Dear WG,
please find attached the draft minutes for our meeting in Prague. They are
also available at <http://www3.ietf.org/proceedings/07mar/minutes/dnsop.txt>.
Thanks to Jakob for taking the minutes and to Alex and Shane for the jabber
notes. Please send minor corrections to Rob and me, content issues to the
list. Any confirmation of hums/"sense of the room" deferred to the mailing
list will be explicit, not by lack of opposition to the minutes.
The last date for comments will be May, 08 12:00 UTC.
-Peter
-----------------------------------------------------------------------------
DRAFT dnsop WG minutes for IETF 68, Praha, CZ
-----------------------------------------------------------------------------
WG: DNS Operations (dnsop)
Meeting: IETF 68, Prague
Location: Hilton Prague, "Grand Ballroom"
Date: Monday, 19 March 2007
Time: 17:40 - 19:50 (UTC +0100)
Chairs: Rob Austein, Peter Koch
Minutes: Jakob Schlyter
Jabber: xmpp:[EMAIL PROTECTED]
J-Scribe: Shane Kerr, Alex Mayrhofer
J-Script: http://www3.ietf.org/meetings/ietf-logs/dnsop/2007-03-19.html
Audio:
http://limestone.uoregon.edu/ftp/pub/videolab/media/ietf68/ietf68-ch5-mon-afnoon-last.mp3
WG URL: http://www.dnsop.org/
Material:
https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=68#wg-dnsop
-----------------------------------------------------------------------------
1) Administrivia [17:47 {audio 0:19:25}]
Updates regarding the state of the mail archive,
the IETF Tools Site and the WG Request Tracker.
The meeting agenda was posted as
<http://www.ietf.org/proceedings/07mar/agenda/dnsop.txt> and accepted as
proposed
-----------------------------------------------------------------------------
2) Status Update [17:50 {audio 0:23:11}]
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-7.pdf>
- RFCs published since last meeting
-none-
- Internet-Drafts in the RFC Editor Queue
draft-ietf-dnsop-serverid-08.txt
- I-Ds at the IESG
-none-
The WG thanks the leaving operations Area Director David Kessens.
The incoming O&M AD and dnsop WG Advisor of operations is Ron Bonica.
- I-Ds in or past WGLC
draft-huston-6to4-reverse-dns-04.txt
(AD sponsored individual submission)
draft-ietf-dnsop-reflectors-are-evil-03.txt (see 3.1)
draft-ietf-dnsop-default-local-zones-01.txt (see 3.2)
-----------------------------------------------------------------------------
3) Active Drafts [17:53 {audio 0:25:42}]
3.1) draft-ietf-dnsop-reflectors-are-evil-03.txt
Editors: Joao Damas, Frederico Neves
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-5.pdf>
Draft status presented by Frederico:
- minor changes & typos
- addition of BCP84 on recomended configuration
- added recommendation of no default recursive service for
external networks
Pekka Savola disagreed with the the use of SHOULD in capital letters.
Rob Austein (chair) stated that this was a new issue brought up after
WGLC. Let's leave this to the IESG. Pekka suggested he'd likely make
a comment during the IETF Last Call. Wording might have been added
during post WGLC edit.
3.2) draft-ietf-dnsop-default-local-zones-01.txt [17:59 {audio 0:31:46}]
Editor: Mark Andrews
Mark reported that the major comment was re-stressing which networks are
likely to feel the impact of this in a negative way. He did not try to do
addressing architecture, just pointed out where you will have problems.
The editor hopes that the text is clear enough now. WG is requested
to review post WGLC version of the draft.
3.3) draft-ietf-dnsop-respsize-07.txt [18:01 {audio 0:34:00}]
Editors: Akira Kato, Paul Vixie
Draft should have been last called already, but was expired, so was
revived. One working group participant had actual read the latest
version (-07) of the document.
Kato-san says there was editoral changes only between -06 and -07.
The chairs asked for at least 5 persons to review the document during
WGLC, and the following attendees volunteered:
- Joe Abley
- Stephane Bortzmeyer
- Matt Larsson
- Bill Manning
- Frederico Neves
- Andrew Sullivan
3.4) draft-ietf-dnsop-reverse-mapping-considerations-02.txt [18:04 {audio
0:37:12}]
Editors: Andrew Sullivan, Daniel Senie
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-3.pdf>
Andrew reported a number of closed items, listed a couple of not yet
resolved items and a some new issues.
After removing text about "recommendations" it was pointed out that some
of the RIRs indeed do recommend reverse mapping, so some text was put
back in.
Editors were confident to have addressed all "emotionally charged" terms
but missed one instance of "accurate"; this will be changed in the next
version.
There were complaints that the -01 draft to some extent was ambigous with
not clear consensus. Alternate text has been proposed, but has not been
included in the draft due to lack of support from the WG.
