13:57:11 <RRSAgent> RRSAgent has joined #web-networks
13:57:11 <RRSAgent> logging to https://www.w3.org/2022/09/13-web-networks-irc
13:57:13 <Zakim> Zakim has joined #web-networks
13:57:39 <dom> Meeting: Web & Networks TPAC F2F
13:58:05 <dom> Agenda: https://www.w3.org/wiki/Networks/TPAC2022
13:58:21 <dom> agenda+ Web & Networks IG introduction
13:58:29 <dom> agenda+ Web & Networks IG introduction
13:58:36 <dom> agenda+ Client-Edge-Cloud coordination Use Cases and Requirements
13:59:28 <dom> Present+ DanD, CHrisN, EricS, Dom, SUdeep, MichaelMcCool, Song, LiLin, HuaqiSHan, SOngXu, EricMwobobia, Dapeng
13:59:39 <McCool> McCool has joined #web-networks
13:59:47 <dom> RRSAgent, make log public
13:59:52 <cpn> cpn has joined #web-networks
14:00:01 <Eric> Eric has joined #web-networks
14:00:43 <dom> Present+ Kunihiko, DingWei
14:00:56 <dom> Present+ JakeHolland
14:01:03 <McCool> present+ McCool
14:02:19 <dom> Present+ DavidEzell
14:02:44 <Eric> Present+
14:03:22 <dom> scribe+
14:03:46 <dom> Zakim, next item
14:03:46 <Zakim> agendum 1 -- Web & Networks IG introduction -- taken up [from dom]
14:04:17 <dom> DanD: Song from China Mobile, Sudeep from INtel and I (from AT&T) are co-chairs of Web & Networks IG
14:04:22 <dom> ... Dom is our staff contact
14:04:26 <Louay> Louay has joined #web-networks
14:04:34 <Louay> Present+ Louay_Bassbouss
14:04:53 <dom> Present+ LouayBassbouss, PiersO'Hanlon, LarryZhao, LukeWagner
14:05:06 <Larry_Zhao> Larry_Zhao has joined #web-networks
14:05:16 <dom> [slide 1]
14:05:21 <cpn> present+ Chris_Needham
14:05:30 <jholland> jholland has joined #web-networks
14:05:34 <ktoumura> ktoumura has joined #web-networks
14:05:37 <Piers_O_Hanlon> Piers_O_Hanlon has joined #web-networks
14:05:42 <motokim> motokim has joined #web-networks
14:05:42 <dom> DanD: our agenda today will cover an overview of our group's work and progress
14:05:45 <Max__Liu> Max__Liu has joined #web-networks
14:05:47 <dezell> dezell has joined #web-networks
14:05:53 <dom> ... hopefully useful starting point for later reading
14:06:00 <dezell> present+ David_Ezell
14:06:05 <dom> ... next we'll dive into Edge Use Cases & Requirements
14:06:11 <dom> ... followed by an open discussion
14:06:25 <dom> Zakim, next item
14:06:25 <Zakim> agendum 2 -- Web & Networks IG introduction -- taken up [from dom]
14:06:39 <dom> [slide 4]
14:07:31 <Dingwei> Dingwei has joined #web-networks
14:08:59 <dom> [slide 5]
14:09:51 <dom> [slide 6]
14:11:08 <sudeep> present+ Sudeep
14:11:29 <dom> [slide 7)
14:12:36 <dom> RRSAgent, draft minutes
14:12:36 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
14:12:50 <dom> [slide 8]
14:13:13 <sudeep> Link to WNIG Wiki: https://www.w3.org/wiki/Networks
14:14:09 <dom> i/[slide 1]/Slideset: https://github.com/w3c/web-networks/raw/main/meetings/W3C_WNIG_TPAC2022_V1.1.pdf
14:14:14 <dom> [slide 9]
14:14:17 <dom> RRSAgent, draft minutes
14:14:17 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
14:15:36 <dom> [slide 10]
14:16:27 <dom> Jake: breakout scheduled tomorrow on multicast, with focus on security discussions
14:17:13 <dom> [slide 11]
14:17:15 <dom> [slide 12]
14:17:26 <jholland> tomorrow's multicast breakout: https://www.w3.org/events/meetings/527d52eb-f8df-4875-844b-09a27a67d772
14:17:37 <dom> s|https://github.com/w3c/web-networks/raw/main/meetings/W3C_WNIG_TPAC2022_V1.1.pdf|https://lists.w3.org/Archives/Public/www-archive/2022Sep/att-0001/W3C_WNIG_TPAC2022_V1.1.pdf
14:17:42 <dom> RRSAgent, draft minutes
14:17:42 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
14:18:19 <dom> Michael: we're mostly focused on edge offload
