¶ IETF 122 Hackathon
The Internet Engineering Task Force (IETF) is holding a hackathon to encourage developers and subject matter experts to discuss, collaborate, and develop utilities, ideas, sample code, and solutions that show practical implementations of IETF standards.
When: 15 - 16 March 2025 (Saturday - Sunday)
Where: Marriott Marquis Queen's Park
Room: Sala Thai Ballroom
Sign up for the Hackathon
View the list of registered:
Keep up to date by subscribing to the IETF Hackathon email list.
The IETF Hackathon is free to attend and is open to everyone. It is a collaborative event, not a competition. Any competition is friendly and in the spirit of advancing the pace and relevance of new and evolving internet standards.
¶ Agenda
Subject to Change
Hackathon (all times are GMT+7)
¶ Saturday, 15 March
- 09:30 : Room open for setup by project champions
- 10:00 : Room open for all - pastries and coffee provided
- 10:30 : Hackathon kickoff
- 10:45 : Form teams, see Team Schedule
- 12:30 : Lunch provided
- 15:30 : Afternoon break - snacks provided
- 18:30 : Dinner provided
- 20:30 : Room closes
¶ Sunday, 16 March
- 09:30 : Room opens - pastries and coffee provided
- 12:30 : Lunch provided
- 13:30 : Hacking stops, prepare brief presentation of project
- 14:00 : Project results presentations
- 16:00 : Hackathon ends
- 17:00 : Tear down complete
Related activities before and after the Hackathon weekend
¶ Hackdemo Happy Hour
- Share your Hackathon project with the IETF community
- Monday, 17 March, Time: 18:30 - 19:30, Room: 5th floor foyer
- View the schedule or reserve space for your team/project
- Reservations for space must be made by 13:00, Monday 17 March
¶ Shared Workspace
- Space for groups to gather and collaborate on running code
- Monday - Friday, 17 - 21 March, Room: Pavillions 1-2
- View the schedule or reserve space for your team/project
NOTE: You will need an IETF Datatracker account to login to the Hackathon Meetecho sessions.
When you register for the IETF Hackathon, you are sent a separate email to create an IETF Datatracker account if you don't already have one.
If you already have an IETF Datatracker account, please ensure that the email address with which you registered is associated with your Datatracker account.
If you received the email but the link to create an account has expired, please see the instructions below:
- Go to https://datatracker.ietf.org/accounts/create/
- Select "New Account" from the User menu at the top
- Enter the email address that you registered with for the Hackathon
- Follow the instructions in the email you receive
¶ Presentation and Meeting Materials
- You can share the code you're working on through the IETF Hackathon GitHub, or via the links provided in the project descriptions below.
- Request to be added to IETF GitHub organization by sending your GitHub ID to (hackathon-chairs@ietf.org).
- Hackathon project result presentations should be uploaded to Datatracker under the specific session Hackathon Results Presentations at 14:00-16:00.
- To upload your presentation, you must have a Datatracker account and be logged in.
- The Hackathon Results presentations from Sunday, 14:00-16:00, are available on Datatracker:
¶ Participant Preparation and Prerequisites
¶ Project Teams and Champions
- Champions are the leads for individual projects in the Hackathon
- Champions are individuals familiar with a given technology who volunteer to help get others get up and running with that technology
- Before the Hackathon, champions should:
- Add information about your project to the list of Projects included in Hackathon
- Recruit participants from associated working groups, open source projects, etc. Announcing your projects via an email to (hackathon@ietf.org) can be helpful as well.
- Specify when and how the project team will meet on the Team Schedule
- At the Hackathon, champions should:
- Make themselves available to answer questions and help others
- Hack on things themselves in their copious free time
- Additional projects are welcome at any time. For any questions, contact the chairs at (hackathon-chairs@ietf.org)
¶ Choosing a Project
- Champions post and lead projects
- Details on each project and links to additional information for each project are in the list of Projects included in Hackathon
- How and when teams meet during the week is up to them and can be found in the Team Schedule.
- Familiarity with technology area(s) in which you plan to participate will certainly help
- It is perfectly fine, even encouraged, to work on multiple projects
¶ Lost & Found
- Participants looking for a team and champions wanting help on their projects are encouraged to visit the Lost & Found.
¶ Development Environment
- Bring a laptop on which you are comfortable developing software
- Some projects may require installing additional software or make use of VMs or containers
- Installing and becoming familiar with !VirtualBox, Vagrant, Docker or something similar may be helpful
- Specific coding languages are called out by some projects (e.g. Python, Go, Java, C++), but this is heavily dependent on the project(s) you choose
¶ Sharing Code
- Git/GitHub is commonly used for open source projects. Familiarizing yourself with it is recommended.
- An online tutorial is available here: Git Tutorial
- The IETF Hackathon GitHub organisation is used by some of the Hackathon projects to host their repositories.
- If you would like to have your project/code hosted here, send your GitHub ID and the name of your project via email to (hackathon-chairs@ietf.org)
¶ Project Presentations
- All teams have the opportunity to present what they did at the end of the Hackathon.
