Birds of a Feather at IETF 107

Before each IETF meeting, the Internet Engineering Steering Group (IESG) collects proposals for Birds of a Feather (BOF) sessions. These sessions are designed to help determine the path for new work in the IETF, to generate discussion about a topic within the IETF community, and to determine whether there is interest in working on the topic within the IETF.

The IESG approved four BOF sessions to be scheduled at IETF 107, all of which aim to form new working groups:

Real-Time Internet Peering for Telephony (RIPT): The goal of the RIPT effort is to create a new protocol that enables signaling and real-time interactive voice and video to operate natively on top of modern web platforms. RIPT intends to offer a replacement for Session Initiation Protocol (SIP), which is difficult to deploy into modern public cloud platforms because of its usage of raw IP addresses and ports, its load balancing techniques, and its state model. 

Multiplexed Application Substrate over QUIC Encryption (MASQUE): The MASQUE work aims to provide a framework that allows concurrently running multiple proxied flows inside a QUIC connection. With the QUICv1 protocol specification maturing, this BOF will discuss the possibility of leveraging QUIC’s properties (including secure connectivity, multiplexed streams, and connection migration) for tunneling. 

Privacy Pass (PRIVACYPASS): The objective of the Privacy Pass effort is to standardize a performant mechanism for providing privacy-preserving attestation of a previous successful authorization between a human and a server. The idea is to support use cases where it may be necessary to check that a client has been previously authorized by a service without learning any other information. Such lightweight authorization mechanisms can be useful in quickly assessing the reputation of a client in latency-sensitive communication. 

Transactional Authorization (TXAUTH): This BOF follows up from a non-working-group-forming BOF at IETF 106. This group is aiming to develop a fine-grained delegation protocol for authorization, identity, and API access. It aims to expand upon the uses cases currently supported by OAuth 2.0 and OpenID Connect to support authorizations scoped as narrowly as a single transaction, provide a clear framework for interaction among all parties involved in the protocol flow, and remove unnecessary dependence on a browser or user-agent for coordinating interactions. 

The IESG received one additional BOF request, Application-Aware Networking (APN), which was not approved for scheduling. Based on numerous IETF discussions in recent years about similar mechanisms for applications to signal information to the network, we felt that the proposal needs to have a better scope definition, needs to articulate the privacy properties of the solution proposed, and needs to address questions about deployment incentives and authentication that have hindered past proposals from advancing to standardization. Components of the APN work are expected to be discussed in existing working groups.

In addition to the BOF sessions, there will be as many as four new working groups—Adaptive DNS Discovery (ADD), Drone Remote ID Protocol (DRIP), WebTransport (WEBTRANS), and Web Packaging (WPACK)—meeting for the first time at IETF 107, plus our ongoing working groups. The meeting is shaping up to host a great mix of sessions about new and existing work.