* Agenda Bashing, Blue Sheets, etc, 10 min
* Updates of Old Work, Chairs, 10 min
- https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-httpssvc/
- Ben Schwartz, 15 min
- Chairs Action: ?
https://datatracker.ietf.org/doc/slides-interim-2020-dnsop-01-sessa-svcb-httpssvc-slides/
Stephen Farrell: Keep the ALPN port;
Paul Vixie: I proposed removing port number. add a warning that operators should avoid using non-default ports for general Internet use.
Non-default ports may be firewalled in client networks, so may appear to work in testing but may not work for some clients/users.
Ben Schwartz: We can fix this with 1-2 sentences
Chairs Action: Want to encourage Interop testing, and WGLC before 108
- https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7816bis/
- Ralph Dolmans, 15min
- Chairs Action: How close to WGLC?
https://datatracker.ietf.org/doc/slides-interim-2020-dnsop-01-sessa-draft-ietf-dnsop-rfc7816bis/
Ralf Weber: don't minimize forwarding; don't recommend complex mechanisms
Jim Reid: query limiting - wording on labels
Stehane Bortzmeyer: number of queries - SHOULD is reasonable (also, see section 7.1 of RFC 1035)
Paul Vixie: 1) auth misconfig hard to detect, mixed-mode authority and the delegation has disappeared.
with qtype=NS, answer in answer section. 2) rate limiting have ddos implications.
Joe Abley: not all qtypes are equal. choice of qtype - use 1 qtype and use SOA as an option.
Ralph Dolmans: maybe small set of qtypes
Joe Abley: any benefit to a small set?
Paul Vixie: Agree with Joe, SOA should be in the mix
Mark Andrews: Forwarders should be trusted, but can't trust beyong forwarder
Warren Kumari: Why are we not using the original qtype
Ralph Dolmans: Pick the most common qtype the upstream would use
Ralph Dolmans: Unbound switched from NS to A, NS queries are sometimes blocked, but A are not.
Erik Nygren: A vs AAAA query. A may stick out more.
Chairs Action: New Version, then working toward WGLC
- https://datatracker.ietf.org/doc/draft-fujiwara-dnsop-avoid-fragmentation/
- Kazunori Fujiwara, 15 min
https://datatracker.ietf.org/doc/slides-interim-2020-dnsop-01-sessa-avoid-fragmentation-in-dns/
Joe Abley: this is useful
Ralf Weber: Useful
Paul Vixie: No intent to design Path MTU Discovery. Allow someone to do that.
Chairs Action: CfA sent
- https://tools.ietf.org/html/draft-pwouters-powerbind-03
- Paul Wouters, 10 min
Ben Schwartz: Likes DNSSEC transparency, Why does it need to be machine readable?
Paul Wouters: How to put into resolvers? Send Q to list
Peter van Dijk: Authorative should check during loading; does not protect child apex delegation.
Ralf Weber: resolver has to do work. technical solution to political problem.
Joe Abley: adding complexity must have problem to solve
Paul Wouters: Large outside subset to never trust DNSSEC.
Wes Hardaker: DNSSEC transparency because don't trust DNSSEC properly
Joe Abley: World is not as clean as it seems
Warren Kumari: Not sure how this behaves
Paul Wouters: Log all DS changes once this is set
Wes Hardaker: currently have to log every signed record for DNSSEC transparency. with this bit, only log DS records
Matthijs Mekking:
Chairs Action: Will send out CfA
- https://datatracker.ietf.org/doc/draft-tapril-ns2/
- Tim April, 15 min
https://datatracker.ietf.org/doc/slides-interim-2020-dnsop-01-sessa-slides-draft-tapril-ns2/
Sam Weiler: Child/Parent/both no restrictions. new record type that only appears on the parent is a can of worms.
Matt Pounsett: if redesigning NS, remove the current ambiquity.
Joe Abley: Can allow clients to never use old policy
Peter van Dijk: Agree with Sam/Joe, as a resolver implementor, this is scary.
Alexander Dupuy: If done, present in parent, and in authority sections.