Issued -02 to address all these issues. Andrew asked the WG to review
newly introduced definitions of "existing" and "matching".
Abstract was also changed, as was section 3. Discinction between match
and existence checks was also added to the anti-spam section.
Some counter-considerations to recommendations were introduced to
address concerns raised on the mailing list. Andrew asks the WG to
comment on the "ambiguity" claim.
Additional feedback on -02 so far suggests another version of this draft
is needed but the editors hope that -03 will than be ready for WGLC.
10-15 people in the room have read this version, for only one this was the
first contact with the draft. The WG chairs encouraged feedback from
"fresh" people before the WGLC, if possible.
Chairs' plan is to issue WGLC on -03.
Stephane Bortzmeyer commented that it's important to state the fact that
you have two actors in the target audience: producers of reverse mappings
and consumers. It is not a contradiction to say "producers should produce
reverse mapping, but consumers should be careful when using it."
3.5) draft-ietf-dnsop-as112-ops-00.txt [18:15 {audio 0:48:02}]
draft-ietf-dnsop-as112-under-attack-help-help-00.txt
Editors: Joe Abley, William Maton
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-1.pdf>
Joe Abley presented the work on the "AS112 Work Basket", explaining it as
the second level after the "local zones" draft.
Open questions:
- Processes for adding and removing zones from the list to be served
- Should AS112 support DNS over IPv6?
The editors' intention is to update the two drafts soon and have a WGLC
issued for the -01 versions. Qustion to the WG is what to to with the
potential third document on changing the list of zones.
Mark Andrews noted that is doesn't matter if a certain anycast cluster
supports IPv6 or not, as long as all nodes return the same data.
Keeping the list of zones coordinated is important.
Rob Austein recommends the use of the IANA registry for a list of things
being delegated, since it is the most straightforward. Does not believe
an automated mechanism for changes is needed due to loose cooperation.
Joe explained that removing a zone is easy in this case: only the
delegation needs to be revoked. The difficulty is with adding zones
since due to the loose cooperation again not all AS112 instances can be
tested for presence of that zone and lame delegations need to be
avoided to give less surprising and consistent responses (NXDOMAIN).
With "local zones" the difficulty is exactly the other way round.
Precise list of zones covered can never be determined due to loose
copuling.
When Joe Abley noted that the documents shouldn't refer to a registry
that does not yet exist, Rob Austein responded that a list can be provided
in the document and be superceded by the IANA registry, if one will be
created.
After some further discussion about automated changes to the list of
zones two "hums" were initiated (with discussion in between):
"Who is onfavor of/opposed to v6 transport for DNS queries/responses
for the current list of zones?"
Chairs determined support for v6 transport, no opposition
Joe clarified that the "help" document would not depend on the decision
pro/con automated changes, but the operational guidelines would.
Stephane Bortzmeyer suggested to start with a document on current status
only and update if necessary. Start working on the third document, but
ship the two asap.
Bill Manning questions need for a special registry. Rob clarifies that the
WG decided this when discussing the "local zones" draft.
Jim Reid noted that maintenance is not something this WG needs to care
about.
Rob Austein closed the discussion and asked for the second hum:
Result was almost no support for a third document on how to add/drop
zones from AS112 servers, some support for "no additional documents"
and a lot of apathy.
Peter Koch asked if the documents address the question: Why do we need
AS112 in the first place instead of deploying delegations to, e.g.,
localhost? Any support in the WG for explaining this?
Stephane Bortzmeyer argued that "defensive delegations" with maybe legal
implications are a more general problem and should not be addressed
under the AS112 discussion.
Chairs asked the room if the documents were ready for WGLC and found
the answer to be yes, for both drafts.
Chairs asked the room if the "help help" document should be published
as FYI as well as RFC and found noone opposed.
Volunteer reviewers for the AS112 RFC/FYI documents:
- Mark Andrews
- David Hankins
- Lucy Lynch
- Geoff Sisson
- Andrew Sulivan
Reviewers for the AS112 operational guidelines:
- Stephane Bortzmeyer
- Olafur Gudmundsson
- David Hankins
- Matt Larsson
- Geoff Sisson
(of these reviewers are 2 involved with AS112 systems)
-----------------------------------------------------------------------------
X) Supplementary Slot: Message from ICANN NOMCOM [18:49 {audio 1:23:30}]
Lucy Lynch from ISOC, speaking as an ICANN NomCom member appointed by the
IETF, asked for nominiations for various open positions on the ICANN Board,
the GNSO, the ccNSO and ALAC. Bill Manning is also an ICANN NomCom member.
-----------------------------------------------------------------------------
4) WG Charter [18:51 {audio 1:25:12}]
Peter Koch presented the remaining WG milestones and noted that the WG is
slightly behind on the DNS IN-ADDR.ARPA mapping and more behind on the DNS
response size issues. All other milestones are either done or about to be
done.