- Hackathon project result presentations should be uploaded to Datatracker under the specific session Hackathon Results Presentations at 14:00-16:00.
- To upload your presentation, you must have a Datatracker account and be logged in.
- DO NOT WAIT until just before the start of the Hackathon project presentations to upload your presentation, as it may be lost in the chaos.
¶ Network
Access to the IETF network
The NOC team has an ongoing experiment that allows you to join the IETF network remotely as well as at an IETF meeting venue.
Requests for networking capabilities beyond wireless access to the IETF network (e.g., wired ports, L2 access, prefix delegation) can be sent to support@ietf.org.
All requests are addressed on a best effort basis. Advance notice is appreciated and improves the odds of your request being fulfilled.
¶ Webex sessions for teams
Champions can request a Webex account they can use to schedule meetings for their team. These are similar to the Webex accounts allocated to working group chairs to be used for virtual interim meetings. An account can be requested by a team champion at any time. Accounts will remain active and available for the duration of the IETF meeting. Request your account HERE. In the request form, you can use your project name where it asks for "Working Group Name" ("Hackathon Project Name").
¶ Ongoing Communication
In addition to registering for the Hackathon and subscribing to the Hackathon list. It is recommended to monitor both the Hackathon wiki and the list as the Hackathon approaches, determine which project(s) are of interest to you, and reach out to the champions of those projects to determine how best to be involved and coordinate with the rest of the team working on each project.
Champions are welcome and encouraged to list times and mechanisms for collaborating with their team in the Team Schedule. Participants can use this page to determine how and when to reach other team members.
The Hackathon kickoff and the project results presentations can be joined via Meetecho. The Hackathon Zulip stream may be used for general and project specific communication.
¶ IPR and Code Contribution Guideline
All Hackathon participants are free to work on any code. The rules regarding that code are what each open source project and each participant's organization says they are. The code itself is not an IETF Contribution. However, discussions, presentations, demos, etc., during the Hackathon are IETF Contributions (similar to Contributions made in working group meetings). Thus, the usual IETF policies apply to these Contributions, including copyright, license, and IPR disclosure rules.
¶ Projects Included in Hackathon
- Note, all projects are open to everyone. However, some champions have identified their projects as being particularly good for those who are new to the IETF or new to the Hackathon. These projects are marked with a star, i.e. *. If you are championing a project that is great for newcomers, please add a * at the end of your project name.
¶ Evaluating the Performance of Different DNS Server Software Implementations with PDM using AIORI IMN measurement platform
-
Champions
- Anand Raje anand@iifon.org
- Arnav Das arnav.das@iifon.net
- Aindri Mukherjee aindri.mukherjee@iifon.net
- Debayan Mukherjee debayan.mukherjee@iifon.net
- Dipankar Basu dipankar.basu@gnit.ac.in
- Aditya Ghosh ghoshswati70@gmail.com
- Debarghya Bhattacharyya topraven5150@gmail.com
- Raja Karmakar raja.karmakar@heritageit.edu
- Nabhonil Bhattacharjee nabhonilbhattacharjee@gmail.com
- Sampurna Pyne sampurna.pyne.iotcs27@heritageit.edu.in
-
Project Info
- Network measurements conducted through the internet measurement network by deploying the PDM Protocol.
- PDM-aware Internet Measurement Network: Enhancing AIORI-IMN with PDM-aware measurements to improve data collection capabilities.
- Utilizing AIORI-IMN to evaluate the performance of various DNS server implementations.
-
Related documents
-
IPv6 Performance and Diagnostic Metrics (PDM) Destination Option, https://datatracker.ietf.org/doc/rfc8250
¶ Identity Crisis in Attested TLS for Confidential Computing
-
Champions
- Muhammad Usama Sardar (muhammad_usama.sardar at tu-dresden.de)
-
Project Info
- 3 main ways to combine attestation in TLS:
- Pre-handshake attestation (Paper)
- Intra-handshake attestation (Internet draft)
- Post-handshake attestation (Internet draft and Sec. 4 in this paper)
- Hackathon plan
- Discuss the nits of identity crisis
- Discuss possible solutions
- Discuss open issues
- What is the "long-term identity" of the CC workload? How is "long-term identity" assigned to the CC workload? Which entity supplies this "long-term identity"? How is that Identity Supplier trusted?
- How is CA-certified Long-Term Key (LTK) injected in the Confidential Computing workload in the first place?
- We aim to seek collaborators (knowledgeable about at least one of the following: TLS, remote attestation, formal methods or confidential computing) who will join us in this project. We also welcome reviewers who can give us feedback on the draft. If you are interested, please contact by email.
- Tool for formal analysis: We currently use ProVerif but other tools are very welcome.
