[{"author": "Tim Wicinski", "text": "

Hi All

", "time": "2023-11-07T16:00:38Z"}, {"author": "David Lawrence", "text": "

wrong stream, tim

", "time": "2023-11-07T16:03:14Z"}, {"author": "Tim Wicinski", "text": "

sigh.

", "time": "2023-11-07T16:03:39Z"}, {"author": "Tim Wicinski", "text": "

I will remember this Dave when you are asking for minute takers tomorrow

", "time": "2023-11-07T16:04:48Z"}, {"author": "David Lawrence", "text": "

we <3 the way you use the wrong stream, Tim!

", "time": "2023-11-07T16:05:08Z"}, {"author": "Tim Wicinski", "text": "

It's all too confusing !

", "time": "2023-11-07T16:05:35Z"}, {"author": "Tim Wicinski", "text": "

I made the executive decision to do document updates on Friday to give the Hackathon discussion as much time as possible

", "time": "2023-11-07T16:07:12Z"}, {"author": "Java Bekpulatov", "text": "

is it \"Domain Name System Operations\"?

", "time": "2023-11-07T16:07:15Z"}, {"author": "\u00c9ric Vyncke", "text": "

As long as I have my minutes takers ;-)

", "time": "2023-11-07T16:07:16Z"}, {"author": "\u00c9ric Vyncke", "text": "

(the above for Dave & Jim)

", "time": "2023-11-07T16:07:29Z"}, {"author": "David Lawrence", "text": "
\n

is it \"Domain Name System Operations\"?
\nThis WG? Yes.

\n
", "time": "2023-11-07T16:07:54Z"}, {"author": "Java Bekpulatov", "text": "

Thanks, appreciate it

", "time": "2023-11-07T16:08:13Z"}, {"author": "David Lawrence", "text": "

Note that what Petr is generalising about AliasMode is something that we're pretty confident we can use to solve the DS operator problem. Rather than requiring customers to manage the DS through their registrar, or that the registry implement CDS, the chain of trust can be built completely with secure indirection to the operator who can than manage the customer key part of the chain.

", "time": "2023-11-07T16:14:29Z"}, {"author": "Anthony Somerset", "text": "

DELEG looks really interesting - nice first thinking

", "time": "2023-11-07T16:14:42Z"}, {"author": "David Lawrence", "text": "

We have a solid base of people from across the industry that are supportive of the direction.

", "time": "2023-11-07T16:15:23Z"}, {"author": "Anthony Somerset", "text": "

i like the idea of baking in the ability to signal availability of DoT among other things

", "time": "2023-11-07T16:16:12Z"}, {"author": "Shivan Sahib", "text": "

:wave:

", "time": "2023-11-07T16:16:34Z"}, {"author": "Jim Reid", "text": "

DELEG is interesting

", "time": "2023-11-07T16:16:34Z"}, {"author": "Mike Bishop", "text": "

Looking forward to seeing what comes of this. I wonder what it would take to align this with SVCB and make it a \"SVCB-compatible\" record instead of being \"inspired by\" SVCB.

", "time": "2023-11-07T16:16:37Z"}, {"author": "Jim Reid", "text": "

Whoops: far finger! DELEG seems interesting. I am very uncomfortable about key DNS protocol work happening outside the IETF. IMO this DELEG idea should be getting discussed on the dnsop list.

", "time": "2023-11-07T16:18:45Z"}, {"author": "David Lawrence", "text": "

Yes, Jim, the -00 draft is being actively worked on for submission to the dnsop stream

", "time": "2023-11-07T16:19:35Z"}, {"author": "Erik Nygren", "text": "

@Benjamin Schwartz and I are both involved and would very much like it to be SVCB-compatible and there's no reason yet that it can't be. But DELEG is still early in its life with lots of opportunities to refine (and bikeshed).

", "time": "2023-11-07T16:20:14Z"}, {"author": "Suzanne Woolf", "text": "

Jim FWIW what's more likely to happen, if enough people want to bring their outside experience into the IETF, is that a dedicated WG would be spun off from DNSOP-- both because it's protocol work and because it's a large enough chunk of work to need dedicated effort.

", "time": "2023-11-07T16:21:49Z"}, {"author": "Jim Reid", "text": "

@David Lawrence, Glad to hear it! Life's too short to go looking at github or mattermost: whatever they are.

", "time": "2023-11-07T16:22:32Z"}, {"author": "Benjamin Schwartz", "text": "

Taking a normative dependency on the PSL seems pretty weird.

", "time": "2023-11-07T16:22:35Z"}, {"author": "Benjamin Schwartz", "text": "

It seems like this should really be inverted: these rules should be guidance provided by the PSL, referencing this RFC.