For the WG re-charter and new work baskets there need to be milestones
and reviewers. Dates and text will be negotiated with the incoming AD.
New work includes AS112, Infrastructure TTL, and performance & measurement.
-----------------------------------------------------------------------------
5) Other (non WG) Internet-Drafts [18:57 {audio 1:29:50}]
5.1) draft-regnauld-ns-communication-00.txt
Phil Regnauld, Stephane Bortzmeyer
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-0.pdf>
Stephane Bortzmeyer presented the draft.
Joao Damas says that the ISC will implement something like this and if
it's interoperable, that would be even better. Joe Abley said he is not
convinced we need a protocol, but rather an "arrangement".
Mark Andrews said he thinks we definitely need a protocol and
Lars Johan Liman agreed and suggests an extensible framework.
Olaf Kolkman believes this as a good thing and also thinks it should be
extensible.
The chairs asked if this is a server-server protocol, a management
protocol or all both?
Lars Johan Liman said he needs a management protocol.
Joe Abley noted that the important thing is representation of data, not
the protocol.
Harald Alvestrand stated that we need functions to allow this, perhaps
not a protocol. We should not encurage people to implement new protocols.
We should not use the word "protocol".
Lars Johan Liman agrees with Harald, but doesn't believe in using the
DNS protocol for this.
The chairs asked whether a requirements document might be needed given
the various different views expressed so far or what other means of
focusing the work could be chosen.
Dave Crocker said that when the IETF does requirement documents, we put
too much effort into them. Dave requests a service descriptions to get
people to answer the question: "What do you want to do?".
Volunteers for compiling a list of services to be addressed:
- Joe Abley
- Stephane Bortzmeyer
- Joao Damas
- Kazunori Fujiwara
- Lars Johan Liman
- Geoff Sisson
5.2) draft-larson-dnsop-trust-anchor-01.txt [19:18 {audio 1:51:15}]
Matt Larson, Olafur Gudmundsson
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-2/sld1.htm>
Olafur Gudmundsson presented the draft.
10-15 people had read the draft. More than five of those in favor of
adopting, no opposition. Confirmation deferred to the mailing list.
5.3) draft-koch-dnsop-resolver-priming-00.txt [19:24 {audio 1:57:15}]
Peter Koch
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-4.pdf>
Peter presented the draft.
Mark Andrews said that glue A doesn't need to be included - it's a
workaround for an old BIND bug.
Matt Larson said he like to see a specification as a WG document.
Rob Austein reminded the room that that people should understand the SBELT
thing was well thought out, more than 20 years ago. He also stated that
it is not sure we want to make priming a requirement.
Pekka Savola said that the specification as written results in an
undefined scenerio if the priming query fails.
Rob Austein (chair) determines that the sense of the room is that the WG
should adopt the document. Matt Larson, Joe Abley and Roy Arends
volunteered as co-editors of the document.
-----------------------------------------------------------------------------
6) Current & New Topics [19:34 {audio 2:07:45}]
6.1) SRV underscore registry
Jim Fenton appeared as to provide motivation for the work Dave is doing.
DKIM was recommended by the IESG to pursue a registry for the _domainkey
tag and this raised a larger question about a registry.
Dave Crocker presented one slide and the discussion will continue
on the WG mailing list.
6.2) TTL considerations [19:40 {audio 2:13:20}]
Lixia Zhang
<http://www3.ietf.org/proceedings/07mar/slides/dnsop-6/sld1.htm>
Lixia Zhang presented the draft. {audio ends}
Chairs have idea to formulate some work item around this research
Lars Johan Liman asked if this was investigated using sampled or generated
queries? Lixia Zhang stated that the research was based on real live data.
Lars Johan Liman would like to see how many queries failed vs succeeded.
Lixia Zhang responded that failed queries had been filtered out.
-----------------------------------------------------------------------------
7) I/O with other WGs [19:51 {no audio}]
7.1) dnsext: making DNS more resilient against forged answers
7.2) dnsext: DNS cookies
Olafur says both these drafts need input from DNSOP
7.3) dnsext: DNAME operational requirements?
No update, but dnsop encouraged to re-read latest version
7.4) v6ops: draft-ietf-v6ops-scanning-implications
This document has been reviewed by some dnsop members; chairs ask WG
to review latest version and incorporated changes.
7.4) geopriv: draft-schulzrinne-geopriv-relo
This document fell off the agenda the last time; chairs asked the
WG to review the latest version of this draft with special attention
to the proposed use of the IN-ADDR.ARPA tree.
-----------------------------------------------------------------------------
8) A.O.B. [19:57 {no audio}]
none
meeting adjourned
-----------------------------------------------------------------------------
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
