**Session Date/Time:** 16 Mar 2025 11:00

# Hot RFC Lightning Talks

## Summary

This session featured a series of lightning talks on various hot topics of interest to the IETF community, including DNS for identity, confidential computing, AI network security, LLM-assisted network management, source buffer management, object-based media, zero-trust network access, confidential computing limitations, diagramming RFCs, and trust contexts in attested TLS environments. The speakers presented their work, identified challenges, and sought collaboration with other experts.

## Key Discussion Points

*   **DNS for Identity (Philip Hallam-Baker):**
    *   Proposed using DNS service discovery and OAuth 2 for identity management.
    *   Suggested that DNS can scale for identity purposes, despite previous concerns.
    *   Mentioned a draft "Helen Baker any" and a prototype website mplace2.social using this technology.
*   **Leaky Computing and Confidential Computing (Manu Fontaine):**
    *   Discussed the problem of information leakage with non-cryptographic identifiers.
    *   Proposed STEM identifiers (random 256-bit identifiers/symmetric keys) for process-level information isolation.
    *   Presented a side meeting on Tuesday to discuss the universal name system and Universal Certificate Authority (UCA).
*   **Enabling Data Security Processing for AI (Lonely):**
    *   Highlighted the need for data processing security in AI-driven telecom networks.
    *   Introduced homomorphic encryption as a potential solution for privacy-preserving AI inference and training.
    *   Announced a side meeting on Tuesday to discuss trust and privacy issues in data usage and processing for AI.
*   **LLM Assisted Network Management with Human Loop (Ming Zheing):**
    *   Presented a draft on using Large Language Models (LLMs) for network management while keeping a human operator in the loop.
    *   Described a framework with components including telemetry models and large decision models, including configuration validation and access control modules.
    *   Sought collaborators for developing this framework.
*   **Source Buffer Management (Dan):**
    *   Explained the problem of excessive source buffering causing latency issues.
    *   Proposed a TCP "not sent low watermark" socket option to minimize excess buffering.
    *   Highlighted the importance of fixing source buffer bloat to achieve low latency and responsive performance.
    *   Reference to a draft and mailing list (spm@ietf.org).
*   **Object-Based Media (Dan):**
    *   Discussed moving away from linear distribution of television to object-based media.
    *   Identified scaling challenges for serving object-based media to hundreds of thousands of users.
    *   Exploring Computer-Aware Traffic Steering (CAPS) and application content above it, as well as video media distribution protocols such as Quick.
    *   Sought collaboration with operators working on similar projects.
*   **Zero Trust Network Access for Network Clouds (Wadashih):**
    *   Presented a draft on zero-trust network access for interfaces between cloud and network in telecom clouds.
    *   Proposed integrating zero-trust principles with a YANG data model.
    *   Mentioned a side meeting on Wednesday morning to discuss use cases and applications.
*   **Confidential Computing Limitations (Osama):**
    *   Critiqued confidential computing, claiming attestation key exfiltration breaks the entire security model.
    *   Questioned how the identity and long-term key get into the VM.
    *   Sought collaborators in TLS, remote attestation, formal methods, and confidential computing.
    *   Several side meetings were proposed to discuss the identified attacks and formalization of the results.
*   **Diagramming RFCs (name unclear):**
    *   Raised the issue of understanding RFCs and their impact across different layers.
    *   Proposed a framework for diagramming documents to better understand their relationships to the overall infrastructure stack.
    *   Sought collaborators to discuss the concept and potential solutions.
*   **Exploring Trust Contexts in Attested TLS Environments (Pavel Nikonorov):**
    *   Discussed trust models and assessment of trustworthiness in confidential workloads.
    *   Proposed a trust anchor specification or a registry for audited software and configuration files.
    *   Seeks collaborators that have knowledge in formal security analysis, trust models and relevant specification.

## Decisions and Action Items

*   **Action Item:** Attendees interested in specific topics (DNS for identity, confidential computing, AI network security, LLM-assisted network management, source buffer management, object-based media, zero-trust network access, diagramming RFCs, and trust contexts in attested TLS environments) should contact the speakers directly to collaborate.
*   **Action Item:** Attendees were encouraged to review the slides available on the Datatracker.

## Next Steps

*   Attendees should attend the side meetings mentioned by the speakers to further discuss the topics.
*   Follow-up discussions may occur on the mailing lists provided (e.g., spm@ietf.org for source buffer management).
*   Independent submissions and working group adoption may be considered based on community interest.