- 3 main ways to combine attestation in TLS:
-
Background on Attestation
-
Background on Attested TLS
¶ IOAM Direct Exporting (DEX)
- Champions
- Justin Iurman (justin dot iurman at uliege dot be)
- Maxime Goffart (maxime dot goffart at uliege dot be)
- Project Info
- Validation of the Linux kernel implementation
- Validation of a custom user-space IPFIX exporter (based on kernel implem)
- VPP implementation
- Interoperability testing
- New draft on IOAM IPFIX export
- Related documents
¶ Validate Configured Subscription YANG-Push Publisher Implementations
-
Champion(s)
Thomas Graf (thomas.graf @ swisscom.com)
Yannick Buchs (yannick.buchs @ swisscom.com)
Daniel Voyer (danvoyerwork @ gmail.com)
Holger Keller (holger.keller @ telekom.de)
Rob Wilton (rwilton @ cisco.com)
Benoit Claise (benoit.claise@huawei.com)
Qiufang Ma (maqiufang1 @ huawei.com)
Jérémie Leska (jeremie.leska @ 6wind.com)
Samuel Gauthier (samuel.gauthier @ 6wind.com) -
Draft Specifications
https://datatracker.ietf.org/doc/html/rfc8639
https://datatracker.ietf.org/doc/html/rfc8641
https://datatracker.ietf.org/doc/html/rfc9196
https://datatracker.ietf.org/doc/html/draft-netana-netconf-notif-envelope
https://datatracker.ietf.org/doc/html/draft-ietf-netconf-yang-notifications-versioning
https://datatracker.ietf.org/doc/html/draft-ietf-netconf-udp-notif
https://datatracker.ietf.org/doc/html/draft-ietf-netconf-distributed-notif
https://datatracker.ietf.org/doc/html/draft-netana-netconf-yp-transport-capabilities -
Project Info
Validates and verify 3 YANG-Push vendor implementations in the area of: -
Subscription automation
Discover YANG-Push systems and notifications capabilities and configure periodical and on-change subscriptions with netconf. -
Notification integration
Validate subscription state change and push-update and push-change-update notifications for draft-ietf-nmop-yang-message-broker-integration integration. -
Configured subscription transport integration
Validate draft-ietf-netconf-udp-notif and draft-ietf-netconf-distributed-notif packet format on the wire. -
Repository
https://github.com/network-analytics/ietf-network-analytics-document-status/tree/main/122/Hackathon
¶ PQC implementation in Open Source Software
-
Champions
Jaykishan Mutkawoa jay@cyberstorm.mu
Kavish Nadan kn@cyberstorm.mu
Loganaden Velvindron logan@cyberstorm.mu
Poshan Peeroo
Atish Jootun -
Project Info
Nmap & wireshark pending PRs for PQC.
zmap pending PRs for PQC.
GnuTLS pending PRs.
¶ Post-Quantum Cryptography (PQC) in X.509, Signatures, KEMs, CMS and protocols
-
Champion(s)
John Gray (john.gray@entrust.com)
Mike Ounsworth (mike.ounsworth@entrust.com)
Massimiliano Pala (massimiliano.pala@wellsfargo.com)
Julien Prat (julien.prat@cryptonext-security.com) -
Draft Specifications
https://datatracker.ietf.org/doc/draft-ietf-lamps-dilithium-certificates/
https://datatracker.ietf.org/doc/draft-ietf-lamps-kyber-certificates/
https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/
https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-kem/
https://datatracker.ietf.org/doc/rfc9629/
https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc4210bis/
https://datatracker.ietf.org/doc/draft-ietf-lamps-cert-binding-for-multi-auth/01/
https://www.ietf.org/id/draft-lamps-okubo-certdiscovery-00.html
https://datatracker.ietf.org/doc/draft-bonnell-lamps-chameleon-certs/
https://datatracker.ietf.org/doc/draft-gazdag-x509-hash-sigs/ -
Project Info
Test interoperability of Post Quantum algorithms in x.509 structures (Certificates, keys, CMS and other drafts). This project started in November 2022 and continues to evolve. We currently have some github automated actions to automaticlaly test submitted artifacts allowing implementations to get immedidate feedback on their compatibility. This allows us to test interoperability between different algorithm implementations, gain experience using these new algorithms, and provide feedback to the standards groups about practical usage.
A good starting place is our Github repository: https://github.com/IETF-Hackathon/pqc-certificates
For information on OIDs used to create interoperable structures, consult: https://github.com/IETF-Hackathon/pqc-certificates/blob/master/docs/oid_mapping.md
At IETF 122, we plan to add more automation, add interoperability testing for the private key formats (like ML-DSA and ML-KEM), and continue to update our implementations to support the FIPS 203, 204 and 205 algorithm standards. We are also looking for implementations of Composite Signatures, Composite KEM and other PQ transition mechanisms that are being standardized.
There is also interest in setup and testing the use of hybrid certificates for the TLSv1.3 protocol. The goal of the experiment is to explore different options for efficient use of hybrid certificates' and their multiple signature keys in the TLS protocol. We are looking for collaborations and ideas that can be then brought forward within the IETF and other standardization bodies (e.g., X9, ISO, etc.).