14:19:02 <dom> ... maybe this should expand to split browser, but that's not part of what we've doing so far
14:19:27 <dom> Present+ ZoltanKis, YanZ, MotokiMizusako
14:25:51 <dom> Zakim, next item
14:25:51 <Zakim> agendum 3 -- Client-Edge-Cloud coordination Use Cases and Requirements -- taken up [from dom]
14:26:56 <dom> Slideset: https://lists.w3.org/Archives/Public/www-archive/2022Sep/att-0002/2022-09-13-WNIG-F2F-Edge.pdf
14:27:03 <dom> [slide 1]
14:27:03 <dom> [slide 2]
14:27:06 <dom> [slide 3]
14:27:37 <dom> Michael: our 13 use cases could still be improved from a categorization perspective
14:28:03 <dom> [slide 4]
14:28:27 <dom> Michael: some of the main drivers for edge computing are latency and privacy
14:29:06 <dom> ... e.g. in AR, tracking the environment and overlaying information on the environment needs to happen with very low latency
14:29:27 <dom> ... cloud is ~10x slower to reach than an edge node
14:30:40 <dom> ... using edge computing is applicable both for webapps and IoT - I'm also a co-chair of the Web oF things WG
14:31:00 <dom> [slide 5]
14:31:29 <dom> Michael: what kind of businesses & users will be using these systems, with what kind of needs & priorities
14:31:41 <dom> ... what are their business models and why would they do this?
14:31:54 <dom> ... we will cross-reference these stakeholders with our use cases
14:31:57 <dom> [slide 6]
14:32:01 <dom> RRSAgent, draft minutes
14:32:01 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
14:32:11 <dom> ... these requirements derive from our use cases
14:32:35 <dom> ... a common requirement is improved performance
14:33:12 <dom> ... some of the requirements are up for negotiation
14:33:25 <dom> ... compatibility with existing APIs vs building a new one
14:34:26 <dom> [slide 7]
14:35:18 <dom> Michael: 2 proposals: one focused on seamless code sharing baed on WASM, benefitting from the JS/WASM sandbox
14:35:43 <dom> ... the other is distributed worker, extending the existing threading model in browsers based on Workers
14:36:01 <dom> ... the comm model they use could be extended to instantiate a worker on a remote machine
14:36:33 <dom> ... Web of Things has ongoing work on discovery that could be used for compute utility discovery
14:37:10 <dom> ... Both of these are extended the web model beyond client & server, to a distributed model, some of the resources being location sensitive
14:37:48 <Max__Liu> +
14:37:49 <dom> [slide 8]
14:37:49 <dom> DavidE: what is WASM?
14:37:50 <Max__Liu> q+
14:38:27 <dom> Michael: WebAssembly provides a binary representation of machine bytecode, that operates in sandboxed runtime with near native performance
14:38:31 <dom> ... similar to LLVM
14:38:43 <dom> q?
14:38:53 <dom> ack Max__Liu
14:39:16 <dom> Max: detailed use cases are available in the document
14:39:57 <dom> -> https://w3c.github.io/edge-computing-web-exploration/ Client-Edge-Cloud coordination Use Cases and Requirements
14:40:42 <cpn> q+
14:40:43 <DanD> DanD has joined #web-networks
14:40:43 <dom> Max: I also want to mention that we've been focused on use cases & requirements, with only high level initial proposals for solutions
14:40:56 <dom> ... the purpose is to gather enough interest for this work
14:41:39 <dom> Michael: we're trying to establish feasability and the potential path to standardization
14:41:47 <DanD> +
14:41:55 <dom> ... we need to prioritize requirements (essential vs nice to have)
14:42:04 <dom> q?
14:42:23 <DanD> +1
14:42:48 <dom> q+ DanD
14:42:50 <dom> ack cpn
14:43:06 <dom> CPN: you mentioned extending a worker to offload compute
14:43:29 <dom> ... are there solutions out there that could inform what kind of standardization would be helpful?
