Minutes of the IRTF HIP research group meeting, March 22 2010, Anaheim Minutes compiled by Tobias Heer and Andrew McGregor and edited by the co-chairs Tom Henderson and Andrei Gurtov The meeting was co-chaired by Andrei Gurtov and Tom Henderson. 43 people signed the attendance sheets. The meeting lasted two hours. Presentation materials are archived in the proceedings. 0) Introduction, draft status, agenda bashing The wiki is moving to IETF tools pages. Discussion on the process of which HIP RG drafts become "official" RG drafts. RFC 5743 process published, therefore future IRTF drafts follow this process. Trying to find extra non-author contributors for mature drafts. Several candidates were identified on the list in early December. 1) HIP Experiment Report update, and discussion on next steps = - http://www.ietf.org/internet-drafts/draft-irtf-hip-experiment-06.txt Miika Komu will provide feedback on the report during this week. 2) Jiong Shen, HIP Service Overlay Study = - http://www.ietf.org/id/draft-wang-hiprg-service-overlay-00.txt Miika Komu: How is this different from Hi3? Jiong Shen: For HI3 you use the infrastructure for control messages, whereas the media is end-to-end. This is an overlay network. It also provides for ID to IP bindings. Tom: Are you requesting additional feedback from the RG? Jiong: We want to know if this is interesting and if we missed something. 3) Tom Henderson, HIP as a L2VPN solution = - http://www.ietf.org/internet-drafts/draft-henderson-hip-vpls-00.txt Geoff Thompson: The isolation facility is already existing in 802.1. Tom: How would you integrate this with HIP and the identity framework. We have some vendors interested in building this. They would like to know how to use HIP to provide the signaling to manage the tunnels. Bob: This may more be along the line with the provider bridging. There may be some be some commonality here. Geoff: This seems to have been more done in provider/carrier space rather than enterprise, but seems no reason it can't be applied. Andrei: There is a book about this by a Boeing employee. A pointer was sent to the mailing list. 4) Dacheng Zhang and Miika Komu, Identity Privacy = - http://tools.ietf.org/html/draft-zhang-hip-privacy-protection Tobias Heer: Encrypted pub keys seem more practical than BLIND. Too many identifiers. Bob M: When talking about BLIND, there would be a flag saying BLIND is in use, where is this? Miika: In the I1, it needs to be available then. Bob: We were talking about changing ORCHIDs, clarifying that it's not involved there. Tom: What was the motivation for taking this as a draft? Dacheng: Essentially to give some privacy to the responder. And I consulted various colleagues, who were also interested. 5) Dacheng Zhang, HI revocation draft status = - draft-zhang-hip-hi-revocation-02.txt Bob: Why do you use the "not before" field? I can see the "not after" but not why to not use the key before a certain time. Andrei: Imagine a employer who will not start to work before a certain date. Bob: That's local scope. I would like to see some scenarios. Dacheng: To communicate the new HI before the old one expires. Bob: Good, put that in the document. Andrei: Clock synchronization is important, too. Bob: Whenever you use PKI or anything like it clock synchronization needs to be there. Tom: This could be a draft that the RG could adopt in the publication process. Is there any support for it? Andrei: Bob could this be for you? Bob: I don't have any cycles left right now. Let's see if I can do something. Tom: Maybe we take this to the list and see if we can encourage somebody to contribute. 6) Dacheng Zhang, HIP proxy = - http://www.ietf.org/id/draft-zhang-hip-investigation-proxy-01.txt Jan Melen: Should we have one document that specifies the proxy on one side and another document for the other side? Dacheng: Both are on the same host. Jan Melen: Sure you can do that. Maybe we can have a set of different documents for different protocols. Tom: Is there interest for progressing this? Bob: Yes. Tobias: What we di in PiSA is not that far away from this. We have interest in this. Bob: Probably the largest potential use is for smart-grid and Internet of Things (IoT) type applications. Andrei: Suggest that Jan and Dacheng produce a new individual submission, then will adopt to the RG. 7) Gyu Myoung Lee, future directions for IoT work = - http://www.ietf.org/id/draft-lee-object-naming-02.txt Tom: Let's have the questions after Pascal's talk. 8) Pascal Urien, HIP for RFID and IoT issues = - http://tools.ietf.org/html/draft-urien-hip-tag-03 Andrew: This is progressing in a direction that this becomes more and more HIP-like. But how much of HIP do you actually need. Is this really HIP or is it merely HIP-inspired. Pascal: The identity concept is important. For the IoT we need a identity. ... Andrew: That's why I would say HIP-inspired. This is like an identity solution for HIP in which the identity is not cryptographic. (reference to the privacy presentation). Pascal: The cryptographic load of HIP is very high. We are using objects that don't have much processing power. Andrew: HIP BEX takes about 3 second on a Atom (?) sensor node. Andrei: That's why we need ECC. It can bring down processing time by one order of magnitude. Bob: We are working with very very small devices. Even the code size of a hash function is problematic. People even think about systems inside a cell. ECC too much for such things. Andrew: Suggest to pick up discussion after the IoT Bar bof tonight. 9) Miika Komu and Tobias Heer, HIPL status and plans = Tobias summarized a major HIPL refactoring and relicensing effort. 10) Tobias Heer, PiSA/Mobile ACcess project = 11) Miika Komu, Packet-Level Authentication (PLA) = There was limited to no time for the last two presentations scheduled. PLA discussion suggested to move to the list.