initial set of slides for tonight

2023/osmodevcall-esim-lpac-smdpp/euicc_esim_pysim_lpac_osmosmdpp.adoc

@@ -0,0 +1,310 @@
+exploring eUICC and eSIM with pySim, lpac and osmo-smdpp
+========================================================
+:revealjsdir: /home/laforge/projects/git/reveal.js
+:revealjs_width: 1918
+:revealjs_height: 1070
+:revealjs_transition: none
+//:revealjs_theme: night
+//:revealjs_theme: beige
+//:revealjs_theme: solarized
+
+
+:author:      Harald Welte <laforge@gnumonks.org>
+:copyright:   2024 by Harald Welte (License: CC-BY-SA)
+:backend:     slidy
+:max-width:   45em
+
+== Overview
+
+* SIM / UICC / USIM recap
+* eSIM Principles
+* eSIM Variants
+* Putting it all together
+
+
+== Recap: Classic SIM
+
+* SIM card introduced with GSM (2G)
+* single-purpose smart card
+* fundamental purpose of classic SIM:
+** storage of configuration data
+** storage of contacts
+** storage of SMS
+** _secure element_ holding the secret per-subscriber key material
+
+
+== Recap: UICC and USIM Application
+
+* UICC is a general-purpose multi-application smart card
+* USIM card application introduced with UMTS (3G)
+* additional, optional ISIM introduced with VoLTE (4G)
+* fundamental purpose of USIM/ISIM:
+** storage of configuration data
+*** thousands of parameters in hundreds of files
+** _secure element_ holding the secret per-subscriber key material
+
+== eSIM in a nutshell
+
+* virtualisation of the USIM
+* de-coupling of _SIM profile_ from _physical chip_
+* the eSIM capable chip is now called *eUICC*
+* eUICC can hold one or more _SIM profiles_
+
+== SIM profile
+
+* File contents of USIM filesystem hierarchy
+* Secret authentication key material (K + OPc)
+* OTA key material
+* PIN, PUK, ADM-PIN, ...
+* SIM (toolkit) applets
+
+Format of eSIM profile is specified in the _eUICC Profile Package_ specification by the Trusted Connectivity Alliance (formerly SIMalliance)
+
+== Quick look at a profile
+
+DEMO TIME
+
+== eUICC
+
+* smart card chip
+* higher requirements than for classic SIM/UICC
+** extensive security requirements
+** various cryptographic functionalities, including ECDSA
+* electrical interface is ISO 7816 (like SIM/UICC)
+* transport protocol is ISO 7816 T=0 (like SIM/UICC)
+* typically soldered on the board or integrated into UE
+** plastic packaged (micro/nano) SIM sized variants available
+
+EID:: unique identifier of eUICC (as ICCID is part of *profile*)
+
+== eUICC
+
+image::euicc_schematic.png[]
+
+== Security Domains
+
+ECASD:: representative of CI/CA
+ISD-R:: representative of SM-SR
+ISD-P:: representative of SM-DP. There can be multiple ISD-P for multiple eSIM profiles, but only one is enabled at any given point in time
+
+
+== eSIM flavors
+
+* _M2M_ eSIM (released first)
+* _Consumer_ eSIM (released later)
+* _IoT_ eSIM (bleeding edge)
+
+
+== Consumer Model
+
+* uses client-driven _pull_ model to provision and manage profiles by the end user
+* HTTPS/TCP/IP protocol used for profile download
+* Introduces SM-DS and LPA (both don't exist in prior M2M)
+* no _provisioning profile_ required, as device can e.g. use WiFi to download a profile
+
+image::esim-consumer-arch.png[eSIM Consumer Architecture,width=1000,align="center"]
+
+
+== Demo: `pySim-shell` on eUICC
+
+DEMO TIME
+
+== Consumer eSIM: LPA
+
+LPA: Local Profile Assistant
+
+* software on the client device
+** can optionally also be fully built-in to the eUICC (LPAe)
+** standard case with smartphones today is on the device (LPAd)
+* provides user interface for profile management
+* talks to local eUICC and to remote SM-DP+
+
+== Consumer eSIM: SM-DP+
+
+SM-DP+:: Subscription Manager - Data Preparation (Enhanced)
+
+* see SM-DP in M2M eSIM
+* combines SM-DP and SM-SR features (hence the *+* designator)
+
+== SM-DP+ Functions
+
+* Profile Package Generation (result: UPP)
+* Profile Package Protection (result: PPP)
+* Profile Package Binding (result: BPP)
+* Profile Package Storage
+* Profile Package Delivery
+* SM-DS Event Registration
+* Remote Profile Management
+
+== Consumer eSIM: SM-DS
+
+SM-DS:: Subscription Manager - Discovery Service
+
+* allows SM-DP+ to reach an eUICC without knowing on which network / via which technology it can be reached
+* stores notifications issued by SM-DP+ for a given eUICC
+* LPA is polling SM-DP+ on behalf of eUICC
+
+== ES8+ Interface
+
+ES8+ (SM-DP+ - eUICC)
+
+* transported over ES9+ between SM-DP+ and LPA
+* transported over ES10b between LPA and eUICC
+
+image::es8p_in_es9p.png[ES8+ in ES9+ and ES10c,width=1700,align="center"]
+
+== ES9+ Interface
+
+ES9+ (SM-DP+ - eUICC)
+
+* utilizes HTTPS over TCP/IP
+** LPA is client; SM-DP+ is server
+** client verifies server TLS certificate, like in the web
+* allows JSON or ASN.1 encoding
+* some special rules about HTTP headers (X-Admin-Protocol, User-Agent)
+
+== ES10x Interface
+
+ES10a/b/c (LPA - eUICC)
+
+* APDU based interface (like all smart card interfaces)
+* uses STORE DATA command as transport mechanism
+
+== Certificate Chain
+
+image::consumer_cert_chain.png[eSIM Certificate Chain,width=1200,align="center"]
+
+== Compliance / Security
+
+* eUICC security: Common Protection Profile, EAL4+
+* Production Environment + Process Security
+** GSMA SAS-UP (eUICC personalization)
+** GSMA SAS-SM (Subscription Management Platforms)
+* Functional compliance
+** GSMA test specification / GlobalPlatform test suite
+* eUICC manufacturers, SM-SR and SM-DP hosting providers *must be GSMA SAS accredited*
+** enforcement is done via the GSMA PKI: Certificates only issued to accredited entities
+
+== Consumer eSIM Procedures (SGP.22)
+
+* Remote Provisioning
+** Profile Download Initiation
+** Common Mutual Authentication
+** Profile Download and Installation
+* Local Profile Management
+** Enable / Disable Profile
+** Add / Delete / List Profile
+** Set/Edit Nickname
+* Local eUICC Management
+** Retrieve EID
+** eUICC Memory Reset
+** eUICC Test Memory Reset