¶ Identifier Locator Network Protocol (ILNP)
-
Champions
- Saleem Bhatti saleem@st-andrews.ac.uk
- Rodney Grimes rgrimes@freebsd.org
- Alistair Woodman awoodman@netdef.org
-
Project Info
- https://ilnp.cs.st-andrews.ac.uk
- RFCs 6740(E) - 6748(E)
- The basic approach to this is to deprecate the concept of an IP Address and replace it with addressing using a separate Locator and Identifier values, a pairing of which forms an Identifier-Locator Vector (ILV). Although the architectural concept is independent of any particular network protocol, our ongoing research demonstration is based on realising ILNP on IPv6.
¶ Verifiable Routing Origins via AS Cooperations (VRO)
-
Champions
- Qi Li liq23@mail.zgclab.edu.cn (Remote)
- Shenglin Jiang jiangshl@zgclab.edu.cn (Onsite)
- Ke Xu xuke@csnet1.cs.tsinghua.edu.cn
- Zhuotao Liu zhuotaoliu@tsinghua.edu.cn
- Li Qi qli01@tsinghua.edu.cn
-
Project Info
The Internet faces significant challenges related to legitimate MOAS (Multiple-Origin Autonomous System) conflicts and route origin hijacking, which often exhibit similar patterns. VRO addresses these issues through a decentralized cooperative system among ASes (Autonomous Systems) to enhance routing security. -
Related documents
¶ Enhancing Inter-domain routing security with Forwarding Commitment-based BGP (FC-BGP)
- Champions
- Yangfei Guo guoyangfei@zgclab.edu.cn
- Project Info
- FC-BGP is a secure framework of inter-domain routing and forwarding security.
- The current goal of FC-BGP is to authenticate the AS_PATH attribute in the BGP UPDATE message.
- The final goal of FC-BGP is to build a secure inter-domain system that can simultaneously authenticate BGP route propagation in the control plane, validate network forwarding in the data plane, and secure both routing and forwarding.
- Specification:
- Codebase:
¶ On the Use of YANG Provenance Signatures
-
Champion(s)
Diego Lopez, diego.r.lopez@telefonica.com
Ignacio Dominguez, ignacio.dominguezmartinez@telefonica.com -
Reference Specification
https://datatracker.ietf.org/doc/draft-lopez-opsawg-yang-provenance/ -
Project Info
-
The YANG provenance development team is working on a set of microservice to demonstrate the proposal and explore its integration with otrher YANG solutions.
-
These microservices provide interfaces for the generation and verification of provenance signatures using XML and JSON serialization in the four enclosing methods described in the reference draft:
-
Provenance leaf in a YANG element
-
Provenance signature in NETCONF event notifications and YANG-Push notifications
-
Provenance as metadata in YANG instance data
-
Provenance in YANG Annotations
-
-
¶ BMWG - YANG model for management of Network Tester
- Champion(s)
- Vladimir Vassilev (vladimir@lightside-instruments.com)
- Project(s)
- Specifications
- Repositories
- Scripting - YANG/NETCONF benchmark orchestration code
- Software - YANG/NETCONF device side code
- FPGA -HDL
- Hardware - board design
- Getting started - walk-through
¶ Low-Latency, Low-Loss, Scalable Throughput (L4S) and Accurate ECN Interop
- Champions
Greg White (g.white@cablelabs.com) - Project Info
- L4S and AccECN enable applications to receive fine-grained congestion feedback from the network that allows them to achieve full link utilization, ultra-low latency, ultra-low latency variation, and near-zero packet loss.
- This Interop Event will bring together different congestion control implementations and different network implementations of L4S to test RFC/draft compliance, interoperability, and performance in various conditions.
- Specifications
¶ Secure-hybrid-network
-
Champions
- Yutaka Oiwa y.oiwa@aist.go.jp
- Hiro Nakanishi hiro.nakanishi@gmo-cybersecurity.com
- Satoru Kanno satoru.kanno@gmo-cybersecurity.com
-
Project Info
This project’s approach to realizing this analyzes requirements for ensuring and monitoring the security status of the network used under complex network environments such as hybrid cloud or mixed cloud settings. -
Related documents
¶ YANG Configuration Instance Data To Knowledge Graph
- Champions
- Michael Mackey michael.mackey@huawei.com
- Beyza Yaman
- Benoit Claise benoit.claise@huawei.com
- Project Info
Translate YANG network instance configuration data into RDF data so that it can be used in a Knowledge Based Information System. - Related documents
- Knowledge Graph Framework for Network Operations
¶ SAVBench: A Benchmarking Framework for Source Address Validation Based on SAVOP
- Champions
- Libin Liu (liulb at zgclab.edu.cn)
- Project Info
- Evaluating the performance of existing SAV mechanisms using the benchmarking methodology proposed in the document draft-chen-bmwg-savnet-sav-benchmarking.
- SAV Open Playground (SAVOP) is an open platform that enables the implementation, emulation, and evaluation of source dddress validation (SAV) mechanisms.
- Code: https://github.com/SAV-Open-Playground/
- Collaboration: Share ideas and feedback via GitHub Discussions. Contributions are welcome!