", "time": "2023-11-07T16:23:11Z"}, {"author": "Daniel Gillmor", "text": "

PSL isn't really prepared to provide additional extensible bits of metadata about the identified zones, afaict

", "time": "2023-11-07T16:24:04Z"}, {"author": "Erik Nygren", "text": "

(Side-note: I suspect PSL would also love resources/support if there are people interested.)

", "time": "2023-11-07T16:25:34Z"}, {"author": "Shane Kerr", "text": "

Bonus points for this presentation for using quux as the metasyntatic variable name.

", "time": "2023-11-07T16:26:36Z"}, {"author": "Tim Wicinski", "text": "

Always Love seeing Erik doing work! J/K Erik - your contributions to this were very great

", "time": "2023-11-07T16:26:55Z"}, {"author": "David Lawrence", "text": "

it skipped right over bar and baz tho

", "time": "2023-11-07T16:27:26Z"}, {"author": "Eric Orth", "text": "

Am I remembering wrong, or didn't we have timers before?

", "time": "2023-11-07T16:28:20Z"}, {"author": "David Lawrence", "text": "

The bottom of screen timer is new

", "time": "2023-11-07T16:28:30Z"}, {"author": "Peter van Dijk", "text": "

the timers are new, Suzanne also just mentioned that :)

", "time": "2023-11-07T16:28:31Z"}, {"author": "Suzanne Woolf", "text": "

@meetecho the DNSOP chairs really like the embedded timers :-)

", "time": "2023-11-07T16:28:51Z"}, {"author": "Anthony Somerset", "text": "

the timers used to be there but the visibility was always not great

", "time": "2023-11-07T16:28:52Z"}, {"author": "Erik Nygren", "text": "

FWIW, the \"PRIVATE\" vs \"ICANN\" sections of the PSL exist, so we're just referencing their usage not introduce something new.

", "time": "2023-11-07T16:32:22Z"}, {"author": "David Lawrence", "text": "

https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#underscored-globally-scoped-dns-node-names

", "time": "2023-11-07T16:33:08Z"}, {"author": "Anthony Somerset", "text": "

please kindly move the speaker mic up for the remote stream - just a little on quiet side due to distance from speakers mouth

", "time": "2023-11-07T16:34:28Z"}, {"author": "Daniel Gillmor", "text": "

at the mic i was expressing general concern about building labels that involve spliced strings from external parties combined with fixed strings for protocols. If one mechanism does this splicing with the externally-controlled string as a prefix; and the other does such splicing with a suffix -- then it's possible for a malicious external party (or just a really unlucky one) could collide the label

", "time": "2023-11-07T16:34:34Z"}, {"author": "Erik Nygren", "text": "

Daniel Gillmor said:

\n
\n

at the mic i was expressing general concern about building labels that involve spliced strings from external parties combined with fixed strings for protocols. If one mechanism does this splicing with the externally-controlled string as a prefix; and the other does such splicing with a suffix -- then it's possible for a malicious external party (or just a really unlucky one) could collide the label

\n
\n

Opened: https://github.com/ietf-wg-dnsop/draft-ietf-dnsop-domain-verification-techniques/issues/105
\nFeel free to add more there.

", "time": "2023-11-07T16:38:31Z"}, {"author": "Daniel Gillmor", "text": "

i can't believe they specified scheme=1 and scheme=2, but didn't specify scheme=0. tsk tsk bad computer scientists!

", "time": "2023-11-07T16:39:17Z"}, {"author": "Anthony Somerset", "text": "

much better thanks

", "time": "2023-11-07T16:39:17Z"}, {"author": "Peter van Dijk", "text": "

some type at the apex would require ICANN policy changes I think? (it's not the proposed solution anyway)

", "time": "2023-11-07T16:39:17Z"}, {"author": "David Lawrence", "text": "

apex no, zone cut yes

", "time": "2023-11-07T16:41:03Z"}, {"author": "Samuel Weiler", "text": "

where's Bert to mutter something about camels?

", "time": "2023-11-07T16:41:28Z"}, {"author": "Vittorio Bertola", "text": "

Samuel Weiler said:

\n
\n

where's Bert to mutter something about camels?

\n
\n

enjoying camel-less life

", "time": "2023-11-07T16:43:18Z"}, {"author": "Tim Wicinski", "text": "

Peter - yes any changes that would end up in the TLD zone files require an RFC and then an ICANN change

", "time": "2023-11-07T16:43:27Z"}, {"author": "Erik Nygren", "text": "

Although if it's a new RR type ideally it could still be SVCB-compatible...

", "time": "2023-11-07T16:43:34Z"}, {"author": "Benno Overeinder", "text": "

Sam, check @bert_hubert@fosstodon.org!