+** Set/Edit Default SM-DP+ Address
+
+== Consumer eSIM: Download Initiation
+
+image::consumer_profile_dl_init.png[Download Initiation,width=1300]
+
+== Consumer eSIM: Download and Install
+
+image::consumer_dl_and_install.png[Download and Installation,width=1150]
+
+== Consumer eSIM: Profile Installation
+
+image::consumer_profile_installation.png[Profile Installation,width=1150]
+
+== Consumer eSIM: Enable Profile
+
+image::consumer_enable_profile.png[Enable Profile,width=1050]
+
+
+== eSIM vs. open source software
+
+* technically all protocol specs are public
+** FOSS implementations of all elements are possible in theory
+* GSMA certification/approval is very expensive
+** unlikely to happen given the associated cost
+* only the LPA does not need any kind of certification, so FOSS LPA are possible
+** `lpac` available from https://github.com/estkme-group/lpac
+** `LPAdesktop` available from https://github.com/Truphone/LPAdesktop
+* in IoT eSIM, also the eIM could be implemented as FOSS without certification requirements
+
+
+== eSIM vs. open source software
+
+* GSMA SAS rules only apply to eUICC with GSMA certificates/keys
+* if you can build/get eUICC with certs from your _your own_ CA, you can do what you want
+* also, there are some Test eUICC with certs/keys documented in SGP.26
+
+=> we can actually write our own SM-DP+ and use it without GSMA blessing
+
+
+== Introducing `osmo-smdpp`
+
+* developed as part pf `pySim` git repo (might change later)
+* implements ES9+ interface (JSON variant only for now)
+* implements BSP and ES8+
+* all the cryptographic elements
+** profile protection
+** profile binding
+** ECDSA
+** ECKA
+** key derivation
+
+== Why `osmo-smdpp`
+
+* any technology should have a FOSS implementation
+** that's the red line through 20 years of my work
+* GSMA specifications are vague/unclear in critical points
+** even other implementers of SM-DP+ and mobile operators agree to that
+* GSMA specifications do not contain any test vectors for any of the crypto!
+* other people like sudoku or crossword puzzles; i liked this topic as challenge
+
+== Status `osmo-smdpp`
+
+* successful mutual authentication with test-eUICC
+* successful eSIM profile download into test-eUICC
+* lots of gaps at the moment (contributions welcome!)
+** profile personalization (WIP)
+** certificate verification (WIP)
+** no ES2+ interface (to operator)
+** no ES12 interface (to SM-DS)
+
+== Demo: `lpac` against `osmo-smdpp`
+
+let's use `lpac` to download a profile into a test eUICC
+
+DEMO TIME
+
+== Demo: `lpac` against production SM-DP+
+
+let's use `lpac` to download a real-world profile into a GSMA eUICC
+
+DEMO TIME
+
+== Thanks
+
+* Thanks to Chris of mode51 software for his blog posts and email replies
+* Thanks to people behind python modules like asn1tools, klein, cryptography, pycryptodome
+
+== Further Reading
+
+* https://media.ccc.de/v/camp2023-57190-demystifying_esim_technology
+* https://www.gsma.com/esim/wp-content/uploads/2018/12/esim-whitepaper.pdf
+* https://www.gsma.com/security/sas-accredited-sites/
+* https://medium.com/@mode51
+
+
+[.questions]
+=== !
+
+[.bubbles]
+=== !
+
+[.hands]
+=== !
+
+
+== EOF
+
+End of File

2023/osmodevcall-esim-lpac-smdpp/euicc_esim_pysim_lpac_osmosmdpp.html

@@ -0,0 +1,687 @@
+<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, minimal-ui"><title>exploring eUICC and eSIM with pySim, lpac and osmo-smdpp</title><meta name="author" content="Harald Welte &lt;laforge@gnumonks.org&gt;"><meta name="copyright" content="2024 by Harald Welte (License: CC-BY-SA)"><link rel="stylesheet" href="/home/laforge/projects/git/reveal.js/dist/reset.css"><link rel="stylesheet" href="/home/laforge/projects/git/reveal.js/dist/reveal.css"><link rel="stylesheet" href="/home/laforge/projects/git/reveal.js/dist/theme/black.css" id="theme"><!--This CSS is generated by the Asciidoctor reveal.js converter to further integrate AsciiDoc's existing semantic with reveal.js--><style type="text/css">.reveal div.right {
+  float: right
+}
+
+/* source blocks */
+.reveal .listingblock.stretch > .content {
+  height: 100%
+}
+
+.reveal .listingblock.stretch > .content > pre {
+  height: 100%
+}
+
+.reveal .listingblock.stretch > .content > pre > code {
+  height: 100%;
+  max-height: 100%
+}
+
+/* auto-animate feature */
+/* hide the scrollbar when auto-animating source blocks */
+.reveal pre[data-auto-animate-target] {
+  overflow: hidden;
+}
+
+.reveal pre[data-auto-animate-target] code {
+  overflow: hidden;
+}
+
+/* add a min width to avoid horizontal shift on line numbers */
+code.hljs .hljs-ln-line.hljs-ln-n {
+  min-width: 1.25em;
+}
+
+/* tables */
+table {
+  border-collapse: collapse;
+  border-spacing: 0
+}
+
+table {
+  margin-bottom: 1.25em;
+  border: solid 1px #dedede
+}
+
+table thead tr th, table thead tr td, table tfoot tr th, table tfoot tr td {
+  padding: .5em .625em .625em;
+  font-size: inherit;
+  text-align: left
+}
+
+table tr th, table tr td {
+  padding: .5625em .625em;
+  font-size: inherit
+}
+
+table thead tr th, table tfoot tr th, table tbody tr td, table tr td, table tfoot tr td {
+  display: table-cell;
+  line-height: 1.6
+}
+
+td.tableblock > .content {
+  margin-bottom: 1.25em
+}
+
+td.tableblock > .content > :last-child {
+  margin-bottom: -1.25em
+}
+
+table.tableblock, th.tableblock, td.tableblock {
+  border: 0 solid #dedede
+}
+
+table.grid-all > thead > tr > .tableblock, table.grid-all > tbody > tr > .tableblock {
+  border-width: 0 1px 1px 0
+}
+
+table.grid-all > tfoot > tr > .tableblock {
+  border-width: 1px 1px 0 0
+}
+
+table.grid-cols > * > tr > .tableblock {
+  border-width: 0 1px 0 0
+}
+
+table.grid-rows > thead > tr > .tableblock, table.grid-rows > tbody > tr > .tableblock {
+  border-width: 0 0 1px
+}
+
+table.grid-rows > tfoot > tr > .tableblock {
+  border-width: 1px 0 0
+}
+
+table.grid-all > * > tr > .tableblock:last-child, table.grid-cols > * > tr > .tableblock:last-child {
