Minutes IETF97: dnsop
Domain Name System Operations
||Minutes IETF97: dnsop
DNSOP @ IETF-97 2016/11/15 13:30 Grand Ballroom #1
Chairs Tim Wicinski and Suzanne Woolf start meeting at 13:31
Scribe: Olafur Gudmundsson and Paul Hoffman
Jabber Scribe: Dan York
RFC8020 took less than 1 year to publish
Concluded LC nsec-agressive may need second LC due to changes and edns-key-tag
Resolver-priming (after 10 years almost done)
Maintain-ds is now blocked for RFC7344 to be advanced to standards track.
refuse-any waiting on editors update
Special names problem statement sutld-ps adopted alt-tld in holding pattern
NO discussion on this topic today!!!!!!
Terry Mendelson threatinging a application for a TLD from Homenet may
require a Interim meeting
no-response-issue got big textual update, neeeds reviews soon as this is
scheduled for WGLC SOON!!
Candidates for adoption
draft-vixie-dns-rpz wants publication to document current practice
-biz can adopt new features
draft-hardaker-rfc5011-security-considerations needs feedback if
is of interest
13:45 Paul Hoffman, [dns-terminology-bis]
(https://datatracker.ietf.org/doc/draft-ietf-dnsop-terminology-bis/), 10 min
did update late,
* Hoffman, DNS over HTTP BoF Happening
Location: Studio 7 at 18:45
Http people want exact format of DNS HTTP, as http people want to
have the ability to push DNS messages over HTTP.
there are multiple drafts in this space.
Multiple responses will be discussed on mailing list.
* Chairs, [draft-ietf-dnsop-no-response-issue]
(https://datatracker.ietf.org/doc/draft-ietf-dnsop-no-response-issue/), 5 min
- Action: With rewritten redmediation, ready for WGLC?
## Current Working Group Business
* Cheshire, [draft-ietf-dnsop-session-signal]
(https://datatracker.ietf.org/doc/draft-ietf-dnsop-session-signal/), 5 min
Question 1: Ray Bellis advocates using abbreviated 4-byte header instead of
traditional 12-byte header.
Is this a good idea?
Some opinions on either side:
Wes Hardaker asks if the savings are worth the security of risk creating a
new parsing engine?
Ray Bellis says this is doable
SC does not care strongly about optimizations. Is asking for the opinion
of the group.
Question 2: Does every message need a response? Or can there be unilateral
Question 3: Proposed terminology change, for clarity, from “idle timeout”
to “KeepAlive interval”?
## New Working Group Business
* Cheshire, [draft-cheshire-sudn-ipv4only-dot-arpa]
(https://datatracker.ietf.org/doc/draft-cheshire-sudn-ipv4only-dot-arpa/), 5 min
This is special name, but it is not listed in the Special Names registry.
Usage is quite common on IPv6-only networks like cellphone operators have.
Andrew Sullivan: There was fight in the WG that defined this (behave) over
this topic, thus DNSOP should not adopt.
Making the TTLS longer will mitigate the effect of server outages.
Dan York: why do we think client will stop using this?
SC: We don't think clients will stop using this. They will continue to use
it, and we want it to work reliably.
Paul Hoffman: Put it in the registry
SC: Because the name is not listed as a special name, DNS64 gateways have
to do a pointless lookup
(that they already know the answer to) and that pointless lookup affects
performance and reliability.
Peter Koch: This is not needed and you may do more harm
Matt Pounsett: This is special name and the document should be published
Andrew Sullivan: On first reading of this draft I was convinced by the
points it makes.
Now I’m starting to have second thoughts again.
I encourage others to read the document and form their own opinions.
* Bortzmeyer, [draft-wallstrom-dnsop-dns-delegation-requirements]
(https://datatracker.ietf.org/doc/draft-wallstrom-dnsop-dns-delegation-requirements/), 10 min
- Action: Worth adopting?
Jim Reed: what kind of status ==> BCP
discussion about Public Suffix list
George M: He strugles with delegation tests after delegations;
policing goes to bad place
Olafur: against adoption without major changes
John L: scared
Peter Koch: does post delegation checks hard to create list that
everyone can agree on; not describing eough may decrease the value
of the document, wants list of pure requirements
SW: non-response draft has been tuned down and how has tracktion
Ed Lewis: IETF should define the requirements for healthy delegations
not talk about how to/if enforce
David Conrad: agrees with Ed but invovkes policy
Jim Reid: agrees with Peter Koch for recommendations
Paul Hoffman: about TLS testing, there are multiple testers and they
all use differnt criteria's, the document is sloppy; Agrues against
restricting to hostnames.
"If you want delegation tests here is a list"
OndrejS: Things will be moving targets,
SW: will take question of the adoption is going to be taken to the list.
* Dickinson, [draft-dickinson-dnsop-dns-capture-format]
(https://datatracker.ietf.org/doc/draft-dickinson-dnsop-dns-capture-format/), 10 min
- Action: More work on formats?
- IPR Issue
-- IPR disclosure WO
Shane Kerr: should adopt; performance?
SD: yes they have performance results, "remving data" seems to
GeorgeM: Defintily adopt this is appropritate. Observations: compression
of pcap is quite good.
SD: needs more meta data
SW: wg has not position on the IPR
Kaveh: Supports adoption strongly
Wes H: +1 on adoption
Hum for adotpion: strong for ; none against
* Fujiwara, [draft-fujiwara-dnsop-resolver-update]
(https://datatracker.ietf.org/doc/draft-fujiwara-dnsop-resolver-update/), 15 min
- Action: Continue with work?
Olafur: strongly disagree there are no need for these changes
Onderj: He supports making the behavior more deterministic
Witold: This is a ugly hack, do not proceed
Ed Lews: NS will differ; wants
Peter Koch: small change to make sure delegation data is purged regularly
MarkA: only cache NS longer than the parent TTL even if they are
updated by shorter TTL in child
SW: more discussion needed before adoption
* Pounsett, [draft-pounsett-transferring-automated-dnssec-zones]
(https://datatracker.ietf.org/doc/draft-pounsett-transferring-automated-dnssec-zones/), 5 min
- Action: Worth pursuing, and IPR Issue
IPR issues; no jugdgemnt
needs more review and wants answers to questions on the mailing list
Kal Feher: as someone who does this regularly he supports addoption
* Yao, [draft-yao-dnsop-accompanying-questions]
(https://datatracker.ietf.org/doc/draft-yao-dnsop-accompanying-questions/), 5 min
- Action: Requested adoption, is the draft and the WG ready?
Ondrej: Why is this needed ? this will be hard to use; sees no benefit
PaulH: wants more details and objects to a document w/o security
* Sivaraman, [draft-muks-dnsop-dns-catalog-zones]
(https://tools.ietf.org/html/draft-muks-dnsop-dns-catalog-zones-01), 5 min
John D: what about superzones in PowerDNS
Konstanstin: PowerDNS can not delete
* York, [draft-york-dnsop-deploying-dnssec-crypto-algs]
Paul, Dueane, Scott, ???
15:28 END of meeting