Re: [DNSOP] DNSOP Document Adoption Poll (June 2022)

Thanks to everyone who’s participated in the poll. As we’ve said before, the chairs rely on a number of factors when setting WG administrative priorities, but occasional polls help us clarify feedback we’re hearing from the WG list, other DNS-oriented WGs, and the broader community. Since WG

[DNSOP] The DNSOP WG has placed draft-dwmtwc-dnsop-caching-resolution-failures in state "Call For Adoption By WG Issued"

The DNSOP WG has placed draft-dwmtwc-dnsop-caching-resolution-failures in state Call For Adoption By WG Issued (entered by Tim Wicinski) The document is available at https://datatracker.ietf.org/doc/draft-dwmtwc-dnsop-caching-resolution-failures/

[DNSOP] Call for Adoption: Negative Caching of DNS Resolution Failures

This starts a Call for Adoption for Negative Caching of DNS Resolution Failures The draft is available here: https://datatracker.ietf.org/doc/draft-dwmtwc-dnsop-caching-resolution-failures/ Please review this draft to see if you think it is suitable for adoption by DNSOP, and send any comments

[DNSOP] The DNSOP WG has placed draft-sahib-domain-verification-techniques in state "Call For Adoption By WG Issued"

The DNSOP WG has placed draft-sahib-domain-verification-techniques in state Call For Adoption By WG Issued (entered by Tim Wicinski) The document is available at https://datatracker.ietf.org/doc/draft-sahib-domain-verification-techniques/ ___ DNSOP

[DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

This starts a Call for Adoption for Survey of Domain Verification Techniques using DNS The draft is available here: https://datatracker.ietf.org/doc/draft-sahib-domain-verification-techniques/ Please review this draft to see if you think it is suitable for adoption by DNSOP, and send any

Re: [DNSOP] Call for Adoption: Using Service Bindings with DANE

> On Jul 12, 2022, at 6:51 AM, Tim Wicinski wrote: > This starts a Call for Adoption for Using Service Bindings with DANE > The draft is available here: > https://datatracker.ietf.org/doc/draft-rebs-dnsop-svcb-dane/ > Please review this draft to see if you think it is suitable for adoption >

[DNSOP] The DNSOP WG has placed draft-rebs-dnsop-svcb-dane in state "Call For Adoption By WG Issued"

The DNSOP WG has placed draft-rebs-dnsop-svcb-dane in state Call For Adoption By WG Issued (entered by Tim Wicinski) The document is available at https://datatracker.ietf.org/doc/draft-rebs-dnsop-svcb-dane/ ___ DNSOP mailing list DNSOP@ietf.org

[DNSOP] Call for Adoption: Using Service Bindings with DANE

This starts a Call for Adoption for Using Service Bindings with DANE The draft is available here: https://datatracker.ietf.org/doc/draft-rebs-dnsop-svcb-dane/ Please review this draft to see if you think it is suitable for adoption by DNSOP, and send any comments to the list, clearly stating

Re: [DNSOP] New Version Notification for draft-yorgos-dnsop-dry-run-dnssec-01.txt

Dear dnsop, We submitted a new version of a “dry-run DNSSEC” draft. The draft describes a method that allows for testing DNSSEC deployments in real world DNS(SEC) deployments without affecting the DNS service in case of DNSSEC errors. Any encountered errors are signaled to the DNS operator of the

[DNSOP] IETF 114 DNSOP WG agenda published

All, The (draft) DNSOP WG agenda for the IETF 114 has been published, see https://datatracker.ietf.org/doc/agenda-114-dnsop/. The agenda now spans the full 2 hours, but if new requests for existing WG documents are received, room will be made and "time permitting" drafts will be bumped off

Re: [DNSOP] DNSOP Document Adoption Poll (June 2022)

> Il 12/07/2022 15:02 Tim Wicinski ha scritto: > > Our Poll answers are "Adopt Now","Adopt Not Now", and "Don't Adopt" > We mapped these responses to 1, 0, -1 (no answer is also 0). > > > Final Results: > > * draft-sahib-domain-verification-techniques, 14 > *

[DNSOP] Quick review of draft-dwmtwc-dnsop-caching-resolution-failures-00

Some comments quickly browsing this draft, as we're handling a quirky issue around NS timeouts and it looked relevant. Firstly, some resolver implementations do cache upstream NS timeouts in various non-standard ways. The resolver I work on has at least 3-4 different mechanisms within the same