+  border-right-width: 0
+}
+
+table.grid-all > tbody > tr:last-child > .tableblock, table.grid-all > thead:last-child > tr > .tableblock, table.grid-rows > tbody > tr:last-child > .tableblock, table.grid-rows > thead:last-child > tr > .tableblock {
+  border-bottom-width: 0
+}
+
+table.frame-all {
+  border-width: 1px
+}
+
+table.frame-sides {
+  border-width: 0 1px
+}
+
+table.frame-topbot, table.frame-ends {
+  border-width: 1px 0
+}
+
+.reveal table th.halign-left, .reveal table td.halign-left {
+  text-align: left
+}
+
+.reveal table th.halign-right, .reveal table td.halign-right {
+  text-align: right
+}
+
+.reveal table th.halign-center, .reveal table td.halign-center {
+  text-align: center
+}
+
+.reveal table th.valign-top, .reveal table td.valign-top {
+  vertical-align: top
+}
+
+.reveal table th.valign-bottom, .reveal table td.valign-bottom {
+  vertical-align: bottom
+}
+
+.reveal table th.valign-middle, .reveal table td.valign-middle {
+  vertical-align: middle
+}
+
+table thead th, table tfoot th {
+  font-weight: bold
+}
+
+tbody tr th {
+  display: table-cell;
+  line-height: 1.6
+}
+
+tbody tr th, tbody tr th p, tfoot tr th, tfoot tr th p {
+  font-weight: bold
+}
+
+thead {
+  display: table-header-group
+}
+
+.reveal table.grid-none th, .reveal table.grid-none td {
+  border-bottom: 0 !important
+}
+
+/* kbd macro */
+kbd {
+  font-family: "Droid Sans Mono", "DejaVu Sans Mono", monospace;
+  display: inline-block;
+  color: rgba(0, 0, 0, .8);
+  font-size: .65em;
+  line-height: 1.45;
+  background: #f7f7f7;
+  border: 1px solid #ccc;
+  -webkit-border-radius: 3px;
+  border-radius: 3px;
+  -webkit-box-shadow: 0 1px 0 rgba(0, 0, 0, .2), 0 0 0 .1em white inset;
+  box-shadow: 0 1px 0 rgba(0, 0, 0, .2), 0 0 0 .1em #fff inset;
+  margin: 0 .15em;
+  padding: .2em .5em;
+  vertical-align: middle;
+  position: relative;
+  top: -.1em;
+  white-space: nowrap
+}
+
+.keyseq kbd:first-child {
+  margin-left: 0
+}
+
+.keyseq kbd:last-child {
+  margin-right: 0
+}
+
+/* callouts */
+.conum[data-value] {
+  display: inline-block;
+  color: #fff !important;
+  background: rgba(0, 0, 0, .8);
+  -webkit-border-radius: 50%;
+  border-radius: 50%;
+  text-align: center;
+  font-size: .75em;
+  width: 1.67em;
+  height: 1.67em;
+  line-height: 1.67em;
+  font-family: "Open Sans", "DejaVu Sans", sans-serif;
+  font-style: normal;
+  font-weight: bold
+}
+
+.conum[data-value] * {
+  color: #fff !important
+}
+
+.conum[data-value] + b {
+  display: none
+}
+
+.conum[data-value]:after {
+  content: attr(data-value)
+}
+
+pre .conum[data-value] {
+  position: relative;
+  top: -.125em
+}
+
+b.conum * {
+  color: inherit !important
+}
+
+.conum:not([data-value]):empty {
+  display: none
+}
+
+/* Callout list */
+.hdlist > table, .colist > table {
+  border: 0;
+  background: none
+}
+
+.hdlist > table > tbody > tr, .colist > table > tbody > tr {
+  background: none
+}
+
+td.hdlist1, td.hdlist2 {
+  vertical-align: top;
+  padding: 0 .625em
+}
+
+td.hdlist1 {
+  font-weight: bold;
+  padding-bottom: 1.25em
+}
+
+/* Disabled from Asciidoctor CSS because it caused callout list to go under the
+ * source listing when .stretch is applied (see #335)
+ * .literalblock+.colist,.listingblock+.colist{margin-top:-.5em} */
+.colist td:not([class]):first-child {
+  padding: .4em .75em 0;
+  line-height: 1;
+  vertical-align: top
+}
+
+.colist td:not([class]):first-child img {
+  max-width: none
+}
+
+.colist td:not([class]):last-child {
+  padding: .25em 0
+}
+
+/* Override Asciidoctor CSS that causes issues with reveal.js features */
+.reveal .hljs table {
+  border: 0
+}
+
+/* Callout list rows would have a bottom border with some reveal.js themes (see #335) */
+.reveal .colist > table th, .reveal .colist > table td {
+  border-bottom: 0
+}
+
+/* Fixes line height with Highlight.js source listing when linenums enabled (see #331) */
+.reveal .hljs table thead tr th, .reveal .hljs table tfoot tr th, .reveal .hljs table tbody tr td, .reveal .hljs table tr td, .reveal .hljs table tfoot tr td {
+  line-height: inherit
+}
+
+/* Columns layout */
+.columns .slide-content {
+  display: flex;
+}
+
+.columns.wrap .slide-content {
+  flex-wrap: wrap;
+}
+
+.columns.is-vcentered .slide-content {
+  align-items: center;
+}
+
+.columns .slide-content > .column {
+  display: block;
+  flex-basis: 0;
+  flex-grow: 1;
+  flex-shrink: 1;
+}
+
+.columns .slide-content > .column > * {
+  padding: .75rem;
+}
+
+/* See #353 */
+.columns.wrap .slide-content > .column {
+  flex-basis: auto;
+}
+
+.columns .slide-content > .column.is-full {
+  flex: none;
+  width: 100%;
+}
+
+.columns .slide-content > .column.is-four-fifths {
+  flex: none;
+  width: 80%;
+}
+
+.columns .slide-content > .column.is-three-quarters {
+  flex: none;
+  width: 75%;
+}
+
+.columns .slide-content > .column.is-two-thirds {
+  flex: none;
+  width: 66.6666%;
+}
+
+.columns .slide-content > .column.is-three-fifths {
+  flex: none;
+  width: 60%;
+}
+
+.columns .slide-content > .column.is-half {
+  flex: none;
+  width: 50%;
+}
+
+.columns .slide-content > .column.is-two-fifths {
+  flex: none;
+  width: 40%;
+}
+
+.columns .slide-content > .column.is-one-third {
+  flex: none;
+  width: 33.3333%;
+}
+
+.columns .slide-content > .column.is-one-quarter {
+  flex: none;
+  width: 25%;
+}
+
+.columns .slide-content > .column.is-one-fifth {
+  flex: none;
+  width: 20%;
+}
+
+.columns .slide-content > .column.has-text-left {
+  text-align: left;
+}
+
+.columns .slide-content > .column.has-text-justified {
+  text-align: justify;
+}
+
+.columns .slide-content > .column.has-text-right {
+  text-align: right;
+}
+
+.columns .slide-content > .column.has-text-left {
+  text-align: left;
+}
+
+.columns .slide-content > .column.has-text-justified {
+  text-align: justify;
+}
+
+.columns .slide-content > .column.has-text-right {
+  text-align: right;
+}
+
+.text-left {
