Hi Davey,
To clarify, the "DNS Load Balancing" side meeting will not be concerned
primarily with nameserver selection. Instead, the topic of the side meeting
will be about using DNS to perform load balancing of other services and
protocols.
I think this draft's term ("Nameserver Selection") is good, and we should use
that to distinguish it from "DNS Load Balancing".
There is certainly some overlap between these notions (as each can be used to
implement the other in some fashion), but I would prefer to let both topics
mature separately for now.
--Ben
________________________________
From: Davey Song <[email protected]>
Sent: Wednesday, July 3, 2024 2:47 AM
To: dnsop <[email protected]>
Subject: [DNSOP] Fwd: I-D Action: draft-zhang-dnsop-ns-selection-00.txt
Hi folks, I noticed the momentum on DNS load balancing and NS selection topics.
Our co-authors have just compiled a draft summarizing the research findings and
best practices in this field, and made some recommendations for developers on
secure
ZjQcmQRYFpfptBannerStart
This Message Is From an Untrusted Sender
You have not previously corresponded with this sender.
ZjQcmQRYFpfptBannerEnd
Hi folks,
I noticed the momentum on DNS load balancing and NS selection topics. Our
co-authors have just compiled a draft summarizing the research findings and
best practices in this field, and made some recommendations for developers on
secure and robust NS selection algorithms. Comments are welcome.
Davey
---------- Forwarded message ---------
From: <[email protected]<mailto:[email protected]>>
Date: Wed, Jul 3, 2024 at 2:19 PM
Subject: I-D Action: draft-zhang-dnsop-ns-selection-00.txt
To: <[email protected]<mailto:[email protected]>>
Internet-Draft draft-zhang-dnsop-ns-selection-00.txt is now available.
Title: Secure Nameserver Selection Algorithm for DNS Resolvers
Authors: Fenglu Zhang
Baojun Liu
Linjian Song
Shumon Huque
Name: draft-zhang-dnsop-ns-selection-00.txt
Pages: 18
Dates: 2024-07-02
Abstract:
Nameserver selection algorithms employed by DNS resolvers are not
currently standardized in the DNS protocol, and this has lead to
variation in the methods being used by implementations in the field.
Recent research has shown that some of these implementations suffer
from significant security vulnerabilities. This document provides an
in-depth analysis of nameserver selection utilized by mainstream DNS
software and summarizes uncovered vulnerabilities. Furthermore, it
provides recommendations to defend against these security and
availability risks. Designers and operators of recursive resolvers
can adopt these recommendations to improve the security and stability
of the DNS.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-zhang-dnsop-ns-selection/<https://datatracker.ietf.org/doc/draft-zhang-dnsop-ns-selection/>
There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-zhang-dnsop-ns-selection-00<https://datatracker.ietf.org/doc/html/draft-zhang-dnsop-ns-selection-00>
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
I-D-Announce mailing list -- [email protected]<mailto:[email protected]>
To unsubscribe send an email to
[email protected]<mailto:[email protected]>
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
