Hiya, In case folks here aren't on the main IETF discuss list, there's been a flood of mail [1,2,3] there on this topic, and Jari and I wrote a bloggy thing [4] as well.
The IAB are considering how to deal with some of this stuff as part of the tech plenary in Vancouver. [5] I guess we'll hear more about that as it firms up. But since a tech plenary is probably not the best place to try get work (or plans for work) done, the IESG and IAB also discussed having a BoF-like session for more detailed discussion of the topic and what the IETF could or should be doing. Current thinking is to have a session based around the discussion on this list, so that'd probably be called the perpass BoF but as with the list, there's no plan for this to be a WG forming BoF. So, this is a call for: a) suggestions as to how to best use some face-to-face time, b) agenda proposals, and, c) folks who are willing to volunteer to do stuff (e.g. lead a discussion on topic foo, write an I-D about bar,...). I guess (a) and (b) are better done on the list, but feel free to send me offlist mail about (c). As the next IETF meeting [6] is coming up quite soon, please try respond to this in the next week or so if you're going to. The IESG/IAB call where we agree what BoFs to have is on Sep 24th and it'd be nice to have a reasonable idea about how we'll handle this before then, so this isn't a hard deadline and there'll be further calls for input before we get near to having a worked out agenda. My initial idea for this would be a 2/2.5 hour session where we have someone scene-set, then some open-mic, then a set of short presentations about specific problems or things the IETF could do, and then more open-mic. Hopefully we'd wrap up with a list of actionable things and associated victims^H^H^H^H^H^Hvolunteers. I think the drafts that Brian [7] and Yaron [8] have written are fine examples of the kind of specific thing for which we'd want to have short presentations. (BTW: As always, more drafts are welcome.) I don't think we want overly fuzzy or broad presentations and we don't want to have presentations that merely complain about the state of the universe, so please do keep in mind that the IETF cannot fully "solve" whatever it is you think the problem is, and that what we're after here is to identify specific pieces of IETF work that are doable and that can help mitigate the threat of pervasive monitoring. But I'm very open to other suggestions if you have 'em or to being told the above is crazy, if that's what you think. In the meantime please continue to use this list for discussion of specific things the IETF could or should be doing and if you intend to write up an I-D on this topic, just fire ahead and do that and then send a link to the list, same as always. Thanks, S. [1] http://www.ietf.org/mail-archive/web/ietf/current/msg82071.html [2] http://www.ietf.org/mail-archive/web/ietf/current/msg82073.html [3] http://www.ietf.org/mail-archive/web/ietf/current/msg82167.html [4] http://www.ietf.org/blog/2013/09/security-and-pervasive-monitoring/ [5] http://www.ietf.org/mail-archive/web/ietf/current/msg82266.html [6] http://www.ietf.org/meeting/cutoff-dates-2013.html#IETF88 [7] http://tools.ietf.org/html/draft-trammell-perpass-ppa [8] http://tools.ietf.org/html/draft-sheffer-tls-bcp [9] what a lot of references :-) _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