14:43:49 <dom> Michael: Akamai has EdgeWorkers; Fastly runs WASM on the edge
14:44:21 <dom> ... but they're not using standardized interfaces so can't be deployed seamlessly by developers without adapting to each CDN providers
14:44:38 <dom> chris: could this be captured in the document?
14:45:12 <dom> Michael: that's what we would want to achieve by cross-referencing stakeholders with use cases / requirements
14:46:03 <dom> q+
14:46:27 <dom> Chris: I'm not necessarily suggesting to capture in the document, but it's useful information to gather
14:46:40 <dom> ack DanD
14:47:07 <dom> DanD: thanks for putting this together, and it helps consolidating the many ideas that have been floating around
14:47:26 <dom> ... the trust model with the edge computing for the Web is a very critical aspect
14:47:52 <dom> ... things that are in a given administrative domain has a well-defined trust boundary compared to a fully open web setup
14:48:13 <dom> ... CDNs typically represent content providers, they're an extension of content providers
14:48:25 <dom> ... what would be the relationship between the ISP and the content provider?
14:48:53 <dom> ... it's not just technical solutions, this needs to be grounded reality
14:49:09 <dom> Michael: does the end user trust the edge computer? does the edge provider trust the code it is running?
14:49:34 <dom> ... a threat could be drive-by mining that would steal my computing resources
14:49:58 <dom> ... Sandboxing helps with running untrusted code
14:50:15 <dom> ... harder to protect the code from the platform - probably best addressed by a social solution
14:50:24 <Max__Liu> q+
14:50:36 <dezell> q+ to talk about sandboxing
14:51:35 <dom> Michael: this could be dealt with in a way similar to permissions e.g. to access camera
14:52:13 <dom> DanD: there is also the possibility to extend the same origin policy as long as the edge is seen as an extension to the server
14:52:21 <dom> ... it's all about who has a relationship with whom
14:52:39 <dom> ... it's not just the trust, it's also about not abusing the resource
14:53:06 <dom> Michael: CORS is designed for developers to delegate access to another developer
14:53:46 <dom> Present+ Jeff
14:54:04 <dom> q?
14:54:07 <dom> ack dom
14:54:20 <cpn> scribe+ cpn
14:55:02 <cpn> Dom: Delegating to the edge, question about trust, when you're using edge resources, the content provider is paying. If it's under user control, does the user pay?
14:55:27 <cpn> ... Are there business models that enable that? We should clarify how the computing delegation would work in practice, don't know if there are examples today
14:55:32 <dom> michael: it enables new business models
14:55:58 <dom> ... today the content provider pays a CDN for edge resources
14:56:12 <dom> ... if that moves to the user, it could be bundled into an ISP plan
14:56:28 <jholland> +q
14:56:58 <DanD> q+
14:57:11 <dom> ack Max
14:57:36 <dom> Max: regarding the trust model, it's already covered a bit - it varies across use cases, with different business models
14:57:55 <dom> ... there are existing B2B models for cloud->edge
14:58:11 <dom> ... the service provider pays the fee to the edge computing provider
14:58:45 <dom> ... we should consider the same origin policy of the web architecture
14:58:53 <dom> ... for consitency
14:58:57 <dom> ack dezell
14:58:57 <Zakim> dezell, you wanted to talk about sandboxing
14:59:32 <jeff> jeff has joined #web-networks
14:59:33 <dom> David: re sandboxing - how much thoughts have been put into keybox / software validation?
15:00:09 <dom> ... PCI regulations enforced rules in terms of private key generation and management
15:01:04 <dom> ... how do you prevent a user asked to do something that might be appropriate?
15:01:36 <dom> ... very hard questions to consider
15:01:42 <dom> s/keybox/keyvault/
15:01:42 <McCool> q?
15:02:02 <dom> jholland: the developer-controlled vs user-controlled models
15:02:21 <dom> ... they're very different use cases with very different control surfaces, different trust model and sandboxing constraints
15:02:30 <dom> ... there may be some similar aspects
15:02:46 <dom> ... but they should be approached as different APIs that might be able to share a component
15:02:54 <dom> ack jholland
15:03:13 <dom> ack DanD
15:03:39 <dom> DanD: my suggestion for Michael & Max: we went through use cases and requirements
15:03:58 <dom> ... there may be an opportunity to look at the different offloading models (developer centric vs user centric)
15:04:08 <dom> ... the different realms of controls (enterprise vs user)
15:04:12 <McCool> q+
15:04:13 <McCool> q?