+  text-align: left !important
+}
+
+.text-right {
+  text-align: right !important
+}
+
+.text-center {
+  text-align: center !important
+}
+
+.text-justify {
+  text-align: justify !important
+}
+
+.footnotes {
+  border-top: 1px solid rgba(0, 0, 0, 0.2);
+  padding: 0.5em 0 0 0;
+  font-size: 0.65em;
+  margin-top: 4em;
+}
+
+.byline {
+  font-size:.8em
+}
+ul.byline {
+  list-style-type: none;
+}
+ul.byline li + li {
+  margin-top: 0.25em;
+}
+</style></head><body><div class="reveal"><div class="slides"><section class="title" data-state="title"><h1>exploring eUICC and eSIM with pySim, lpac and osmo-smdpp</h1><p class="byline">
+  <span class="author">Harald Welte &lt;laforge@gnumonks.org&gt;</span>
+  </p></section><section id="_overview"><h2>Overview</h2><div class="slide-content"><div class="ulist"><ul><li><p>SIM / UICC / USIM recap</p></li><li><p>eSIM Principles</p></li><li><p>eSIM Variants</p></li><li><p>Putting it all together</p></li></ul></div></div></section>
+<section id="_recap_classic_sim"><h2>Recap: Classic SIM</h2><div class="slide-content"><div class="ulist"><ul><li><p>SIM card introduced with GSM (2G)</p></li><li><p>single-purpose smart card</p></li><li><p>fundamental purpose of classic SIM:</p><div class="ulist"><ul><li><p>storage of configuration data</p></li><li><p>storage of contacts</p></li><li><p>storage of SMS</p></li><li><p><em>secure element</em> holding the secret per-subscriber key material</p></li></ul></div></li></ul></div></div></section>
+<section id="_recap_uicc_and_usim_application"><h2>Recap: UICC and USIM Application</h2><div class="slide-content"><div class="ulist"><ul><li><p>UICC is a general-purpose multi-application smart card</p></li><li><p>USIM card application introduced with UMTS (3G)</p></li><li><p>additional, optional ISIM introduced with VoLTE (4G)</p></li><li><p>fundamental purpose of USIM/ISIM:</p><div class="ulist"><ul><li><p>storage of configuration data</p><div class="ulist"><ul><li><p>thousands of parameters in hundreds of files</p></li></ul></div></li><li><p><em>secure element</em> holding the secret per-subscriber key material</p></li></ul></div></li></ul></div></div></section>
+<section id="_esim_in_a_nutshell"><h2>eSIM in a nutshell</h2><div class="slide-content"><div class="ulist"><ul><li><p>virtualisation of the USIM</p></li><li><p>de-coupling of <em>SIM profile</em> from <em>physical chip</em></p></li><li><p>the eSIM capable chip is now called <strong>eUICC</strong></p></li><li><p>eUICC can hold one or more <em>SIM profiles</em></p></li></ul></div></div></section>
+<section id="_sim_profile"><h2>SIM profile</h2><div class="slide-content"><div class="ulist"><ul><li><p>File contents of USIM filesystem hierarchy</p></li><li><p>Secret authentication key material (K + OPc)</p></li><li><p>OTA key material</p></li><li><p>PIN, PUK, ADM-PIN, &#8230;&#8203;</p></li><li><p>SIM (toolkit) applets</p></li></ul></div>
+<div class="paragraph"><p>Format of eSIM profile is specified in the <em>eUICC Profile Package</em> specification by the Trusted Connectivity Alliance (formerly SIMalliance)</p></div></div></section>
+<section id="_quick_look_at_a_profile"><h2>Quick look at a profile</h2><div class="slide-content"><div class="paragraph"><p>DEMO TIME</p></div></div></section>
+<section id="_euicc"><h2>eUICC</h2><div class="slide-content"><div class="ulist"><ul><li><p>smart card chip</p></li><li><p>higher requirements than for classic SIM/UICC</p><div class="ulist"><ul><li><p>extensive security requirements</p></li><li><p>various cryptographic functionalities, including ECDSA</p></li></ul></div></li><li><p>electrical interface is ISO 7816 (like SIM/UICC)</p></li><li><p>transport protocol is ISO 7816 T=0 (like SIM/UICC)</p></li><li><p>typically soldered on the board or integrated into UE</p><div class="ulist"><ul><li><p>plastic packaged (micro/nano) SIM sized variants available</p><div class="dlist"><dl><dt class="hdlist1">EID</dt><dd><p>unique identifier of eUICC (as ICCID is part of <strong>profile</strong>)</p></dd></dl></div></li></ul></div></li></ul></div></div></section>
+<section id="_euicc_2"><h2>eUICC</h2><div class="slide-content"><div class="imageblock"><img src="euicc_schematic.png" alt="euicc schematic"></div></div></section>
+<section id="_security_domains"><h2>Security Domains</h2><div class="slide-content"><div class="dlist"><dl><dt class="hdlist1">ECASD</dt><dd><p>representative of CI/CA</p></dd><dt class="hdlist1">ISD-R</dt><dd><p>representative of SM-SR</p></dd><dt class="hdlist1">ISD-P</dt><dd><p>representative of SM-DP. There can be multiple ISD-P for multiple eSIM profiles, but only one is enabled at any given point in time</p></dd></dl></div></div></section>
+<section id="_esim_flavors"><h2>eSIM flavors</h2><div class="slide-content"><div class="ulist"><ul><li><p><em>M2M</em> eSIM (released first)</p></li><li><p><em>Consumer</em> eSIM (released later)</p></li><li><p><em>IoT</em> eSIM (bleeding edge)</p></li></ul></div></div></section>
+<section id="_consumer_model"><h2>Consumer Model</h2><div class="slide-content"><div class="ulist"><ul><li><p>uses client-driven <em>pull</em> model to provision and manage profiles by the end user</p></li><li><p>HTTPS/TCP/IP protocol used for profile download</p></li><li><p>Introduces SM-DS and LPA (both don&#8217;t exist in prior M2M)</p></li><li><p>no <em>provisioning profile</em> required, as device can e.g. use WiFi to download a profile</p></li></ul></div>
+<div class="imageblock" style="text-align: center"><img src="esim-consumer-arch.png" alt="eSIM Consumer Architecture" width="1000"></div></div></section>
+<section id="_demo_pysim_shell_on_euicc"><h2>Demo: <code>pySim-shell</code> on eUICC</h2><div class="slide-content"><div class="paragraph"><p>DEMO TIME</p></div></div></section>
+<section id="_consumer_esim_lpa"><h2>Consumer eSIM: LPA</h2><div class="slide-content"><div class="paragraph"><p>LPA: Local Profile Assistant</p></div>
