IRC log of web-networks on 2022-09-13

Timestamps are in UTC.

13:57:11 [RRSAgent]
RRSAgent has joined #web-networks
13:57:11 [RRSAgent]
logging to
13:57:13 [Zakim]
Zakim has joined #web-networks
13:57:39 [dom]
Meeting: Web & Networks TPAC F2F
13:58:05 [dom]
13:58:21 [dom]
agenda+ Web & Networks IG introduction
13:58:29 [dom]
agenda+ Web & Networks IG introduction
13:58:36 [dom]
agenda+ Client-Edge-Cloud coordination Use Cases and Requirements
13:59:28 [dom]
Present+ DanD, CHrisN, EricS, Dom, SUdeep, MichaelMcCool, Song, LiLin, HuaqiSHan, SOngXu, EricMwobobia, Dapeng
13:59:39 [McCool]
McCool has joined #web-networks
13:59:47 [dom]
RRSAgent, make log public
13:59:52 [cpn]
cpn has joined #web-networks
14:00:01 [Eric]
Eric has joined #web-networks
14:00:43 [dom]
Present+ Kunihiko, DingWei
14:00:56 [dom]
Present+ JakeHolland
14:01:03 [McCool]
present+ McCool
14:02:19 [dom]
Present+ DavidEzell
14:02:44 [Eric]
14:03:22 [dom]
14:03:46 [dom]
Zakim, next item
14:03:46 [Zakim]
agendum 1 -- Web & Networks IG introduction -- taken up [from dom]
14:04:17 [dom]
DanD: Song from China Mobile, Sudeep from INtel and I (from AT&T) are co-chairs of Web & Networks IG
14:04:22 [dom]
... Dom is our staff contact
14:04:26 [Louay]
Louay has joined #web-networks
14:04:34 [Louay]
Present+ Louay_Bassbouss
14:04:53 [dom]
Present+ LouayBassbouss, PiersO'Hanlon, LarryZhao, LukeWagner
14:05:06 [Larry_Zhao]
Larry_Zhao has joined #web-networks
14:05:16 [dom]
[slide 1]
14:05:21 [cpn]
present+ Chris_Needham
14:05:30 [jholland]
jholland has joined #web-networks
14:05:34 [ktoumura]
ktoumura has joined #web-networks
14:05:37 [Piers_O_Hanlon]
Piers_O_Hanlon has joined #web-networks
14:05:42 [motokim]
motokim has joined #web-networks
14:05:42 [dom]
DanD: our agenda today will cover an overview of our group's work and progress
14:05:45 [Max__Liu]
Max__Liu has joined #web-networks
14:05:47 [dezell]
dezell has joined #web-networks
14:05:53 [dom]
... hopefully useful starting point for later reading
14:06:00 [dezell]
present+ David_Ezell
14:06:05 [dom]
... next we'll dive into Edge Use Cases & Requirements
14:06:11 [dom]
... followed by an open discussion
14:06:25 [dom]
Zakim, next item
14:06:25 [Zakim]
agendum 2 -- Web & Networks IG introduction -- taken up [from dom]
14:06:39 [dom]
[slide 4]
14:07:31 [Dingwei]
Dingwei has joined #web-networks
14:08:59 [dom]
[slide 5]
14:09:51 [dom]
[slide 6]
14:11:08 [sudeep]
present+ Sudeep
14:11:29 [dom]
[slide 7)
14:12:36 [dom]
RRSAgent, draft minutes
14:12:36 [RRSAgent]
I have made the request to generate dom
14:12:50 [dom]
[slide 8]
14:13:13 [sudeep]
Link to WNIG Wiki:
14:14:09 [dom]
i/[slide 1]/Slideset:
14:14:14 [dom]
[slide 9]
14:14:17 [dom]
RRSAgent, draft minutes
14:14:17 [RRSAgent]
I have made the request to generate dom
14:15:36 [dom]
[slide 10]
14:16:27 [dom]
Jake: breakout scheduled tomorrow on multicast, with focus on security discussions
14:17:13 [dom]
[slide 11]
14:17:15 [dom]
[slide 12]
14:17:26 [jholland]
tomorrow's multicast breakout:
14:17:37 [dom]
14:17:42 [dom]
RRSAgent, draft minutes
14:17:42 [RRSAgent]
I have made the request to generate dom
14:18:19 [dom]
Michael: we're mostly focused on edge offload
14:19:02 [dom]
... maybe this should expand to split browser, but that's not part of what we've doing so far
14:19:27 [dom]
Present+ ZoltanKis, YanZ, MotokiMizusako
14:25:51 [dom]
Zakim, next item
14:25:51 [Zakim]
agendum 3 -- Client-Edge-Cloud coordination Use Cases and Requirements -- taken up [from dom]
