Markdown Version | Session Recording

Session Date/Time: 07 Nov 2022 09:30

dispatch

Summary

The dispatch meeting covered several topics, including vcon, Sasol authentication for SIP, dkim replay, webRTC egress (WEP), ebpf, and testable HTTP. Discussions focused on the scope, suitability for standardization, and the appropriate working group for each topic. Key outcomes included a recommendation to form a working group for dkim replay without a buff, and a decision to table the webRTC egress (WEP) discussion pending a session within the wish working group. Sasol Authentication for SIP will not move forward in its current form and the group will form a use case and problem statement for vcon to be taken to a buff.

Key Discussion Points

• vcon (Conversation Standard):
  • The presenter highlighted the lack of a standard for capturing and managing conversations across various communication services, leading to data silos and challenges with data privacy regulations.
  • Concerns were raised about whether "conversation" is the right level of abstraction, suggesting a focus on building blocks like "utterances" instead.
  • Suggested to draft a problem statement and use cases and liaison with W3C.
• Sasol Authentication for SIP:
  • The presenter proposed using Sasol for SIP authentication to enable realm crossover and improved security.
  • Concerns were raised that existing security mechanisms for SIP, like stir, address many of the same issues, making Sasol redundant.
  • Decision not to move forward in the current form of the proposal. Further feedback and organization is required.
• dkim Replay:
  • The problem of dkim replay attacks was discussed, where spammers reuse valid dkim signatures to bypass spam filters.
  • Several potential solutions were presented, including embedding the recipient in the signature, counting signatures, stripping dkim signatures, and specifying the next hop destination domain.
  • Concerns were raised about the potential impact on indirect mail flows and the complexity of implementing certain solutions.
  • Discussion regarding a dedicated maintenance team due to the rapidly evolving landscape of email standards.
• webRTC Egress (WEP):
  • The presenter proposed a standard protocol for webRTC egress, similar to whip for ingress, to enable interoperability between webRTC services and products.
  • Decision to defer further discussion pending a session within the wish working group.
• ebpf:
  • Discussion regarding standardizing parts of ebpf, a cross-platform technology that allows sandboxed programs to extend privileged system components.
  • Different views were expressed, with one suggesting the IETF as a good place for standardization.
  • Others considered it more appropriate for an organization with expertise in compilers and dynamic languages, like the W3C. A side meeting was scheduled to discuss.
• Testable HTTP (httpa):
  • The presenter proposed a new L7 protocol, httpa, to build trusted communication for web services running inside trusted execution environments (TEEs).
  • Concerns were raised about the necessity of a new protocol, given existing mechanisms like attested TLS.

Decisions and Action Items

• vcon: Create a draft of the use case/problem statement and clarify the scope, and take it to a buff.
• Sasol Authentication for SIP: Do not proceed with the work in its current form.
• dkim Replay: Form a new working group without a buff.
• webRTC Egress (WEP): Hold and allow the session in wish to progress, to see if a re-charter is appropriate.
• ebpf: Side meeting is scheduled to discuss standardization options (Thursday 6PM).

Next Steps

• vcon: Schedule buff to present updated problem statement and use cases.
• dkim Replay: Begin the process of chartering a new working group.
• webRTC Egress (WEP): Attend the session in wish and assess the potential for re-chartering.
• ebpf: Attend the side meeting and discuss standardization options.
• Testable HTTP (httpa): Proceed to Sex Dispatch for further deliberation.