- Hackathon Plan
- Emulate existing SAV mechanisms (e.g., Strict uRPF, Loose uRPF, EFP-uRPF) in classic Internet topologies and scenarios.
- Implementation of an operation module: The operation module is designed to facilitate emulations of SAV mechanisms through configurations.
- Develop benchmarking methodologies to evaluate intra-domain and inter-domain SAV performance.
- Related Documents
¶ SIMap for SRV6 and Linking Topology to External Data
-
Champions
- Sherif Mostafa (sherif.mostafa@huawei.com)
- Olga Havel (olga.havel@huawei.com)
- Vivekananda Boudia (vivekananda.boudia@insa-lyon.fr)
- Pierre Francois (pierre.francois@insa-lyon.fr)
- Oscar Gonzalez De Dios (oscar.gonzalezdedios@telefonica.com)
- Yannick Buchs (yannick.buchs@swisscom.com)
- Benoit Claise (benoit.claise@huawei.com)
-
Project Info
- The goal of this project is to demonstrate how operators can utilize IETF Topology YANG models to represent a real carrier IP/MPLS network, focusing on:
- Using the IETF topology model to represent a carrier network based on ISIS and SRV6 domains.
- Linking topological entities to external models/data.
- Evaluating whether RFC8345 is a suitable standard for representing multi-layered topologies for SIMap, and comparing models with and without the identified gaps.
-
Specifications
- https://www.rfc-editor.org/rfc/rfc8345
- https://www.rfc-editor.org/rfc/rfc8944
- https://www.rfc-editor.org/rfc/rfc8346
- https://datatracker.ietf.org/doc/draft-ogondio-nmop-isis-topology
- https://datatracker.ietf.org/doc/draft-ogondio-nmop-ospf-topology
- https://datatracker.ietf.org/doc/html/draft-havel-nmop-digital-map-concept
- https://datatracker.ietf.org/doc/html/draft-havel-nmop-digital-map
- https://datatracker.ietf.org/doc/draft-davis-nmop-some-refinements-to-rfc8345
- https://datatracker.ietf.org/doc/rfc9130/
- https://datatracker.ietf.org/doc/rfc9129/
-
Hackathon Plan
- In IETF121 Hackathon, we demonstrated how RFC8345 could be used to model IS-IS and OSPF in both operator and virtual LAB environments, showcasing how to link topology to external data (such as inventory and metrics data).
- The objective for this hackathon is to improve upon that prototype by:
- Enhancing methods for retrieving configuration attributes and metrics through the RFC8345 API, with IS-IS/OSPF/SRV6 augmentations.
- Demonstrating use cases such as traversing queries and querying external data for topology entities.
-
Related Groups
¶ RESTful Provisioning Protocol (RPP)
-
Champions
Maarten Wullink maarten.wullink@sidn.nl
Pawel Kowalik pawel.kowalik@denic.de -
Project Info
The newly formed RPP working group is focused on designing a new protocol via a series of specifications known collectively as the RESTful Provisioning Protocol (RPP). -
Hackathon Plan
-
Discuss/Develop/Validate proposals for protocol architecture
-
Develop running code for:
- RPP API sandbox & client
- RPP to EPP adapter
-
Other interesting ideas
-
Related documents
¶ MAPRG IPv6 Test Pod Open Testing and Diagnosis
-
Champions
David Plonka dave@plonka.us (MAPRG co-chair, WiscNet's Principal Research Scientist) -
Project Info
The Measurement & Analysis for Protocols Research Group (MAPRG) and WiscNet (AS2381) will provide an open testing environment for participants to determine how well equipment and applications work in a variety of IPv6 network environments.To accomplish this, we will provide access to the IPv6 Test Pod (https://ipv6-pod.info/): a wireless and wired access point specially configured for testing IPv6 compatibility and graciously provided by Internet2 and the ARIN Community Grant program.
The IPv6 Test Pod provides a variety of IPv6 test networks via Wifi SSIDs and optionally over Wired Ethernet connections. All you have to do is provide a wired internet connection to the WAN interface (IPv4-only is OK), power, and it will provide a series of networks to test devices and software with:
- Dual-Stack (IPv4 and IPv6)
- IPv6-only
- IPv6 only with NAT64+DNS64
- IPv6-only with NAT64+PREF64
- IPv6 only with NAT64+DNS64+PREF64
In addition to employing the IPv6 Test Pod, we'll do complementary testing with IPvFoo browser extension, the IETF network, etc.
-
Open Call for Participants
Anyone can drop by for ad hoc IPv6-compatibility testing of your wireless or wired user equipment, e.g., smartphone, or application(s) of interest, web-based or otherwise.Please join the project, and stay a while, if you are an IPv6 or transition mechanism aficionado, or simply want to learn more about using IPv6 in a live environment. We could use help with testing and identifying the root causes of problems found.