14:26:56 [dom]
14:27:03 [dom]
[slide 1]
14:27:03 [dom]
[slide 2]
14:27:06 [dom]
[slide 3]
14:27:37 [dom]
Michael: our 13 use cases could still be improved from a categorization perspective
14:28:03 [dom]
[slide 4]
14:28:27 [dom]
Michael: some of the main drivers for edge computing are latency and privacy
14:29:06 [dom]
... e.g. in AR, tracking the environment and overlaying information on the environment needs to happen with very low latency
14:29:27 [dom]
... cloud is ~10x slower to reach than an edge node
14:30:40 [dom]
... using edge computing is applicable both for webapps and IoT - I'm also a co-chair of the Web oF things WG
14:31:00 [dom]
[slide 5]
14:31:29 [dom]
Michael: what kind of businesses & users will be using these systems, with what kind of needs & priorities
14:31:41 [dom]
... what are their business models and why would they do this?
14:31:54 [dom]
... we will cross-reference these stakeholders with our use cases
14:31:57 [dom]
[slide 6]
14:32:01 [dom]
RRSAgent, draft minutes
14:32:01 [RRSAgent]
I have made the request to generate dom
14:32:11 [dom]
... these requirements derive from our use cases
14:32:35 [dom]
... a common requirement is improved performance
14:33:12 [dom]
... some of the requirements are up for negotiation
14:33:25 [dom]
... compatibility with existing APIs vs building a new one
14:34:26 [dom]
[slide 7]
14:35:18 [dom]
Michael: 2 proposals: one focused on seamless code sharing baed on WASM, benefitting from the JS/WASM sandbox
14:35:43 [dom]
... the other is distributed worker, extending the existing threading model in browsers based on Workers
14:36:01 [dom]
... the comm model they use could be extended to instantiate a worker on a remote machine
14:36:33 [dom]
... Web of Things has ongoing work on discovery that could be used for compute utility discovery
14:37:10 [dom]
... Both of these are extended the web model beyond client & server, to a distributed model, some of the resources being location sensitive
14:37:48 [Max__Liu]
14:37:49 [dom]
[slide 8]
14:37:49 [dom]
DavidE: what is WASM?
14:37:50 [Max__Liu]
14:38:27 [dom]
Michael: WebAssembly provides a binary representation of machine bytecode, that operates in sandboxed runtime with near native performance
14:38:31 [dom]
... similar to LLVM
14:38:43 [dom]
14:38:53 [dom]
ack Max__Liu
14:39:16 [dom]
Max: detailed use cases are available in the document
14:39:57 [dom]
-> Client-Edge-Cloud coordination Use Cases and Requirements
14:40:42 [cpn]
14:40:43 [DanD]
DanD has joined #web-networks
14:40:43 [dom]
Max: I also want to mention that we've been focused on use cases & requirements, with only high level initial proposals for solutions
14:40:56 [dom]
... the purpose is to gather enough interest for this work
14:41:39 [dom]
Michael: we're trying to establish feasability and the potential path to standardization
14:41:47 [DanD]
14:41:55 [dom]
... we need to prioritize requirements (essential vs nice to have)
14:42:04 [dom]
14:42:23 [DanD]
14:42:48 [dom]
q+ DanD
14:42:50 [dom]
ack cpn
14:43:06 [dom]
CPN: you mentioned extending a worker to offload compute
14:43:29 [dom]
... are there solutions out there that could inform what kind of standardization would be helpful?
14:43:49 [dom]
Michael: Akamai has EdgeWorkers; Fastly runs WASM on the edge
14:44:21 [dom]
... but they're not using standardized interfaces so can't be deployed seamlessly by developers without adapting to each CDN providers
14:44:38 [dom]
chris: could this be captured in the document?