Re: [DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

One concern I have is that this draft references many companies as examples, and as such I worry it will become stale quickly, either due to those companies changing policies or because they change directions as a whole. I for one would like to see a version focusing on the techniques used only. I

Re: [DNSOP] DNSOP Document Adoption Poll (June 2022)

This doesn't feel like a consensus call to me, Tim. It feels like voting. We don't care how many people were in favor versus against. We care why they were in favor or against. If everyone who's against is against because "we don't like it" and everybody whos in favor is in favor because "we have

Re: [DNSOP] Call for Adoption: Negative Caching of DNS Resolution Failures

On 7/12/2022 9:54 AM, Tim Wicinski wrote: This starts a Call for Adoption for Negative Caching of DNS Resolution Failures The draft is available here: https://datatracker.ietf.org/doc/draft-dwmtwc-dnsop-caching-resolution-failures/ Please review this draft to see if you think it is

Re: [DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

Let's try and attach the comment to the right call... *sigh*.  See below. On 7/12/2022 9:29 AM, Tim Wicinski wrote: This starts a Call for Adoption for Survey of Domain Verification Techniques using DNS The draft is available here:

Re: [DNSOP] Call for Adoption: Negative Caching of DNS Resolution Failures

Disregard this - it was targeted for a different adoption call. Thanks to Paul H for noticing. Mike On 7/12/2022 12:51 PM, Michael StJohns wrote: On 7/12/2022 9:54 AM, Tim Wicinski wrote: This starts a Call for Adoption for Negative Caching of DNS Resolution Failures The draft is

Re: [DNSOP] [Ext] Call for Adoption: Survey of Domain Verification Techniques using DNS

I support adoption of this document as long as the WG version does not list current implementations by name. As Mike StJohns points out, listing current methods in a long-lived RFC has significant problems, and it doesn't help the future reader decide what they want to do. It is still fine to

Re: [DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

Alternately, mostly deleting section 3 (the survey part), renaming the document and focusing on section 4 (the recommendations part) might be worthwhile, but that section is all about formatting TXT messages in a specific way and that's generally been considered anathema for DNS for oh so many

Re: [DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

Thanks all for the feedback! I've attempted to capture the following feedback here : 1. Remove the naming of specific implementations 2. Remove normative language 3.

Re: [DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

On 7/12/22 10:50 AM, John R. Levine wrote: That ship sailed a long time ago with the failure of the SPF record. People use TXT records for one-off things and they're not going to stop. What John said. I agree that the list of implementations should be deleted or summarized in an appendix.

Re: [DNSOP] [Ext] Call for Adoption: Survey of Domain Verification Techniques using DNS

On Jul 12, 2022, at 2:16 PM, Melinda Shore wrote: > >> I agree that the list of implementations should be deleted or summarized in >> an appendix. > > Well, maybe. The "Let's Encrypt" example is actually part of the > acme spec (RFC 8555) and is an IETF product. It is definitely worth

Re: [DNSOP] [Ext] Call for Adoption: Survey of Domain Verification Techniques using DNS

On Tue, 12 Jul 2022 at 15:04, Paul Hoffman wrote: > On Jul 12, 2022, at 2:16 PM, Melinda Shore > wrote: > > > >> I agree that the list of implementations should be deleted or > summarized in an appendix. > > > > Well, maybe. The "Let's Encrypt" example is actually part of the > > acme spec

Re: [DNSOP] Quick review of draft-dwmtwc-dnsop-caching-resolution-failures-00

Hi Mukund, > On Jul 12, 2022, at 8:24 AM, Mukund Sivaraman wrote: > > Some comments quickly browsing this draft, as we're handling a quirky > issue around NS timeouts and it looked relevant. > > Firstly, some resolver implementations do cache upstream NS timeouts in > various non-standard

Re: [DNSOP] Call for Adoption: Survey of Domain Verification Techniques using DNS

I support the adoption of this draft. I think there is value in keeping the specific examples (with named companies, etc) but agree with John that placing them in an appendix would be better. DW > On Jul 12, 2022, at 6:29 AM, Tim Wicinski wrote: > > > > This starts a Call for Adoption for