15:04:19 <dom> ... I think it would be worth digging more into these questions
15:04:21 <dom> ack McCool
15:04:33 <Max__Liu> q+
15:04:51 <dom> McCool: re user vs dev - a user could be an enterprise wanting to do sensitive work on their premises or using their own machine
15:05:04 <dom> ... e.g. Web Apps doing video processing
15:05:17 <dom> ... Establishing the right trust model is key
15:05:42 <dom> Jake: I would suggest an enterprise capability could operate under a developer centric model, vs a home user
15:06:21 <dom> McCool: we should add discussion of this topic in the doc
15:06:33 <dom> ... there are similar components around workload packaging, sandboxing
15:06:37 <sudeep> q+
15:07:02 <dom> ack Max
15:07:12 <dom> Max__Liu: +1 to Dan's suggestion
15:07:26 <dom> ... we'll put more analysis on this topic in the document
15:07:44 <dom> ack sudeep
15:08:01 <dom> sudeep: the sandboxing and trust models sounds like important topics
15:08:29 <McCool> q+
15:08:42 <dom> ... we have the <script> tag that allows to run JS - could it be extended to allow the user to establish trust with the edge node?
15:08:51 <dom> ack McCool
15:09:19 <dom> McCool: the value of Worker is that they operate in a different thread/memory space, which isn't the case of the <script> tag
15:09:28 <dom> RRSAgent, draft minutes
15:09:28 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
15:09:55 <Piers_O_Hanlon> q+
15:10:21 <dom> ack Piers_O_Hanlon
15:10:29 <dom> q+ Piers_O_Hanlon
15:11:07 <dom> Yan: re security model, a user centric trust model is key to forward looking standards
15:11:21 <dom> McCool: SOLID is also an interesting approach to manage private data
15:11:38 <dom> ... managing keys in the LAN doesn't work well with browsers
15:12:23 <dom> Yan: I'm also involved in the VC & DID WGs which could help
15:12:26 <dom> acl Piers_O_Hanlon
15:12:39 <dom> Piers_O_Hanlon: could be useful to distinguish the user data from the code
15:12:51 <dom> ... privacy around the data that is being processed vs the code that is doing the processing
15:12:58 <McCool> q+
15:13:09 <dom> ... one can secure the code or use sub-resource-integrity to ensure it hasn't been tampered with
15:13:18 <dom> ... the data flows then get processed by that
15:13:39 <dom> ... homomorphic encryption might provide a useful way to protect the data from the edge
15:13:44 <dom> ack Piers_O_Hanlon
15:14:03 <Karen> Karen has joined #web-networks
15:14:08 <dom> Yan: we use a trust zone to run the code
15:14:20 <dom> ... for the data, we use VC to preserve the privacy of data itself
15:14:24 <dom> ack McCool
15:14:37 <dom> McCool: separating data and code fits well with stateless computing models
15:15:02 <dom> ... with the sandbox, we could control the connections the code can make to avoid it to send the data to any other endpoint
15:15:34 <dom> Piers_O_Hanlon: users may have their credentials used by the edge to accomplish tasks on their behalef
15:15:37 <dom> s/lef/lf
15:15:37 <DanD> q+
15:18:14 <McCool> q?
15:18:43 <dom> McCool: homomorphic processing is probably not ideal if you're looking at performance as a goal
15:18:56 <dom> RRSAgent, draft minutes
15:18:56 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
15:19:17 <dom> McCool: next step includes discussing the aspects that were raised today around security / trust
15:19:58 <dom> DanD: there is also an opportunity to look at the gap analysis
15:20:26 <dom> ... are the standards identified going to fulfill the needs? or what will it take to make them so?
15:20:32 <dom> ... incl WASM, CORS
15:20:51 <dom> ... How can we extend the dialogue? DO we need dedicated calls to help make progress?
15:21:04 <jeff> q+ to comment on next steps
15:21:11 <dom> ... does it have the elevated visibility an activity on its own?