-
Background:
¶ vCon
-
Champions
- Dan Petrie (dan.ietf@sipez.com)
-
Project Info
WG: vCon
I-D: vCon container
Repos:-
py_vcon_server - vCon integration and AI enabled workflow server
One of the primary goals of vCon is to ease and standardize the integration and data transfer of conversational data between enterprise or contact center: -
Communications systems (email, sms, web chate, voice and video calls)
-
Data consumer or customer data platform
-
AI, ML and algorithmic analysis services, model training and testing
-
CRM systems
-
Hackathon Objective
The goal for this hackathon is to implement and test portions of the vCon I-D that have not been well tested. The group and appended features of vCon have not been fully implemented or tested. The redacted feature has been implemented and tested mainly with text transcriptions. Further exploration of redacted audio and video dialogs had not been well tested. -
Hackathon Work Items
- Implement amended vCon and generate example for the vCon Container I-D
- Implement group vCon and generate example for the vCon Container I-D
- Implement redacted for video and/or audio media dialogs
- Design and add support for dialogs with separate recording file for each party
¶ Enhancing ICMP Error Message Authentication Using Challenge-Confirm Mechanism
-
Champions
- Ziqiang Wang ziqiangwang@seu.edu.cn
- Yuxiang Yang yangyx22@mails.tsinghua.edu.cn
- Ao Wang wangao@seu.edu.cn
-
Project Info
The Internet Control Message Protocol (ICMP) plays a crucial role in network diagnostics and error reporting. However, verifying the legitimacy of a received ICMP error message can be challenging, especially when the ICMP error message is embedded with stateless protocol data. In this project, we will demonstrate attacks constructed by exploiting ICMP vulnerabilities and a defense mechanism based on a challenge-confirm mechanism. -
Related documents
¶ EDHOC
- Champion(s)
- Project Info
- Establish keying material for OSCORE using the EDHOC protocol
- EDHOC in large robotic swarms
- Remote Attestation with EDHOC for Swarms
- Embedded Rust Cryptographic Abstraction Layer (CAL)
- Sketching use in PC environments
- ✅ Plugtesting: Californium implementation with Ariel OS demo application (no-code setup); Contiki-NG with aiocoap server
- Specifications:
¶ EDHOC and OSCORE Profile of the ACE Framework
- Champion(s)
- Marco Tiloca (marco.tiloca at ri.se)
- Project Info
- Use the ACE access control framework combined with the EDHOC protocol for mutual authentication and establishment of keying material for OSCORE
- Specifications:
¶ EDHOC in large robotic swarms
- Champion(s)
- Geovane Fedrecheski (geovane.fedrecheski at inria.fr)
- Project Info
- blink: Scalable low-power local connectivity supporting mobility, enabling the OpenSwarm 1k DotBots Testbed (https://github.com/DotBots/blink)
- authenticate blink network join using EDHOC
- Specifications:
¶ Remote Attestation with EDHOC for Swarms
- Champion(s)
- Yuxuan (xx at inria.fr)
- Project Info
- xx
- Specifications:
¶ Embedded Rust Cryptographic Abstraction Layer (CAL)
- Champion(s)
- Elsa (xx at inria.fr)
- Project Info
- xx
- Specifications:
¶ Implementing Initial DNS HSYNC Processes
-
Champions
- Johan Stenstam (johan.stenstam@internetstiftelsen.se)
-
Project Info
The proposed HSYNC DNS record allows zone owners to specify exactly what services they intend different DNS providers to provide and how to collaborate. The HSYNC RRset specifies the identity of all designated DNS providers, allowing them to identify and locate each other and establish secure communication. This allows automated collaboration to solve a number of provisioning issues like how to manage the DNSKEY RRset (when there are multiple signers), how to manage the NS RRset (when there are multiple authoritative DNS providers), how to deal with on-boarding and off-boarding of DNS providers and also who is responsible for interaction with the parent (for synchronization of delegation information).The experimental name server TDNS has support for HSYNC and the identification and location of remote DNS providers (or
rather, their agents). The next steps are to implement support for initial processes:- Implement NOTIFICATION of remote DNS providers when there is a change to the local DNSKEY RRset (i.e. typically steps in a key rollover)
- Synchronize the contributions of individual NS records from different DNS providers into a unified NS RRset.
- Implementing debug support in existing CLI tools to simplify testing of htese new sycnhronization mechanisms.
- Possibly look at first steps of automatic management of the zone transfer chain via the HSYNC Upstream field.
-
Specifications
-
Repo and Docs
¶ Using EAP with FIDO
- Champions
- Janfred Rieckers (rieckers@dfn.de)
- Project Info
- Using FIDO authenticators in EAP for passwordless authentication
- Specifications
- Repo and docs
- Hackathon plan
- Add more features to implementation
- Related groups
¶ Low-Power Wireless IPv6 Networking with Thread *
-
Champion
Stuart Cheshire <cheshire@apple.com> -
Thread Overview
Thread is a specification for how to carry IPv6 datagrams over a mesh of low-power IEEE 802.15.4 wireless links. Stuart Cheshire gave a brief presentation about Thread at the IETF 119 IAB Open meeting in Brisbane. The Thread specification is developed and published by the Thread Group. There are several independent implementations of Thread, the main one being the OpenThread open source project.
