


DNSEXT @ IETF-76 Hiroshima Japan 
November 9'th 2009 at 17:40 ANA Hotel Orchid East

Chairs: Olafur Gudmundsson present 
	Andrew Sullivan	   remote participation

Scribe: Patrik Wallstroem
Jabber: Joao Domas (with help from George Michaelson) 
Slides: Edward Lewis 


Working group document status was sent to few days before the meeting  
	http://www.psg.com/lists/namedroppers/namedroppers.2009/msg02861.html
Chair agenda slides: 
        http://www.ietf.org/proceedings/09nov/slides/dnsext-4.pdf
Jabber Log: 
        http://www.ietf.org/jabber/logs/dnsext/2009-11-09.txt
Audio recording: 
        http://www.ietf.org/audio/ietf76/ietf76-ch6-mon-afnoon3.mp3

Access Jabber log or audio recording for more details of discussions. 


Start of meeting: 
Document: DNSKEY Registry States:
Olafur Gudmundsson for Scott Rose 

http://www.ietf.org/proceedings/09nov/slides/dnsext-0/dnsext-0.htm 
Jelte Jensen wants the document to remove a redundant ?? column in the
registry. 

Document seems ready to be advanced after minor fixes. 

Document: DNSSEC Algorithm Allocation Rules
Paul Hoffman
     http://www.ietf.org/proceedings/09nov/slides/dnsext-3.pdf


Question reserve test/documentation value ? 
Jelte to provide suggested text. 

Other than that document is ready for last call. 


DNSSEC bis updates: 
Olafur Gudmundsson as chair looking for input from working group. 

One big open issue "Trust Anchor Selection" 
There was intense discussion on what the options are and what they
mean. 
There was a agreement in the room to have the DNSSECbis document,
specify what the different policies are but not mandate any of them, as
that is local policy. 

Documents in WG adoption queue need review: 
 draft-hoffman-dnssec-ecdsa
 draft-hoffman-dnssec-dsa-sha2
 draft-barwood-transport-signal

DNS Transport over TCP 
Ray Bellis
    http://www.ietf.org/proceedings/09nov/slides/dnsext-1/dnsext-1.htm

There was some discussion that this is not needed, or DNSEXT is stepping
into operational protocol police. 
There was lively discussion about this topic, summary
update the document to be more protocol and implementation specific. 

TCP for DNS Security considerations
Fernando Gont
	http://www.ietf.org/proceedings/09nov/slides/dnsext-5.pdf

This was background information for enlightened TCP discussion,
please look at the presentation and follow the links from it. 

Stateless TCP for DNS 
Geoff Huston and George Michaelson
      http://www.ietf.org/proceedings/09nov/slides/dnsext-2.pdf
Stupid but cute idea. 


TCP discussion:
There were some people arguing that 1123 needs to be updated, 
there were some arguing that will not help. 
This effort is about fixing middle boxes and make sure implementations
support DNS over TCP, enabling operators to use TCP if they so wish. 

End of meeting