", "time": "2023-11-07T16:43:47Z"}, {"author": "Peter van Dijk", "text": "

indeed, SVCB is made for inheritance

", "time": "2023-11-07T16:43:52Z"}, {"author": "Greg Choules", "text": "

Re' domain validation I was going to ask about the number of additional labels. Examples shown are _foo-challenge.example.com. (one label) and _feature1._foo-challenge.example.com. (two labels). I imagine that two would be enough for any use case? The draft doesn't say explicitly that only one or two labels are permitted, depending on the use case. Or does it matter?

", "time": "2023-11-07T16:43:59Z"}, {"author": "Tim Wicinski", "text": "

In DMARC we wrote the PSD draft to talk about getting DMARC records into zones like .uk/.gov etc. Levine can give you the details

", "time": "2023-11-07T16:44:16Z"}, {"author": "Suzanne Woolf", "text": "

@Tim no an RFC is not required. But ICANN does have a process.

", "time": "2023-11-07T16:44:21Z"}, {"author": "Jim Reid", "text": "

Tim, the ICANN change will involve endless consultations and RZERC review

", "time": "2023-11-07T16:44:46Z"}, {"author": "Shivan Sahib", "text": "

@Greg Choules
\nYes, those should be sufficient, but there is possibility for confusion regarding scope, hence https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-domain-verification-techniques-03#section-5.1.2

", "time": "2023-11-07T16:54:03Z"}, {"author": "Erik Nygren", "text": "

This would truly be \"split horizon\"? (sorry, couldn't resist)

", "time": "2023-11-07T16:55:49Z"}, {"author": "Anthony Somerset", "text": "

that has to be said on the mic !

", "time": "2023-11-07T16:57:17Z"}, {"author": "Hafiz Farooq", "text": "

.moon and .mars tld will make sense now

", "time": "2023-11-07T16:58:47Z"}, {"author": "Eric Orth", "text": "

I imagine this stuff is very important for once there's some human habitat on Moon/Mars. And the lead time to help the governments set up their internet probably means we need to have this stuff designed 30+ years in advance.

", "time": "2023-11-07T16:59:01Z"}, {"author": "Jim Reid", "text": "

A chocolate company will whine about .mars

", "time": "2023-11-07T16:59:14Z"}, {"author": "Daniel Gillmor", "text": "

fwiw, it is called \"isolated-networks\" -- not \"moon\" or \"mars\"

", "time": "2023-11-07T16:59:51Z"}, {"author": "Eric Orth", "text": "

Ben hates human expansion into the universe. :P

", "time": "2023-11-07T17:00:08Z"}, {"author": "Daniel Gillmor", "text": "

@Benjamin Schwartz is \"earth\" what the E in EDNS stands for?

", "time": "2023-11-07T17:00:14Z"}, {"author": "Erik Nygren", "text": "

Camels In Space!

", "time": "2023-11-07T17:00:21Z"}, {"author": "Brett Carr", "text": "

There are def operators of planetary isolated networks where this would be useful. I would be interested in this from a point of view of some of our operations

", "time": "2023-11-07T17:00:40Z"}, {"author": "Benjamin Schwartz", "text": "

Eric Orth said:

\n
\n

Ben hates human expansion into the universe. :P

\n
\n

No, I hate DNS!

", "time": "2023-11-07T17:00:41Z"}, {"author": "Daniel Gillmor", "text": "

Eric Orth said:

\n
\n

Ben hates human expansion into the universe. :P

\n
\n

if he does, he's not the only one. we've wrecked enough down here, we don't need to wreck any more until we can demonstrate better stewardship here, thanks.

", "time": "2023-11-07T17:01:02Z"}, {"author": "David Lawrence", "text": "

DELEG 0 ns1.mars transport=solar-sail

", "time": "2023-11-07T17:01:07Z"}, {"author": "Stephen Farrell", "text": "

did experiments ilke this (in arctic, not space) 10 years ago and we had to fake apple captive portal stuff in DNS

", "time": "2023-11-07T17:01:18Z"}, {"author": "Greg Choules", "text": "

Jim Reid said:

\n
\n

A chocolate company will whine about .mars

\n
\n

Nah, that would be mars.cadbury

", "time": "2023-11-07T17:01:19Z"}, {"author": "Hafiz Farooq", "text": "

so soon aliens will start ordering from amazon

", "time": "2023-11-07T17:01:43Z"}, {"author": "Jim Reid", "text": "

I was going to say at the mike that Marc's idea may have uses on this planet: places like desert islands that have limited connectivity.

", "time": "2023-11-07T17:01:48Z"}, {"author": "David Lawrence", "text": "
\n

No, I hate DNS!

\n
\n

Boy did you wander into the wrong room

", "time": "2023-11-07T17:01:48Z"}, {"author": "Daniel Gillmor", "text": "

David Lawrence said:

\n
\n
\n

No, I hate DNS!

\n
\n

Boy did you wander into the wrong room

\n
\n

what, @Benjamin Schwartz isn't allowed to hate-attend the sessions like the rest of us?

", "time": "2023-11-07T17:02:33Z"}]