15:21:13 <McCool> q+
15:21:15 <dom> ack DanD
15:21:17 <dom> ack jeff
15:21:17 <Zakim> jeff, you wanted to comment on next steps
15:21:18 <Max__Liu> q+
15:21:27 <dom> RRSAgent, draft minutes
15:21:27 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
15:21:54 <dom> Jeff: looking at the current editors draft of the use cases doc, it's already a pretty impressive document
15:22:14 <dom> ... on the balance of making it even better or moving forward with the gap analysis and addressing it
15:22:29 <dom> ... the weight of the effort needs to shift towards resolving the gap
15:22:37 <dom> ... this may require cross-meeting with other groups
15:23:02 <dom> ... figure who should address the gaps and how we ensure progress
15:23:06 <dom> ... possibly with a new CG
15:23:19 <dom> McCool: we need to get more stakeholders at the table
15:23:31 <dom> ... what can we do to increase engagement?
15:23:44 <dom> ack McCool
15:23:46 <dom> ack Max__Liu
15:24:02 <jeff> q+ to support Michael's idea about stakeholders
15:24:06 <dom> Max__Liu: we probably need a CG, a dedicated way to focus on how to move forward
15:24:31 <dom> ... I personally think that before we go to a WG, we can prepare a charter
15:24:40 <McCool> q+
15:24:48 <dom> ... or a CG that focuses on the topic, which could be more open to non-W3C members and open source projects
15:25:02 <dom> ... helps with greater engagement
15:25:28 <dom> ... key is pushing progress on the work coordination more than on the draft
15:25:29 <dom> ack jeff
15:25:29 <Zakim> jeff, you wanted to support Michael's idea about stakeholders
15:26:11 <dom> jeff: before reaching out to more stakeholders, we need greater clarity on the next steps (incubation vs WG vs existing groups)
15:26:55 <dom> ... in terms of stakeholders, there is a long list of stakeholders that used to be but are no longer W3C members that came in the Mobile Initiative days
15:27:00 <Max__Liu> q+
15:27:21 <dom> ... we should reach out to them as we're making progress in deploying our action plan
15:27:36 <dom> ack McCool
15:27:46 <dom> McCool: +1 to outreach
15:28:00 <dom> ... re CG vs WG - we can't have a WG until we know exactly what deliverables we need
15:28:15 <dom> ... a CG or an IG focused on doing that would be a useful next step
15:28:23 <dom> jeff: we already have the IG
15:28:37 <dom> McCool: but the name of the IG doesn't scream "edge computing"
15:28:45 <Max__Liu> q+
15:28:55 <dom> DanD: two different things we're talking: making the story crisper (with doc improvements)
15:29:08 <dom> ... and gathering input & support, administrative stuff
15:29:13 <dom> ... they can be done in parallel
15:29:17 <Max__Liu> q+
15:29:30 <dom> ... If we need an edge IG, or a CG
15:29:53 <dom> ... we still need to improve the gap analysis in terms of what other groups need to provide & support
15:30:22 <dom> ... figure out the incentives for the stakeholders
15:30:37 <dom> ... we talked about organizing some sort of the workshop to help moving forward
15:31:03 <dom> Max: a CG being more open is helpful compared to an IG
15:31:24 <dom> ... we can also have a liaison with the IG to report back what would happen in the CG
15:31:33 <dom> ... the CG could have more frequrent teleconferences
15:31:39 <McCool> q?
15:31:41 <dom> s/ure/ue
15:31:46 <dom> ack Max__Liu
15:33:22 <dom> DanD: Thanks again for showing up and for the very fruitful discussions
15:33:36 <dom> RRSAgent, draft minutes
15:33:36 <RRSAgent> I have made the request to generate https://www.w3.org/2022/09/13-web-networks-minutes.html dom
15:35:21 <ktoumura> ktoumura has left #web-networks
15:52:02 <dom> dom has joined #web-networks
16:04:52 <Karen> Karen has joined #web-networks
16:12:04 <jeff> jeff has joined #web-networks
16:16:33 <jeff> jeff has left #web-networks
16:18:32 <Karen> Karen has joined #web-networks
16:49:49 <dcaro> dcaro has joined #web-networks
17:59:10 <Karen> Karen has joined #web-networks
18:42:08 <hyojin> hyojin has left #web-networks
18:49:33 <Karen> Karen has joined #web-networks
19:00:16 <Karen> Karen has joined #web-networks