14:45:12 [dom]
Michael: that's what we would want to achieve by cross-referencing stakeholders with use cases / requirements
14:46:03 [dom]
14:46:27 [dom]
Chris: I'm not necessarily suggesting to capture in the document, but it's useful information to gather
14:46:40 [dom]
ack DanD
14:47:07 [dom]
DanD: thanks for putting this together, and it helps consolidating the many ideas that have been floating around
14:47:26 [dom]
... the trust model with the edge computing for the Web is a very critical aspect
14:47:52 [dom]
... things that are in a given administrative domain has a well-defined trust boundary compared to a fully open web setup
14:48:13 [dom]
... CDNs typically represent content providers, they're an extension of content providers
14:48:25 [dom]
... what would be the relationship between the ISP and the content provider?
14:48:53 [dom]
... it's not just technical solutions, this needs to be grounded reality
14:49:09 [dom]
Michael: does the end user trust the edge computer? does the edge provider trust the code it is running?
14:49:34 [dom]
... a threat could be drive-by mining that would steal my computing resources
14:49:58 [dom]
... Sandboxing helps with running untrusted code
14:50:15 [dom]
... harder to protect the code from the platform - probably best addressed by a social solution
14:50:24 [Max__Liu]
14:50:36 [dezell]
q+ to talk about sandboxing
14:51:35 [dom]
Michael: this could be dealt with in a way similar to permissions e.g. to access camera
14:52:13 [dom]
DanD: there is also the possibility to extend the same origin policy as long as the edge is seen as an extension to the server
14:52:21 [dom]
... it's all about who has a relationship with whom
14:52:39 [dom]
... it's not just the trust, it's also about not abusing the resource
14:53:06 [dom]
Michael: CORS is designed for developers to delegate access to another developer
14:53:46 [dom]
Present+ Jeff
14:54:04 [dom]
14:54:07 [dom]
ack dom
14:54:20 [cpn]
scribe+ cpn
14:55:02 [cpn]
Dom: Delegating to the edge, question about trust, when you're using edge resources, the content provider is paying. If it's under user control, does the user pay?
14:55:27 [cpn]
... Are there business models that enable that? We should clarify how the computing delegation would work in practice, don't know if there are examples today
14:55:32 [dom]
michael: it enables new business models
14:55:58 [dom]
... today the content provider pays a CDN for edge resources
14:56:12 [dom]
... if that moves to the user, it could be bundled into an ISP plan
14:56:28 [jholland]
14:56:58 [DanD]
14:57:11 [dom]
ack Max
14:57:36 [dom]
Max: regarding the trust model, it's already covered a bit - it varies across use cases, with different business models
14:57:55 [dom]
... there are existing B2B models for cloud->edge
14:58:11 [dom]
... the service provider pays the fee to the edge computing provider
14:58:45 [dom]
... we should consider the same origin policy of the web architecture
14:58:53 [dom]
... for consitency
14:58:57 [dom]
ack dezell
14:58:57 [Zakim]
dezell, you wanted to talk about sandboxing
14:59:32 [jeff]
jeff has joined #web-networks
14:59:33 [dom]
David: re sandboxing - how much thoughts have been put into keybox / software validation?
15:00:09 [dom]
... PCI regulations enforced rules in terms of private key generation and management
15:01:04 [dom]
... how do you prevent a user asked to do something that might be appropriate?
