bremen.de [134.102.201.11]) by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id u8RMeMjL004870; Wed, 28 Sep 2016 00:40:22 +0200 (CEST) Received: from nar-4.local (unknown [IPv6:2001:13c7:7003:4000:d450:d0a8:b1ec:4b37]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id 3skG4j0Z9hz1wNY; Wed, 28 Sep 2016 00:40:20 +0200 (CEST) Message-ID: <57EAF550.3090105@tzi.org> Date: Tue, 27 Sep 2016 16:40:16 -0600 From: Carsten Bormann User-Agent: Postbox 4.0.8 (Macintosh/20151105) MIME-Version: 1.0 To: Michael Richardson References: <20160926215431.GB9776@faui40p.informatik.uni-erlangen.de> <19568.1475013469@obiwan.sandelman.ca> In-Reply-To: <19568.1475013469@obiwan.sandelman.ca> X-Enigmail-Version: 1.2.3 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Archived-At: Cc: "anima-bootstrap@ietf.org" Subject: Re: [Anima-bootstrap] anima-bootstrap: Working conference/webex ? X-BeenThere: anima-bootstrap@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Mailing list for the bootstrap design team of the ANIMA WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Sep 2016 22:40:40 -0000 > Alas, in my google calendar, I have yet to find a way to actually pick UTC as > a timezone (hints welcome), so in mine, it's anchored to Amsterdam/France, > which makes it even more confusing. Reykjavik. Grüße, Carsten