+<div class="ulist"><ul><li><p>software on the client device</p><div class="ulist"><ul><li><p>can optionally also be fully built-in to the eUICC (LPAe)</p></li><li><p>standard case with smartphones today is on the device (LPAd)</p></li></ul></div></li><li><p>provides user interface for profile management</p></li><li><p>talks to local eUICC and to remote SM-DP+</p></li></ul></div></div></section>
+<section id="_consumer_esim_sm_dp"><h2>Consumer eSIM: SM-DP+</h2><div class="slide-content"><div class="dlist"><dl><dt class="hdlist1">SM-DP+</dt><dd><p>Subscription Manager - Data Preparation (Enhanced)</p><div class="ulist"><ul><li><p>see SM-DP in M2M eSIM</p></li><li><p>combines SM-DP and SM-SR features (hence the <strong>+</strong> designator)</p></li></ul></div></dd></dl></div></div></section>
+<section id="_sm_dp_functions"><h2>SM-DP+ Functions</h2><div class="slide-content"><div class="ulist"><ul><li><p>Profile Package Generation (result: UPP)</p></li><li><p>Profile Package Protection (result: PPP)</p></li><li><p>Profile Package Binding (result: BPP)</p></li><li><p>Profile Package Storage</p></li><li><p>Profile Package Delivery</p></li><li><p>SM-DS Event Registration</p></li><li><p>Remote Profile Management</p></li></ul></div></div></section>
+<section id="_consumer_esim_sm_ds"><h2>Consumer eSIM: SM-DS</h2><div class="slide-content"><div class="dlist"><dl><dt class="hdlist1">SM-DS</dt><dd><p>Subscription Manager - Discovery Service</p><div class="ulist"><ul><li><p>allows SM-DP+ to reach an eUICC without knowing on which network / via which technology it can be reached</p></li><li><p>stores notifications issued by SM-DP+ for a given eUICC</p></li><li><p>LPA is polling SM-DP+ on behalf of eUICC</p></li></ul></div></dd></dl></div></div></section>
+<section id="_es8_interface"><h2>ES8+ Interface</h2><div class="slide-content"><div class="paragraph"><p>ES8+ (SM-DP+ - eUICC)</p></div>
+<div class="ulist"><ul><li><p>transported over ES9+ between SM-DP+ and LPA</p></li><li><p>transported over ES10b between LPA and eUICC</p></li></ul></div>
+<div class="imageblock" style="text-align: center"><img src="es8p_in_es9p.png" alt="ES8+ in ES9+ and ES10c" width="1700"></div></div></section>
+<section id="_es9_interface"><h2>ES9+ Interface</h2><div class="slide-content"><div class="paragraph"><p>ES9+ (SM-DP+ - eUICC)</p></div>
+<div class="ulist"><ul><li><p>utilizes HTTPS over TCP/IP</p><div class="ulist"><ul><li><p>LPA is client; SM-DP+ is server</p></li><li><p>client verifies server TLS certificate, like in the web</p></li></ul></div></li><li><p>allows JSON or ASN.1 encoding</p></li><li><p>some special rules about HTTP headers (X-Admin-Protocol, User-Agent)</p></li></ul></div></div></section>
+<section id="_es10x_interface"><h2>ES10x Interface</h2><div class="slide-content"><div class="paragraph"><p>ES10a/b/c (LPA - eUICC)</p></div>
+<div class="ulist"><ul><li><p>APDU based interface (like all smart card interfaces)</p></li><li><p>uses STORE DATA command as transport mechanism</p></li></ul></div></div></section>
+<section id="_certificate_chain"><h2>Certificate Chain</h2><div class="slide-content"><div class="imageblock" style="text-align: center"><img src="consumer_cert_chain.png" alt="eSIM Certificate Chain" width="1200"></div></div></section>
+<section id="_compliance_security"><h2>Compliance / Security</h2><div class="slide-content"><div class="ulist"><ul><li><p>eUICC security: Common Protection Profile, EAL4+</p></li><li><p>Production Environment + Process Security</p><div class="ulist"><ul><li><p>GSMA SAS-UP (eUICC personalization)</p></li><li><p>GSMA SAS-SM (Subscription Management Platforms)</p></li></ul></div></li><li><p>Functional compliance</p><div class="ulist"><ul><li><p>GSMA test specification / GlobalPlatform test suite</p></li></ul></div></li><li><p>eUICC manufacturers, SM-SR and SM-DP hosting providers <strong>must be GSMA SAS accredited</strong></p><div class="ulist"><ul><li><p>enforcement is done via the GSMA PKI: Certificates only issued to accredited entities</p></li></ul></div></li></ul></div></div></section>
+<section id="_consumer_esim_procedures_sgp_22"><h2>Consumer eSIM Procedures (SGP.22)</h2><div class="slide-content"><div class="ulist"><ul><li><p>Remote Provisioning</p><div class="ulist"><ul><li><p>Profile Download Initiation</p></li><li><p>Common Mutual Authentication</p></li><li><p>Profile Download and Installation</p></li></ul></div></li><li><p>Local Profile Management</p><div class="ulist"><ul><li><p>Enable / Disable Profile</p></li><li><p>Add / Delete / List Profile</p></li><li><p>Set/Edit Nickname</p></li></ul></div></li><li><p>Local eUICC Management</p><div class="ulist"><ul><li><p>Retrieve EID</p></li><li><p>eUICC Memory Reset</p></li><li><p>eUICC Test Memory Reset</p></li><li><p>Set/Edit Default SM-DP+ Address</p></li></ul></div></li></ul></div></div></section>
+<section id="_consumer_esim_download_initiation"><h2>Consumer eSIM: Download Initiation</h2><div class="slide-content"><div class="imageblock"><img src="consumer_profile_dl_init.png" alt="Download Initiation" width="1300"></div></div></section>
+<section id="_consumer_esim_download_and_install"><h2>Consumer eSIM: Download and Install</h2><div class="slide-content"><div class="imageblock"><img src="consumer_dl_and_install.png" alt="Download and Installation" width="1150"></div></div></section>
+<section id="_consumer_esim_profile_installation"><h2>Consumer eSIM: Profile Installation</h2><div class="slide-content"><div class="imageblock"><img src="consumer_profile_installation.png" alt="Profile Installation" width="1150"></div></div></section>
+<section id="_consumer_esim_enable_profile"><h2>Consumer eSIM: Enable Profile</h2><div class="slide-content"><div class="imageblock"><img src="consumer_enable_profile.png" alt="Enable Profile" width="1050"></div></div></section>
