Hi Haoyu,
Thank you for your review. Your discussion are very helpful for improving the draft. Here are some response: 1.You are absolutely right that distributed architectures introduce their own set of security challenges. Our intention was to highlight that centralized approaches have some risks, such as single points of failure during DDoS/APT attacks, and data sovereignty concerns in regulated sectors. DIN aims to support scenarios where inference stays within a trusted perimeter. We agree that the security challenges of distribution need more attention with more detailed gap analysis and use cases concerning in the draft. 2.We view the AI lifecycle broadly as comprising two major phases: training and inference. We consider agentic AI as an important category of workloads in inference phase. We agree it would be glad to incorporate on agentic AI use cases, requirements and gaps in the next revision. 3.This is a fair critique. The mention of physical-layer protection was meant to be comprehensive, but we agree it may distract from the IETF focus. We will consider modifying or removing that part in the next update. We appreciate your valuable perspective and would be happy to incorporate improving the draft. BR, Jack ----邮件原文----发件人:Haoyu Song <[email protected]>收件人:"宋健" <[email protected]>,rtgwg <[email protected]>抄 送: (无)发送时间:2025-11-06 09:43:16主题:RE: [rtgwg] Re: DIN for AI inference network, all kinds ofcontributions arewelcome Hi Jack, I’ve read the draft and here are a few questions. I’m a little confused by the claim that “Enterprise and industrial AI inference scenarios present unique security and compliance requirements that fundamentally conflict with centralized architectural approaches.” On the contrary, I think the distributed architecture will introduce more challenges in this scenario. Perhaps you mean local inference vs. remote inference? It’s not explicitly mentioned but how is this related to the agentic AI or are you only concerned with the model inference? There are more things to consider in the former (and the more prevalent) case. In 5.3, why “Cryptographic protection should extend to physical layer transmissions”, given there are already network layer, transport layer, and message level security measures? What’s the physical layer security mean exactly? Regards, Haoyu From: 宋健 <[email protected]> Sent: Wednesday, November 5, 2025 8:32 AM To: rtgwg <[email protected]> Subject: [rtgwg] Re: DIN for AI inference network, all kinds of contributions arewelcome add link https://datatracker.ietf.org/doc/draft-song-rtgwg-din-usecases-requirements/ ----邮件原文---- 发件人:"宋健" <[email protected]> 收件人:rtgwg <[email protected]> 抄 送: (无) 发送时间:2025-11-05 23:32:06 主题:DIN for AI inference network, all kinds of contributions arewelcome Hi guys, AI is one of the most critical application today and will domains in the future. At the heart of AI lie two key processes: AI training and AI inference. In the era of AI inference, the Internet should take on a key role. Based on this vision, we have submitted a draft to describe the Distributed Inference Network (DIN) Problem Statement, Use Cases, and Requirements [draft-song-rtgwg-din-usecases-requirements-00]. It is not enough to cover all related problems, use cases or requirements. Any comment and collaboration are welcome. Best regards, Jian Song (Jack) China Mobile
_______________________________________________ rtgwg mailing list -- [email protected] To unsubscribe send an email to [email protected]
