Minutes IETF98: dnsop

Meeting Minutes Domain Name System Operations (dnsop) WG
Title Minutes IETF98: dnsop
State Active
Other versions plain text
Last updated 2017-03-31

Meeting Minutes

   ## DNS Operations (DNSOP) Working Group
# IETF 98, Chicago

### Date: Monday 27 March 2017
### Time: 13:00-15:00 CST (19:00-21:00 UTC)
### Room: Zurich D
### Chairs: Tim Wicinski
### Chairs: Suzanne Woolf

## Secretary: Paul Hoffman


# Agenda
##  Agenda Bashing, Blue Sheets, etc,  10 min

## Updates of Old Work, Chairs

New AD: Warren

Stuart Cheshire speaks on session-signaling : one more revision than WGLC

## Current Working Group Business

* Hoffman,
10 min

George Michaelson(GM): Will not get full consensus on all terms

unknown: start writing the older ones

Paul Hoffman: Off topic for this

Andrew Sullivan: look at other definitions, and see if they make sense

Dan York for Viktor define 'interderminate' in DNSSEC

PH: take to the list, but yes

PH: WGLC by Prague hopefully

* Vcelak,
    NSEC5, DNSSEC Authenticated Denial of Existence

Ondrej: Simlified Draft

unknown: nit on private vs crypto key

Evsn Hunt: elegant solution to a problem I don;t think we have
  Never heard anyone adopting dnssec w.out nsec5

Daniel Kahn Gilmour:  says he knows of people who want to deploy but are
waiting for NSEC5

Dan York/Sam Weiler; get them to explain their requirements to us
Dan/Viktor - planning support for x2559
Shumon Huque:
Sam Weiler: details or it didn't work
Peter Koch: how will it interact with aggressive negative caching

AJS: can we implement practically  ; cost to deply; cost to standards process
depolyment effects i plan

several other algorithm transistions coming up :

paul vixie: zone enumeration demo using acid dns

roy arends: proof key posted but the signing key is not public

jim reid: IPR issues -

Sara: still open IPR issues

* Dickinson,
    C-DNS: A DNS Packet Capture Format

Roy Arends: love this stuff. parsing packet handling

Brian Dickson: Compression pointer rabbit hole

* Crocker,
    DNS Scoped Data Through '_Underscore' Attribute Leaves

DC: should go back and fix SRV and URI specs

Jim Fenton: confused on leaf

Lars:  haggle about the leaf part. how many need changing?

DC: only two

John Levine; situation less dire. SRV is fine.

Brian Dickson: weird table Q

Stuart Cheshire: 2782 things is fixed

Paul Vixie: History may be added to document - underbars bad in hostname.
IANA said did not need registry but now it is obvious it is needed

* Lawrence,
    BULK DNS Resource Records

Working with Century link folks. trying to clean up

Ondrej: generally like the idea, have something similar in knot.

Stephane Bortzmayer: RUnning Code? Like NPN but not that easy to

Brian Dickson: perl regexp

Jimmeni: fairly complicated

Willhem: same position as Ondrej

John Levine; fundamental change to how name servers operate

## New Working Group Business

* Wouters,
* Arends, [draft-arends-dnsop-dnssec-algorithm-update]

Paul Wouters; Want to deprecate SHA1 but have run into an issue

AJS: Tried in dnsext, was painful adding to registry

PW: not going into registry, just the RFC

DKG: Putting in registry not outlandish


Evan Hunt: discussion on ignoring the validators

Roy Arends Presenting: moving SHA1 from Mandatory to Recommended
Turn Pauls' draft to BCP

Olafur: no operators direction

* Kristoff,
    DNS Transport over TCP - Operational Requirements

Several folks step up to say it should be adopted

* Bellis,
    EDNS X-Proxied-For

* Lawrence,
    Client ID in Forwarded DNS Queries
* Lawrence,
    Serving Stale Data to Improve DNS Resiliency

* Hardaker,
    Extended DNS Errors

* Sury, [draft-sury-dnssec-nsec3-blake2]
    Use of BLAKE2 Algoritms in Hashed Authentication Denial of Existence
    (NSEC3) Records for DNSSEC