+<section id="_esim_vs_open_source_software"><h2>eSIM vs. open source software</h2><div class="slide-content"><div class="ulist"><ul><li><p>technically all protocol specs are public</p><div class="ulist"><ul><li><p>FOSS implementations of all elements are possible in theory</p></li></ul></div></li><li><p>GSMA certification/approval is very expensive</p><div class="ulist"><ul><li><p>unlikely to happen given the associated cost</p></li></ul></div></li><li><p>only the LPA does not need any kind of certification, so FOSS LPA are possible</p><div class="ulist"><ul><li><p><code>lpac</code> available from <a href="https://github.com/estkme-group/lpac" class="bare">https://github.com/estkme-group/lpac</a></p></li><li><p><code>LPAdesktop</code> available from <a href="https://github.com/Truphone/LPAdesktop" class="bare">https://github.com/Truphone/LPAdesktop</a></p></li></ul></div></li><li><p>in IoT eSIM, also the eIM could be implemented as FOSS without certification requirements</p></li></ul></div></div></section>
+<section id="_esim_vs_open_source_software_2"><h2>eSIM vs. open source software</h2><div class="slide-content"><div class="ulist"><ul><li><p>GSMA SAS rules only apply to eUICC with GSMA certificates/keys</p></li><li><p>if you can build/get eUICC with certs from your <em>your own</em> CA, you can do what you want</p></li><li><p>also, there are some Test eUICC with certs/keys documented in SGP.26</p></li></ul></div>
+<div class="paragraph"><p>&#8658; we can actually write our own SM-DP+ and use it without GSMA blessing</p></div></div></section>
+<section id="_introducing_osmo_smdpp"><h2>Introducing <code>osmo-smdpp</code></h2><div class="slide-content"><div class="ulist"><ul><li><p>developed as part pf <code>pySim</code> git repo (might change later)</p></li><li><p>implements ES9+ interface (JSON variant only for now)</p></li><li><p>implements BSP and ES8+</p></li><li><p>all the cryptographic elements</p><div class="ulist"><ul><li><p>profile protection</p></li><li><p>profile binding</p></li><li><p>ECDSA</p></li><li><p>ECKA</p></li><li><p>key derivation</p></li></ul></div></li></ul></div></div></section>
+<section id="_why_osmo_smdpp"><h2>Why <code>osmo-smdpp</code></h2><div class="slide-content"><div class="ulist"><ul><li><p>any technology should have a FOSS implementation</p><div class="ulist"><ul><li><p>that&#8217;s the red line through 20 years of my work</p></li></ul></div></li><li><p>GSMA specifications are vague/unclear in critical points</p><div class="ulist"><ul><li><p>even other implementers of SM-DP+ and mobile operators agree to that</p></li></ul></div></li><li><p>GSMA specifications do not contain any test vectors for any of the crypto!</p></li><li><p>other people like sudoku or crossword puzzles; i liked this topic as challenge</p></li></ul></div></div></section>
+<section id="_status_osmo_smdpp"><h2>Status <code>osmo-smdpp</code></h2><div class="slide-content"><div class="ulist"><ul><li><p>successful mutual authentication with test-eUICC</p></li><li><p>successful eSIM profile download into test-eUICC</p></li><li><p>lots of gaps at the moment (contributions welcome!)</p><div class="ulist"><ul><li><p>profile personalization (WIP)</p></li><li><p>certificate verification (WIP)</p></li><li><p>no ES2+ interface (to operator)</p></li><li><p>no ES12 interface (to SM-DS)</p></li></ul></div></li></ul></div></div></section>
+<section id="_demo_lpac_against_osmo_smdpp"><h2>Demo: <code>lpac</code> against <code>osmo-smdpp</code></h2><div class="slide-content"><div class="paragraph"><p>let&#8217;s use <code>lpac</code> to download a profile into a test eUICC</p></div>
+<div class="paragraph"><p>DEMO TIME</p></div></div></section>
+<section id="_demo_lpac_against_production_sm_dp"><h2>Demo: <code>lpac</code> against production SM-DP+</h2><div class="slide-content"><div class="paragraph"><p>let&#8217;s use <code>lpac</code> to download a real-world profile into a GSMA eUICC</p></div>
+<div class="paragraph"><p>DEMO TIME</p></div></div></section>
+<section id="_thanks"><h2>Thanks</h2><div class="slide-content"><div class="ulist"><ul><li><p>Thanks to Chris of mode51 software for his blog posts and email replies</p></li><li><p>Thanks to people behind python modules like asn1tools, klein, cryptography, pycryptodome</p></li></ul></div></div></section>
+<section><section id="_further_reading"><h2>Further Reading</h2><div class="slide-content"><div class="ulist"><ul><li><p><a href="https://media.ccc.de/v/camp2023-57190-demystifying_esim_technology" class="bare">https://media.ccc.de/v/camp2023-57190-demystifying_esim_technology</a></p></li><li><p><a href="https://www.gsma.com/esim/wp-content/uploads/2018/12/esim-whitepaper.pdf" class="bare">https://www.gsma.com/esim/wp-content/uploads/2018/12/esim-whitepaper.pdf</a></p></li><li><p><a href="https://www.gsma.com/security/sas-accredited-sites/" class="bare">https://www.gsma.com/security/sas-accredited-sites/</a></p></li><li><p><a href="https://medium.com/@mode51" class="bare">https://medium.com/@mode51</a></p></li></ul></div></div></section><section class="questions"></section><section class="bubbles"></section><section class="hands"></section></section>
+<section id="_eof"><h2>EOF</h2><div class="slide-content"><div class="paragraph"><p>End of File</p></div></div></section></div></div><script src="/home/laforge/projects/git/reveal.js/dist/reveal.js"></script><script>Array.prototype.slice.call(document.querySelectorAll('.slides section')).forEach(function(slide) {
+  if (slide.getAttribute('data-background-color')) return;
+  // user needs to explicitly say he wants CSS color to override otherwise we might break custom css or theme (#226)
+  if (!(slide.classList.contains('canvas') || slide.classList.contains('background'))) return;
+  var bgColor = getComputedStyle(slide).backgroundColor;
+  if (bgColor !== 'rgba(0, 0, 0, 0)' && bgColor !== 'transparent') {
+    slide.setAttribute('data-background-color', bgColor);
+    slide.style.backgroundColor = 'transparent';
+  }
+});