15:01:36 [dom]
... very hard questions to consider
15:01:42 [dom]
15:01:42 [McCool]
15:02:02 [dom]
jholland: the developer-controlled vs user-controlled models
15:02:21 [dom]
... they're very different use cases with very different control surfaces, different trust model and sandboxing constraints
15:02:30 [dom]
... there may be some similar aspects
15:02:46 [dom]
... but they should be approached as different APIs that might be able to share a component
15:02:54 [dom]
ack jholland
15:03:13 [dom]
ack DanD
15:03:39 [dom]
DanD: my suggestion for Michael & Max: we went through use cases and requirements
15:03:58 [dom]
... there may be an opportunity to look at the different offloading models (developer centric vs user centric)
15:04:08 [dom]
... the different realms of controls (enterprise vs user)
15:04:12 [McCool]
15:04:13 [McCool]
15:04:19 [dom]
... I think it would be worth digging more into these questions
15:04:21 [dom]
ack McCool
15:04:33 [Max__Liu]
15:04:51 [dom]
McCool: re user vs dev - a user could be an enterprise wanting to do sensitive work on their premises or using their own machine
15:05:04 [dom]
... e.g. Web Apps doing video processing
15:05:17 [dom]
... Establishing the right trust model is key
15:05:42 [dom]
Jake: I would suggest an enterprise capability could operate under a developer centric model, vs a home user
15:06:21 [dom]
McCool: we should add discussion of this topic in the doc
15:06:33 [dom]
... there are similar components around workload packaging, sandboxing
15:06:37 [sudeep]
15:07:02 [dom]
ack Max
15:07:12 [dom]
Max__Liu: +1 to Dan's suggestion
15:07:26 [dom]
... we'll put more analysis on this topic in the document
15:07:44 [dom]
ack sudeep
15:08:01 [dom]
sudeep: the sandboxing and trust models sounds like important topics
15:08:29 [McCool]
15:08:42 [dom]
... we have the <script> tag that allows to run JS - could it be extended to allow the user to establish trust with the edge node?
15:08:51 [dom]
ack McCool
15:09:19 [dom]
McCool: the value of Worker is that they operate in a different thread/memory space, which isn't the case of the <script> tag
15:09:28 [dom]
RRSAgent, draft minutes
15:09:28 [RRSAgent]
I have made the request to generate dom
15:09:55 [Piers_O_Hanlon]
15:10:21 [dom]
ack Piers_O_Hanlon
15:10:29 [dom]
q+ Piers_O_Hanlon
15:11:07 [dom]
Yan: re security model, a user centric trust model is key to forward looking standards
15:11:21 [dom]
McCool: SOLID is also an interesting approach to manage private data
15:11:38 [dom]
... managing keys in the LAN doesn't work well with browsers
15:12:23 [dom]
Yan: I'm also involved in the VC & DID WGs which could help
15:12:26 [dom]
acl Piers_O_Hanlon
15:12:39 [dom]
Piers_O_Hanlon: could be useful to distinguish the user data from the code
15:12:51 [dom]
... privacy around the data that is being processed vs the code that is doing the processing
15:12:58 [McCool]
15:13:09 [dom]
... one can secure the code or use sub-resource-integrity to ensure it hasn't been tampered with
15:13:18 [dom]
... the data flows then get processed by that
15:13:39 [dom]
... homomorphic encryption might provide a useful way to protect the data from the edge
15:13:44 [dom]
ack Piers_O_Hanlon
15:14:03 [Karen]
Karen has joined #web-networks
15:14:08 [dom]
Yan: we use a trust zone to run the code
15:14:20 [dom]
... for the data, we use VC to preserve the privacy of data itself
15:14:24 [dom]
ack McCool
15:14:37 [dom]
McCool: separating data and code fits well with stateless computing models
15:15:02 [dom]
... with the sandbox, we could control the connections the code can make to avoid it to send the data to any other endpoint
15:15:34 [dom]
Piers_O_Hanlon: users may have their credentials used by the edge to accomplish tasks on their behalef
15:15:37 [dom]
15:15:37 [DanD]
15:18:14 [McCool]
15:18:43 [dom]
McCool: homomorphic processing is probably not ideal if you're looking at performance as a goal
15:18:56 [dom]
RRSAgent, draft minutes
15:18:56 [RRSAgent]
I have made the request to generate dom
15:19:17 [dom]
McCool: next step includes discussing the aspects that were raised today around security / trust
15:19:58 [dom]
DanD: there is also an opportunity to look at the gap analysis
15:20:26 [dom]
... are the standards identified going to fulfill the needs? or what will it take to make them so?
15:20:32 [dom]
... incl WASM, CORS
15:20:51 [dom]
... How can we extend the dialogue? DO we need dedicated calls to help make progress?
15:21:04 [jeff]
q+ to comment on next steps
15:21:11 [dom]
... does it have the elevated visibility an activity on its own?