Paul Hoffman: Similiar to work done in ADD queue
Ralf Weber: Stub/resolver different than resolver/authorative
Ben Schwartz: Work like this is blocking current dprive work
Chairs Action: Need work and discussion with ADD/DPRIVE/DNSOP chairs
- https://datatracker.ietf.org/doc/draft-toorop-dnsop-dns-catalog-zones/
- https://datatracker.ietf.org/doc/draft-toorop-dnsop-dns-zone-provisioning-yang/
- Willem Toorop, 15 min
Wes Hardaker: would be good to suceed; should look at RFC6168
Paul Vixie: supports; Will drop metazone in favor of this
Chairs Action: Catalog Zones - CfA
Chairs Action: Yang - Needs work
Attendees are asked to visit and enter your Name+Affiliation in the Blue-Sheet section of the DNSOP Etherpad.
The Mic Line will use the WebEx chat channel. To get in the queue type q+ to leave type q-.
Please don't type questions or other things into the WebEx chat channel as that will make
managing the queue very hard for the chairs. Please use the Jabber channel for side conversations.
When you connect into WebEx you should start off as auto-muted so you'll
need to unmute yourself to speak when called.
The IETF has prepared a couple of documents to help get everyone ready.
https://www.ietf.org/how/meetings/107/session-participant-guide/
https://www.ietf.org/how/meetings/107/session-presenter-guide/
Warren Kumari, Google
Stephen Farell, Trinity College Dublin
Hugo Salgado, .CL
Ralph Dolmans, NLnet Labs
Donald Eastlake, Futurewei
Paul Ebersman, Neustar
Joe Abley, PIR
Joao Damas, APNIC
Willem Toorop, NLnet Labs
John Border, Hughes
Kazunori Fujiawra, JPRS
Mike Bishop, Akamai
Ted Hardie, Google
Murray Kucherawy, Facebook
Tim Wicinski, unaffialted
Stéphane Bortzmeyer, AFNIC
Sean Turner, sn3rd
Shumon Huque, Salesforce
Peter van Dijk, Open-Xchange PowerDNS
Keith Mitchell, DNS-OARC
Ben Schwartz, Google
Yoshiro YONEYA, JPRS
Sam Weiler, W3C/MIT
John Dickinson Sinodun IT
Vittorio Bertola, Open-Xchange
David Kinzel, Shaw Communications
Ralf Weber, Akamai Technologies
Scott Hollenbeck, Verisign
Michael Gibbs, Verisign
Ash Wilson, Valimail
Eric Orth, Google
Michael Hausding, SWITCH
Jerry Lundström, DNS-OARC
Witold Kręcicki, ISC
Puneet Sood, Google
Paul Vixie, Farsight
Jim Popovitch, DomainMail, LLC (just curious)
Shinta Sato, JPRS
Ladislav Lhotka, CZ.NIC
Joey Salazar, ARTICLE19
Dick Franks, unaffiliated
Zaid AlBanna, Verisign
Tim April, Akamai Technologies
Mallory Knodel, CDT
Matthijs Mekking, ISC
Roland van Rijswijk-Deij, NLnet Labs
Fredereico Neves, Nic.br
Cathy Aronson, ARIN
Mark Andrews, ISC
Pieter Lexis, Open-Xchange PowerDNS
Jeff Osborn, ISC
Duane Wessels, Verisign
Shane Kerr, NS1
Erik Nygren, Akamai
Matthew Pounsett, DNS-OARC
Bernie Innocenti, Google
Petr Špaček, CZ.NIC
James Gould, Verisign
Vladimir Cunat, cz.nic
Denesh Bhabuta, DNS-OARC
daniel migault
Jim Reid, RTFM llp
Alexander Dupuy, Google
David Blacka, Verisign
Robert Story, USC/ISI
Chi-Jiun Su, Hughes Network Systems
Mauricio Vergara Ereche, ICANN
Claire Pershan, unaffiliated
Michael Richardson, Sandelman Software Works
Wes Hardaker, ISI
Kaustubha Govind, Google Chrome
Marc Groeneweg, SIDN
Hugo Kobayashi, NIC.br
Paul Wouters, Red Hat
Paul Hoffman, ICANN
Benno Overeinder, NLNet Labs
Suzanne Woolf, PIR
Dan McArdle, Google/Chrome