+
+// More info about config & dependencies:
+// - https://github.com/hakimel/reveal.js#configuration
+// - https://github.com/hakimel/reveal.js#dependencies
+Reveal.initialize({
+  // Display presentation control arrows
+  controls: true,
+  // Help the user learn the controls by providing hints, for example by
+  // bouncing the down arrow when they first encounter a vertical slide
+  controlsTutorial: true,
+  // Determines where controls appear, "edges" or "bottom-right"
+  controlsLayout: 'bottom-right',
+  // Visibility rule for backwards navigation arrows; "faded", "hidden"
+  // or "visible"
+  controlsBackArrows: 'faded',
+  // Display a presentation progress bar
+  progress: true,
+  // Display the page number of the current slide
+  slideNumber: false,
+  // Control which views the slide number displays on
+  showSlideNumber: 'all',
+  // Add the current slide number to the URL hash so that reloading the
+  // page/copying the URL will return you to the same slide
+  hash: false,
+  // Push each slide change to the browser history. Implies `hash: true`
+  history: false,
+  // Enable keyboard shortcuts for navigation
+  keyboard: true,
+  // Enable the slide overview mode
+  overview: true,
+  // Disables the default reveal.js slide layout so that you can use custom CSS layout
+  disableLayout: false,
+  // Vertical centering of slides
+  center: true,
+  // Enables touch navigation on devices with touch input
+  touch: true,
+  // Loop the presentation
+  loop: false,
+  // Change the presentation direction to be RTL
+  rtl: false,
+  // See https://github.com/hakimel/reveal.js/#navigation-mode
+  navigationMode: 'default',
+  // Randomizes the order of slides each time the presentation loads
+  shuffle: false,
+  // Turns fragments on and off globally
+  fragments: true,
+  // Flags whether to include the current fragment in the URL,
+  // so that reloading brings you to the same fragment position
+  fragmentInURL: false,
+  // Flags if the presentation is running in an embedded mode,
+  // i.e. contained within a limited portion of the screen
+  embedded: false,
+  // Flags if we should show a help overlay when the questionmark
+  // key is pressed
+  help: true,
+  // Flags if speaker notes should be visible to all viewers
+  showNotes: false,
+  // Global override for autolaying embedded media (video/audio/iframe)
+  // - null: Media will only autoplay if data-autoplay is present
+  // - true: All media will autoplay, regardless of individual setting
+  // - false: No media will autoplay, regardless of individual setting
+  autoPlayMedia: null,
+  // Global override for preloading lazy-loaded iframes
+  // - null: Iframes with data-src AND data-preload will be loaded when within
+  //   the viewDistance, iframes with only data-src will be loaded when visible
+  // - true: All iframes with data-src will be loaded when within the viewDistance
+  // - false: All iframes with data-src will be loaded only when visible
+  preloadIframes: null,
+  // Number of milliseconds between automatically proceeding to the
+  // next slide, disabled when set to 0, this value can be overwritten
+  // by using a data-autoslide attribute on your slides
+  autoSlide: 0,
+  // Stop auto-sliding after user input
+  autoSlideStoppable: true,
+  // Use this method for navigation when auto-sliding
+  autoSlideMethod: Reveal.navigateNext,
+  // Specify the average time in seconds that you think you will spend
+  // presenting each slide. This is used to show a pacing timer in the
+  // speaker view
+  defaultTiming: 120,
+  // Specify the total time in seconds that is available to
+  // present.  If this is set to a nonzero value, the pacing
+  // timer will work out the time available for each slide,
+  // instead of using the defaultTiming value
+  totalTime: 0,
+  // Specify the minimum amount of time you want to allot to
+  // each slide, if using the totalTime calculation method.  If
+  // the automated time allocation causes slide pacing to fall
+  // below this threshold, then you will see an alert in the
+  // speaker notes window
+  minimumTimePerSlide: 0,
+  // Enable slide navigation via mouse wheel
+  mouseWheel: false,
+  // Hide cursor if inactive
+  hideInactiveCursor: true,
+  // Time before the cursor is hidden (in ms)
+  hideCursorTime: 5000,
+  // Hides the address bar on mobile devices
+  hideAddressBar: true,
+  // Opens links in an iframe preview overlay
+  // Add `data-preview-link` and `data-preview-link="false"` to customise each link
+  // individually
+  previewLinks: false,
+  // Transition style (e.g., none, fade, slide, convex, concave, zoom)
+  transition: 'none',
+  // Transition speed (e.g., default, fast, slow)
+  transitionSpeed: 'default',
+  // Transition style for full page slide backgrounds (e.g., none, fade, slide, convex, concave, zoom)
+  backgroundTransition: 'fade',
+  // Number of slides away from the current that are visible
+  viewDistance: 3,
+  // Number of slides away from the current that are visible on mobile
+  // devices. It is advisable to set this to a lower number than
+  // viewDistance in order to save resources.
+  mobileViewDistance: 3,
+  // Parallax background image (e.g., "'https://s3.amazonaws.com/hakim-static/reveal-js/reveal-parallax-1.jpg'")
+  parallaxBackgroundImage: '',
+  // Parallax background size in CSS syntax (e.g., "2100px 900px")
+  parallaxBackgroundSize: '',
+  // Number of pixels to move the parallax background per slide
+  // - Calculated automatically unless specified
+  // - Set to 0 to disable movement along an axis
+  parallaxBackgroundHorizontal: null,
+  parallaxBackgroundVertical: null,
+  // The display mode that will be used to show slides
+  display: 'block',
+
+  // The "normal" size of the presentation, aspect ratio will be preserved
+  // when the presentation is scaled to fit different resolutions. Can be
+  // specified using percentage units.