15:21:13 [McCool]
15:21:15 [dom]
ack DanD
15:21:17 [dom]
ack jeff
15:21:17 [Zakim]
jeff, you wanted to comment on next steps
15:21:18 [Max__Liu]
15:21:27 [dom]
RRSAgent, draft minutes
15:21:27 [RRSAgent]
I have made the request to generate dom
15:21:54 [dom]
Jeff: looking at the current editors draft of the use cases doc, it's already a pretty impressive document
15:22:14 [dom]
... on the balance of making it even better or moving forward with the gap analysis and addressing it
15:22:29 [dom]
... the weight of the effort needs to shift towards resolving the gap
15:22:37 [dom]
... this may require cross-meeting with other groups
15:23:02 [dom]
... figure who should address the gaps and how we ensure progress
15:23:06 [dom]
... possibly with a new CG
15:23:19 [dom]
McCool: we need to get more stakeholders at the table
15:23:31 [dom]
... what can we do to increase engagement?
15:23:44 [dom]
ack McCool
15:23:46 [dom]
ack Max__Liu
15:24:02 [jeff]
q+ to support Michael's idea about stakeholders
15:24:06 [dom]
Max__Liu: we probably need a CG, a dedicated way to focus on how to move forward
15:24:31 [dom]
... I personally think that before we go to a WG, we can prepare a charter
15:24:40 [McCool]
15:24:48 [dom]
... or a CG that focuses on the topic, which could be more open to non-W3C members and open source projects
15:25:02 [dom]
... helps with greater engagement
15:25:28 [dom]
... key is pushing progress on the work coordination more than on the draft
15:25:29 [dom]
ack jeff
15:25:29 [Zakim]
jeff, you wanted to support Michael's idea about stakeholders
15:26:11 [dom]
jeff: before reaching out to more stakeholders, we need greater clarity on the next steps (incubation vs WG vs existing groups)
15:26:55 [dom]
... in terms of stakeholders, there is a long list of stakeholders that used to be but are no longer W3C members that came in the Mobile Initiative days
15:27:00 [Max__Liu]
15:27:21 [dom]
... we should reach out to them as we're making progress in deploying our action plan
15:27:36 [dom]
ack McCool
15:27:46 [dom]
McCool: +1 to outreach
15:28:00 [dom]
... re CG vs WG - we can't have a WG until we know exactly what deliverables we need
15:28:15 [dom]
... a CG or an IG focused on doing that would be a useful next step
15:28:23 [dom]
jeff: we already have the IG
15:28:37 [dom]
McCool: but the name of the IG doesn't scream "edge computing"
15:28:45 [Max__Liu]
15:28:55 [dom]
DanD: two different things we're talking: making the story crisper (with doc improvements)
15:29:08 [dom]
... and gathering input & support, administrative stuff
15:29:13 [dom]
... they can be done in parallel
15:29:17 [Max__Liu]
15:29:30 [dom]
... If we need an edge IG, or a CG
15:29:53 [dom]
... we still need to improve the gap analysis in terms of what other groups need to provide & support
15:30:22 [dom]
... figure out the incentives for the stakeholders
15:30:37 [dom]
... we talked about organizing some sort of the workshop to help moving forward
15:31:03 [dom]
Max: a CG being more open is helpful compared to an IG
15:31:24 [dom]
... we can also have a liaison with the IG to report back what would happen in the CG
15:31:33 [dom]
... the CG could have more frequrent teleconferences
15:31:39 [McCool]
15:31:41 [dom]
15:31:46 [dom]
ack Max__Liu
15:33:22 [dom]
DanD: Thanks again for showing up and for the very fruitful discussions
15:33:36 [dom]
RRSAgent, draft minutes
15:33:36 [RRSAgent]
I have made the request to generate dom
15:35:21 [ktoumura]
ktoumura has left #web-networks
15:52:02 [dom]
dom has joined #web-networks
16:04:52 [Karen]
Karen has joined #web-networks
16:12:04 [jeff]
jeff has joined #web-networks
16:16:33 [jeff]
jeff has left #web-networks
16:18:32 [Karen]
Karen has joined #web-networks
16:49:49 [dcaro]
dcaro has joined #web-networks
17:59:10 [Karen]
Karen has joined #web-networks
18:42:08 [hyojin]
hyojin has left #web-networks
18:49:33 [Karen]
Karen has joined #web-networks
19:00:16 [Karen]
Karen has joined #web-networks