For this Hackathon event, the goal is to introduce people to Thread and OpenThread programming. This Hackathon event is open to all — Thread Group membership is not required, though of course Thread Group members are also welcome to participate. If you plan to participate in the Thread work at the Hackathon (on-site or remotely), please add your name to the participant list. If you already have a Thread developer board and the OpenThread build environment on your laptop, please bring that. If not, we will have a few extra Thread developer boards available and we can help you get the build environment set up. For people totally new to Thread development, we have some recommendations from Allie Clifford and Ann Olivo.
We have a list of some project ideas. Other ideas are welcome and encouraged. Please feel free to add suggestions to the project list. -
Participants and Project Info
- To avoid taking up too much space on the main Hackathon page, Thread participants and projects are listed separately on the Thread Projects page.
¶ Interface to In-Network Computing Functions (I2ICF) Project
- Champion(s)
- Jaehoon Paul Jeong (pauljeong@skku.edu)
- Project(s)
- Demonstrate Interface to In-Network Computing Functions (I2ICF) Intent Translator of Intent Service Application for IoT Device (i.e., Software Defined Vehicles (SDVs)).
- Set up In-Network Computing Functions for mobile objects such as Software-Defined Vehicles (SDV) and Unmanned Aerial Vehicles (UAV) in terms of the configuration and monitoring of In-Network Functions.
- Specifications
¶ Multipath QUIC Interop testing
-
Champions
Magnus Westerlund (magnus.westerlund@ericsson.com) -
Project Info
Interop testing of Multipath QUIC implementations - see https://github.com/quicwg/multipath/wiki/Implementation-Draft-Interop
¶ rpki-rtr selective sync implementation
- Champions
- Tom Harrison (tomh@apnic.net)
- Specifications
- Repository
¶ BGP-LS Extensions for SRv6 Service Chaining
- Champions
Wataru Mishima (w.mishima@ntt.com) - Project Info
- Implementation of BGP-LS Extensions for Service Chaining on GoBGP, ExaBGP, and Wireshark.
- Interoperability testing.
- Specifications
https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-ls-sr-service-segments/02/
https://datatracker.ietf.org/doc/draft-watal-spring-srv6-sfc-sr-aware-functions/02/ - Repository
https://github.com/watal/gobgp/tree/feature/bgp-ls-service-segments
https://gitlab.com/watal/wireshark/-/tree/feature/bgp-ls-service-segments
¶ Traffic Steering using BGP FlowSpec with SR Policy
- Champions
Wataru Mishima (w.mishima@ntt.com) - Project Info
- Implementation of BGP FlowSpec with SR Policy on GoBGP.
- Specifications
https://datatracker.ietf.org/doc/draft-ietf-idr-ts-flowspec-srv6-policy/05/
https://datatracker.ietf.org/doc/draft-watal-spring-srv6-sfc-sr-aware-functions/02/ - Repository
https://github.com/y-kzm/gobgp/tree/draft-ietf-idr-ts-flowspec-srv6-policy-05-yykzm
¶ IPsec EESP
- Champions
Steffen Klassert (steffen.klassert@secunet.com) - Project Info
Discuss implementation issues of EESP protocol. - Specifications
https://datatracker.ietf.org/doc/draft-klassert-ipsecme-eesp/
https://datatracker.ietf.org/doc/draft-klassert-ipsecme-eesp-ikev2/
¶ Integrating DNS over CoAP into DNS Resolver Implementations
-
Champions
Martine Lenders (martine.lenders@tu-dresden.de) -
Project Info
Students from TU Dresden provided implementations of DNS over CoAP (DoC) for various DNS implementations:
I would like to work with contributors from these projects to get them integrated. For
digdoc, the goal is to provide a package for the most common Linux distributions, e.g., Debian. -
Specifications:
https://datatracker.ietf.org/doc/draft-ietf-core-dns-over-coap/13/ -
Repositories:
https://github.com/powerbuilder1/unbound/tree/vm_ubuntu_version
https://github.com/dig-doc/knot
https://github.com/dig-doc/digdoc
¶ Testing Congestion Control and Queue Management Mechanisms
- Champions
- Mohit P. Tahiliani (tahiliani@nitk.edu.in)
- Y. Supradha Bhat (ysupradhabhat.211cs265@nitk.edu.in)
- Anuhya Murki (anuhyamurki.211cs213@nitk.edu.in)
- Mahati A. Kalale (mahatikalale.211cs138@nitk.edu.in)
- Rati Preethi S. (ratipreethi.211cs248@nitk.edu.in)
- Shriya Anil (shriya.211cs259@nitk.edu.in)
- Project Info
- Validation of rate-limited sender implementation in ns-3
- Testing of FQ-CoDel and FQ-PIE using ns-3, NeST and WiFi APs
- New work on improving the delay-throughput tradeoff with CoDel
- Testing the interaction of modified CoDel with BBR
- Related documents
¶ PQC DNSSEC Metrics with MTL Mode
-
Champions
Joe Harvey (jsharvey@verisign.com)
Swapneel Sheth (ssheth@verisign.com -
Project Info