+  width: 1918,
+  height: 1070,
+
+  // Factor of the display size that should remain empty around the content
+  margin: 0.1,
+
+  // Bounds for smallest/largest possible scale to apply to content
+  minScale: 0.2,
+  maxScale: 1.5,
+
+  // PDF Export Options
+  // Put each fragment on a separate page
+  pdfSeparateFragments: true,
+  // For slides that do not fit on a page, max number of pages
+  pdfMaxPagesPerSlide: 1,
+
+  // Optional libraries used to extend on reveal.js
+  dependencies: [
+      { src: '/home/laforge/projects/git/reveal.js/plugin/zoom/zoom.js', async: true, callback: function () { Reveal.registerPlugin(RevealZoom) } },
+      { src: '/home/laforge/projects/git/reveal.js/plugin/notes/notes.js', async: true, callback: function () { Reveal.registerPlugin(RevealNotes) } }
+  ],
+});</script><script>var dom = {};
+dom.slides = document.querySelector('.reveal .slides');
+
+function getRemainingHeight(element, slideElement, height) {
+  height = height || 0;
+  if (element) {
+    var newHeight, oldHeight = element.style.height;
+    // Change the .stretch element height to 0 in order find the height of all
+    // the other elements
+    element.style.height = '0px';
+    // In Overview mode, the parent (.slide) height is set of 700px.
+    // Restore it temporarily to its natural height.
+    slideElement.style.height = 'auto';
+    newHeight = height - slideElement.offsetHeight;
+    // Restore the old height, just in case
+    element.style.height = oldHeight + 'px';
+    // Clear the parent (.slide) height. .removeProperty works in IE9+
+    slideElement.style.removeProperty('height');
+    return newHeight;
+  }
+  return height;
+}
+
+function layoutSlideContents(width, height) {
+  // Handle sizing of elements with the 'stretch' class
+  toArray(dom.slides.querySelectorAll('section .stretch')).forEach(function (element) {
+    // Determine how much vertical space we can use
+    var limit = 5; // hard limit
+    var parent = element.parentNode;
+    while (parent.nodeName !== 'SECTION' && limit > 0) {
+      parent = parent.parentNode;
+      limit--;
+    }
+    if (limit === 0) {
+      // unable to find parent, aborting!
+      return;
+    }
+    var remainingHeight = getRemainingHeight(element, parent, height);
+    // Consider the aspect ratio of media elements
+    if (/(img|video)/gi.test(element.nodeName)) {
+      var nw = element.naturalWidth || element.videoWidth, nh = element.naturalHeight || element.videoHeight;
+      var es = Math.min(width / nw, remainingHeight / nh);
+      element.style.width = (nw * es) + 'px';
+      element.style.height = (nh * es) + 'px';
+    } else {
+      element.style.width = width + 'px';
+      element.style.height = remainingHeight + 'px';
+    }
+  });
+}
+
+function toArray(o) {
+  return Array.prototype.slice.call(o);
+}
+
+Reveal.addEventListener('slidechanged', function () {
+  layoutSlideContents(1918, 1070)
+});
+Reveal.addEventListener('ready', function () {
+  layoutSlideContents(1918, 1070)
+});
+Reveal.addEventListener('resize', function () {
+  layoutSlideContents(1918, 1070)
+});</script></body></html>

2023/retonetcall-divf/divf-yate-trunkdev.adoc

@@ -0,0 +1,101 @@
+Retronetworking divf - yate, dhdi-trunkdev and more
+===================================================
+:revealjsdir: /home/laforge/projects/git/reveal.js
+:revealjs_width: 1918
+:revealjs_height: 1070
+:revealjs_transition: none
+//:revealjs_theme: night
+//:revealjs_theme: beige
+//:revealjs_theme: solarized
+
+
+:author:      Harald Welte <laforge@gnumonks.org>
+:copyright:   2023 by Harald Welte (License: CC-BY-SA)
+:backend:     slidy
+:max-width:   45em
+
+== Who am I?
+
+* Harald "LaF0rge" Welte
+* Recovering Linux Kernel hacker (netfilter/iptables)
+* Founder of Osmocom (Open Source Mobile Communications)
+** tons of FOSS projects around mobile comms
+* Active participant of CCC Camps and congresses since 1999
+* Dayjob: Implementing cellular protocols across all layers
+* Hobby: Research on data communications from the 1970s to 1990
+** *Osmocom retronetworking* project was also operating ISDN + POTS at CCC Camp 2023
+
+
+== Retronetworking
+
+* many people enjoy *retrocomputing*
+** focus is on historical computers (real or emulated)
+* but what's a computer without communications technology?
+* *retronetworking* is just like *retrocomputing*
+** focus is on networking / telecommunications
+
+== Why
+
+* because we can
+* relevance of communication technology to computing
+** (at least) since the 1980s, home computers / PCs used acoustic couplers and modems
+* equipment (user side, network side) readily available
+** NICs, Modems, ISDN-TA, Video Telephones, Fax Machines
+* personal reasons:
+** I mostly was a user *back in the day*
+** now I'm a developer with decades of experience
+** no chance back then to play with / operate the network side
+
+== Why (more serious reasons)
+
+* our society becomes more and more technology-driven
+* preserving [knowledge about] historical technology is important to preserve our *cultural history*
+** thanks to Software Heritage Project, even software is now considered *immaterial cultural heritage* by
+UNESCO
+* today we still have a chance of collecting and/or documenting *early digital* communications technology
+* window of opportunity is closing
+** equipment harder to find once it is all scrapped
+** software for management / configuration often even harder
+** people involved in creating it are passing away
+
+== OCTOI Network
+
+image::octoi-network.png[width=1800]
+
+== Joining OCTOI Network
+
+* get a PBX with E1/PRI/S2M uplink
+* get an icE1usb device + embedded Linux (rpi, beaglebone, nanopi, ...)
+** icE1usb available with considerable community discount
+* connect your system via the internet to the OCTOI hub
+* interact with hosted services and/or other users
+
+== How to get in touch?
+
+* join our forums at https://discourse.osmocom.org/
+* join our IRC channel `#retronetworking` on `libera.chat`
+* join our (almost) monthly teleconference `RetroNetCall`
+* contact me privately if you have stuff to donate
+** e-mail: `laforge@gnumonks.org`
+** Fediverse: `@LaF0rge@chaos.social`
+
+== Further Reading
+
+* https://osmocom.org/projects/retronetworking/wiki
+* https://osmocom.org/projects/octoi/wiki
+* https://projects.osmocom.org/projects/retronetworking/wiki/RetroNetCall
+
+
+[.questions]
+=== !
+
+[.bubbles]
+=== !
+
+[.hands]
+=== !
+
+
+== EOF
+
+End of File