Skip to main content

Minutes interim-2020-dnsop-02: Thu 17:00

Meeting Minutes Domain Name System Operations (dnsop) WG
Title Minutes interim-2020-dnsop-02: Thu 17:00
State Active
Other versions plain text
Last updated 2020-04-23

# DNS Operations (DNSOP) Working Group
## interim-2020-dnsop-02
### 23 April 2020, 1500 - 1600 UTC

### Chairs
* Tim Wicinski [](
* Suzanne Woolf [](
* Benno Overeinder [](

Benno went over the agenda, said that it was expected to run over time

YANG Types for DNS Classes and Resource Record Types, Ladislav Lhotka
    Thinks this is ready for WG LC, but also needs a review by the YANG doctors
    Joe Abley: If IANA is not ready for keeping modules like this, could be
        Ladislav: IANA already has some registries, but not like this one
            There were objections, particularly from Paul Wouters
            Only thing not clear is whether this publication mechanism is
            acceptable to IANA
    Michelle Cotton (IANA): IANA has been testing it out
        Haven't seen the document yet, would like to do an early review
        Will do an early review

Interoperable Domain Name System (DNS) Server Cookies, Willem Toorop
    First slide has the obligitory photo of yummy-looking cookies
    Marc Groenewg: When will the NSD implementation be available?
        Willem: Soonish, but waiting for RFC
        Benno (NSD hat): Will implement when there is an RFC
    Benno (chair hat): will schedule WG Last Call soon

DNS TIMEOUT Resource Record, Tom Pusateri
    Joe: Another use for an RRtype is to troubshoot
        Likes this better than an EDNS0 type
        Maybe do this just for RRsets instead of hash
    Mark Andrews: Definitely need the hash for regeneration of timeout records
        Such as for Bonjour
    Jim Reid: Do you need to signal hash algorithm?
        Tom: Preference is to define a single hash
            Registry in the draft
            Uses "method"
    Benno: Will have call for adoption in a few weeks

Delegation Revalidation by DNS Resolvers, Shumon Huque
    Warren Kumari: There was other stuff in the "resimprove" work from the past
    that was useful
        Shumon: This covers all the useful stuff
    St├ęphane Bortzmeyer: Also related to QNAME minimization
        Some auth resolvers timeout on explicit NS queries
    Ralf Dolmans: This draft is opportunistic, QNAME minimization would not
    conflic Daniel Migault: Likes this kind of work
        Why consider capping based on the NS record in the parent instead of
        the DS Shumon: Can't do that unless DNSSEC is universally deployed,
        which it isn't
            Can't rely on DS being the same
        Paul Vixie: Could add DS adding this into the revalidating equation
            But this is already what a validator will do
    Mark: BIND has already done this for a decade
    Benno: Wants more discussion on mailing list, then WG call later (but
    before Madrid) Suzanne: Wants to see a -01, then call for adoption

Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for
DNSSEC, Dmitry Belyavsky
    Stanislav Smyshlyaev: Supports work for crypto agaility
        Can be used at least inside Russia
    Valery Smyslov: Supports this change because old algorithm is deprecated
    Jim: Supports work
        Wants references to old ones to be deprecated
    Warren: Wanted this to got through DNSOP, not AD-sponsored
        Does it work with DNSSEC, not have discussions on the algorithm itself
    Benno: Will schedule call for adoption

Summary of meeting, Benno
    Summarized the upcoming calls for adoptions