Previous IETF Hackathons have demonstrated how MTL mode works including how to apply it to DNSSEC. With the release of our patch for LDNS (Library for DNS open-source from NLNet Labs) to allow for key generation, signing, and verifiying with MTL mode and PQC algorithms, we would like to now collect some metrics that focus on the general operation of PQC DNSSEC and the operational considerations of MTL mode on zone signing and query/responses. We would also like to collect further feedback from the resolver community and setup for additional proof-of-concept implementations in other code bases to further evaluate interoperability and to confirm our collected metrics. To help run some measurement tests, we have hosted an authoritative server with a sample zone signed with MTL Mode at mtlauthoritative.verisignlabs.com and a test script. -
Specifications
[1] https://datatracker.ietf.org/doc/draft-harvey-cfrg-mtl-mode/
[2] https://datatracker.ietf.org/doc/draft-harvey-cfrg-mtl-mode-considerations/
[3] https://datatracker.ietf.org/doc/draft-fregly-dnsop-slh-dsa-mtl-dnssec/ -
Repositories
[1] https://github.com/verisign/MTL
[2] https://github.com/verisign/mtl-mode-ldns
[3] https://github.com/verisign/mtl-mode-unbound
¶ Evaluation of Caller ID Verification
-
Champions
Feng Hao (feng.hao@warwick.ac.uk)
Basil Thomas (BThomas@squire-technologies.com)
Steve Smith (stevesmith@truecall.co.uk)
Muhammad Ajmal Azad (Muhammadajmal.azad@bcu.ac.uk) -
Project Info
Evaluating the feasibility of deploying Caller ID Verification (CIV) as part of the SIP servers in the Telecom cloud to prevent number spoofing attacks. -
Related document
[1] https://www.ietf.org/archive/id/draft-hao-civ-00.html
¶ DNS Multiple QTYPEs
Champions
- Ray Bellis (ray@bellis.me.uk)
- Florian Obser (florian+ietf@narrans.de)
- Chris Box (chris.box.ietf@gmail.com) (Sunday only)
Project Info
We aim to perform the first interop of something long wished-for: a mechanism for DNS clients to query for multiple RR types for the same name in a single message (since using question count > 1 never worked well and is now forbidden). Want to get A, AAAA, and HTTPS records with a single query? SRV and TXT? Everything email system related at once? Come join us!
Related document
[1] https://datatracker.ietf.org/doc/draft-ietf-dnssd-multi-qtypes/
¶ CoAP Group Communication with Group OSCORE
-
Champions
-
Project Info
- Message exchange of group and pairwise messages protected with Group OSCORE
-
Specifications
¶ CoAP Group Communication via Proxy Servers
-
Champions
-
Project Info
- Relaying CoAP messages intended for a group via a proxy server
-
Specifications
¶ HTTPS-Notif-Draft Kafka integration and Bandwidth Analysis for different encodings
-
Champions
- Bharadwaja Meherrushi Chittapragada (meher.211cs216@nitk.edu.in)
- Vartika T Rao (vartikatrao.211it077@nitk.edu.in)
- Siddharth Bhat (sidbhat.211ee151@nitk.edu.in)
- Hayyan Arshad (hayyanarshad.211cs222@nitk.edu.in)
-
Project Info
Our goal is to evaluate the throughput performance of JSON, XML, and CBOR encoding formats in the context of HTTPS-based YANG notifications, as specified in the https-notif-draft. -
Related Document
¶ Ultra-Low Latency Cryptography
- Champion(s)
- Yumi Sakemi (yumi.sakemi@gmo-cybersecurity.com)
- Satoru Kanno (satoru.kanno@gmo-cybersecurity.com)
- Project Info
- In future communication technologies such as 6G, there are technical requirements that demand ultra-low latency and high levels of security. So, the purpose of this project is to achieve low-latency and highly secure cryptographic techniques targeting future communication technologies.
- We consider appylying Areion to IPsec in this hackathon.
- Paper at https://tches.iacr.org/index.php/TCHES/article/view/10279/9727
- We are currently recruiting collaborators who will join us in this project.
- Specifications
- https://datatracker.ietf.org/doc/draft-sakemi-areion/
- Work in progress
¶ MoQT Interop Testing
- Champions
- Daniel Fay (danielfay22@meta.com)
- Project Info
Interop testing of MoQT (Media over Quic Transport) media and text based implementations - Specifications
Don’t see anything that interests you? Feel free to add a project to the list, sign up as its champion, and show up to work on it. Note: you must login to the wiki to add content. If you add a new project, we suggest you send an email to (hackathon@ietf.org) to let others know. You may generate interest in your project and find other people who want to contribute to it.
TEMPLATE: Copy/paste and update the following template to add your project to the list:
### Your Project
- **Champions**
name and email
- **Project Info**
project description
To edit the wiki, log in using your IETF Datatracker login credentials. If you don't yet have an IETF Datatracker account, you may get one by going here and requesting a new account.