IETF 101

IETF 101 was organized in London this year. As usual, we, the hackers.mu team, participated remotely. This year, we were in as the TLS champions. Hence there was more responsibilities and planning needed.

 

Update: There's an article about it on theregister as well, click here to read more.

How it began


As we had posted it in our events section, this year, we went for the IETF 101 hackathon. As a reminder, last year, we even had The Register which wrote about our participation in the IETF 100 event to deliver TLS 1.3 implementations. We also had the IETF blog which covered that as well. 

We would have loved to go on site in London to do this but logistically, it would have been difficult, and quite expensive for all our members to go there so preparation to hack from Mauritius began some weeks before the big event. It was quite a rush as we were working on several other projects at the same time. We had to find a spot to get together and to the hackathon in the first place. A note about this, if there is anyone who wishes to sponsor a place where we can hack for a weekend once a while (when and if we have a hackathon planned), please do drop us a mail using the contact page.


Setting up

After all the planning for a space to hack, preparing the funds and logistics for it all, one week before DDay, the meteo announced that there could be a potential cyclone lurking around. Hence we decided to Perform the hackathon remotely, from each other's house. For this, the challenge becomes harder, as now, we obviously had communication issues to cope for as well as how to manage everything. But eventually we sorted it out prety well! We had Jabber as well other tools that we are used to for managing our hackathons. 

 

TLS Champions

Being the TLS champions for the first time, we were really worried whether we will be able to lead this hackathon properly, last year, we had others to follow and it was less stressful. But this year, it was up to us to organize our own team and project, so we had some pressure, which is probably why we spent some weeks before hand to just plan and manage.

 

  

What we worked on

 planned on working on the following:

Projects

IETF Draft || RFC

TLS 1.3 The Transport Layer Security (TLS) Protocol Version 1.3
DNS The EDNS(0) padding option
http 451  An HTTP Status Code to Report Legal Obstacles

 

  • Since OpenSSL pre release candidates were coming out with TLS 1.3 support, we had to work  towards adding support for TLS 1.3 in as much software as we could. 
  • Loganaden was interested in DNS security, hence worked on the DNS PRIVate Exchange (DPRIVE) Working Group develops mechanisms to provide confidentiality to DNS transactions, to address concerns surrounding pervasive monitoring. 
  • While those who wanted to work on http 451 focused on that. 

  

TLS 1.3

 

For the TLS 1.3 hackathon, we have been able to send some Pull Requests to add TLS 1.3 support to the following projects: 

 

Project

Member

GNU wget, is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, etc. Loganaden Velvindron 
nagios-plugins, check_http, tests the HTTP service on the specified host. It can test normal (http) and secure (https) servers, follow redirects, search for strings and regular expressions, check connection times, and report on certificate expiration times. Rahul Golam
stunnel, stunnel is an open-source multi-platform application used to provide universal TLS/SSL tunneling service. stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively. It runs on a variety of operating systems, including most Unix-like operating systems   Njm
httpperf, is a tool for measuring web server performance. It provides a flexible facility for generating various HTTP workloads and for measuring server performance.  MA (former member)
git, is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

 

Loganaden Velvindron 
 check_ssl_cert,  is a Nagios plugin to check an X.509 certificate:
  • checks if the server is running and delivers a valid certificate
  • checks if the CA matches a given pattern
  • checks the validity
Yasir Auleear
aria2c,  is a lightweight multi-protocol & multi-source command-line download utility. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. aria2 can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Pirabarlen Cheenaramen 
Eclipse paho C library, is a set of scalable open-source implementations of open and standard messaging protocols aimed at new, existing, and emerging applications for Machine-to-Machine (M2M) and Internet of Things (IoT) Njm, Ny (former members)
mercurial, is a distributed revision-control tool for software developers. It is supported on Microsoft Windows and Unix-like systems, such as FreeBSD, macOS and Linux. CV (name removed  on request) 
monit, is a utility for managing and monitoring processes, programs, files, directories and filesystems on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.   CV (name removed  on request)
     

 

 

DNS DPRIVE

 

 

 

Project

Member

pyDig is a program to perform DNS queries and exercise various existing and emerging features of the DNS protocol. It works mostly similar to the dig program that comes with ISC BIND. Loganaden Velvindron

 

http451

 

Project

Member

A Drupal http451 module was written. Akil Maulloo

 

What a team spirit!

It seems that I am not the only one who feels that this hackathon was really addictive. we were hooked the moment we started working out on our tasks. Furthermore, everybody was contributing to almost every aspect of each other's tasks. The team was on fire, we were working like a well oiled engine, everyone knew what they needed to do, and everyone were helping out each other. At some point we even had to to tell people to get some sleep for the next day, yes that kind of fun!

 

The next day, after wrapping up the maximum tasks that we could, some members gathered at the flying dodo for some food, beer (well except our members who do not consume alcohol) and to get a group picture taken. Others who couldn't make it sent a picture of themselves hacking!

 

 

 

  Since i forgot my tshirt in Mauritius, the wife made one for me!

 

 

Presentation

Logan did the presentation remotely. We were queued last in line, since we were remote. There was a few audio issues in the beginning, but once all that was fixed, all was good. :) Special thanks for the ietf folks for their patience with that! Here is a video of our presentation at the event. If you go from the beginning of the video, you can view all the other presentation as well, and all of them were really interesting projects.

 

Challenges that we had this year

While we did have some experience with draft 13 of TLS 1.3, we had quite some challenges this year. We had to keep up with the projects we were working on with and cope for new changes. As well as take into considerations the new  changes related to draft 23 of TLS 1.3.  Testing was much more fine grained this time, and luckily we had WireShark around to catch any handshake issues, specially with that clienthello that caused some pain! But once we got the gist, it was all good.

 

What's next 

Well there are quite some project out there without TLS 1.3 support, and we hope to work on these during the course of the year. There are other events that are coming along as well. Keep posted on our facebook group, page and the event corner of this website!

 

Join us

Want to join us for our next IETF hackathon event, drop us a mail either through our contact form or directly to contact (a|t) hackers mu. It would be great if we could get more people to participate in IETF events, this is for the good of the internet and everyone else. 

 

 

Want more info?

If you want more detailed information about each tasks, please check out the blog of each of our members, you can access their blogs via our member page.

Our presentation can be found here and  mirrored here.

 

Thanks

We have a few people to thank for this event, and they are as follows:

  • TLS 1.3 development team (Nick Sullivan and others)
  •  Charles Eckel & Barry Leiba
  • Meetecho Team
  • Open Source developers who took time to review and submit comments so that we can improve our patches
  • CISCO for sponsoring the hackathon
  • Our families, friends and community members for supporting us
  • Greetings to other local user groups of the island
  • Apologies if we missed anyone here, please do ping us if we missed anyone.

Support

  • We go regular tech talks, or invite you to do so in Saturdays at the university of Mauritius, please join our facebook group or our meetup or  event page  to get more information.

  • If you wish to join us for some hacking, drop us a mail via the contact form!

and yes... Thank YOU for reading and showing interests! 

 

 ps. This article will be updated with more information soon.Do report us any bug in this article!