Re: [DNSOP] Call for Adoption: draft-dickinson-dnsop-5966-bis

On Nov 14, 2014, at 2:04 PM, Tim Wicinski wrote: > > This starts a Call for Adoption for draft-dickinson-dnsop-5966-bis > > The draft is available here: > https://datatracker.ietf.org/doc/draft-dickinson-dnsop-5966-bis/ > > > Please review this draft to see if you think it is suitable

Re: [DNSOP] Call for Adoption: draft-dickinson-dnsop-5966-bis

On Fri, Nov 14, 2014 at 02:04:43PM -1000, Tim Wicinski wrote a message of 24 lines which said: > This starts a Call for Adoption for draft-dickinson-dnsop-5966-bis I believe TCP for DNS is very important, both to handle reflection attacks and cache poisoning attempts, and for DNS privacy (whe

Re: [DNSOP] Call for Adoption: draft-dickinson-dnsop-5966-bis

> Tim Wicinski > Friday, November 14, 2014 4:04 PM > > This starts a Call for Adoption for draft-dickinson-dnsop-5966-bis > > The draft is available here: > https://datatracker.ietf.org/doc/draft-dickinson-dnsop-5966-bis/ > > > Please review this draft to see if yo

[DNSOP] Call for Adoption: draft-dickinson-dnsop-5966-bis

This starts a Call for Adoption for draft-dickinson-dnsop-5966-bis The draft is available here: https://datatracker.ietf.org/doc/draft-dickinson-dnsop-5966-bis/ Please review this draft to see if you think it is suitable for adoption by DNSOP, and comments to the list, clearly stating

Re: [DNSOP] call for adoption: draft-vandergaast-dnsop-edns-client-subnet

Colleagues, This call for adoption closed earlier this week, during IETF91. We see significant support in the WG for working on draft-vandergaast-dnsop-edns-client-subnet. We're adopting it as a WG item. Thanks to the authors for reviving it, please resubmit with any changes you have pending

[DNSOP] Action Items from IETF91

Action Items Here is a summary from the minutes for the DNSOP meeting on action items for everything that has been discussed. These will start going out every few days, to not overwhelm the group nor the chairs. If anyone objects please speak up. Thanks, tim and suzanne - Call for A

Re: [DNSOP] Requesting adoption of draft-wkumari-dnsop-root-loopback

warren> We are requesting a call for adoption of warren> draft-wkumari-dnsop-root-loopback. Support. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Call for Adoption: draft-eastlake-dnsext-cookies

tjw> This starts a call for adoption for draft-eastlake-dnsext-cookies. [...] tjw> Please review this draft to see if you think it is suitable for tjw> adoption by DNSOP, and comments to the list, clearly stating your tjw> view. +1 to adopt and can review if needed. It's another useful tool to h

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

In message <000e7a4f-6391-4842-b2ed-2a28b8d3e...@virtualized.org>, David Conrad writes: > > Mark, > > On Nov 14, 2014, at 11:19 AM, Mark Andrews wrote: > >> I believe a better (still not perfect) analogy would be 6to4 > > > > 6to4 has asymetric routing 99.9% of the time, > > 99.9% of all sta

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

One of my biggest concerns about the current proposal is that it seems to suggest that AS112 works. actually, the proposal doesn't mention AS112, but my discussion of the proposal here has mentioned AS112. Correct. I would like to find some definition of “works” and how we come to that conclusi

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

i think we're about to enter a non-discuss period for scalingroot-XX, yet this message touches other topics. > Wolfgang Nagele (AusRegistry) > Friday, November 14, 2014 1:48 PM > Hi, > > One of my biggest concerns about the current proposal is that it se

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

Mark, On Nov 14, 2014, at 11:19 AM, Mark Andrews wrote: >> I believe a better (still not perfect) analogy would be 6to4 > > 6to4 has asymetric routing 99.9% of the time, 99.9% of all statistics are made up. > encapsulating IPv4 address mismatch, etc. which are 6to4 specific issues. You ap

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

> David Conrad > Friday, November 14, 2014 1:10 PM > Hi, > > I think AS112 is a red herring: it doesn't prove anything that wasn't > already known ages ago (i.e., BGP works). > > I believe a better (still not perfect) analogy would be 6to4 and I'd > refer to the disc

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

Hi, AS112 absolutely proves that unowned anycast can work at scale; that's not my concern. But if my neighbor announces a route to the AS112 addresses, and then misconfigures a server, fills it with lies, or logs all my queries, the practical effect on me is pretty small: the worst case scenario

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

In message <19b42657-aed1-440e-8300-996915a28...@virtualized.org>, David Conrad writes: > Hi, > > On Nov 14, 2014, at 8:33 AM, Evan Hunt wrote: > > AS112 absolutely proves that unowned anycast can work at scale; > > I think AS112 is a red herring: it doesn't prove anything that wasn't > already

Re: [DNSOP] Requesting adoption of draft-wkumari-dnsop-root-loopback

+1 > On Nov 13, 2014, at 23:32, David Conrad wrote: > >> On Nov 13, 2014, at 11:20 AM, Warren Kumari wrote: >> >> Dear DNSOP Chairs, >> >> We are requesting a call for adoption of draft-wkumari-dnsop-root-loopback. > > Support. > > Regards, > -drc > > __

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

Hi, On Nov 14, 2014, at 8:33 AM, Evan Hunt wrote: > AS112 absolutely proves that unowned anycast can work at scale; I think AS112 is a red herring: it doesn't prove anything that wasn't already known ages ago (i.e., BGP works). I believe a better (still not perfect) analogy would be 6to4 and

Re: [DNSOP] Requesting adoption of draft-wkumari-dnsop-root-loopback

Warren Kumari writes: > We are requesting a call for adoption of > draft-wkumari-dnsop-root-loopback. Support adopting, but we will need to talk about careful wording of when to use it and when not to. -- Wes Hardaker Parsons ___ DNSOP mailing list D

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

> Evan Hunt > Friday, November 14, 2014 10:33 AM > > ... > > I believe there's more scope for an incompetent or malicious root server > operator to block, surveil, or deceive me, and while there are defenses I > can deploy against some misbehaviors, I think we need to be cau

Re: [DNSOP] "Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia" (circleid)

On Tue, Nov 11, 2014 at 10:26:22PM -0800, Paul Vixie wrote: > i don't know how to answer your discomfort. as you know i was > responsible for f-root's anycast growth for many years; as you may not > know i was responsible for as112's early growth after a bill manning > experiment succeeded. AS112

Re: [DNSOP] Fwd: New Version Notification for draft-wkumari-dnsop-root-loopback-01.txt

So I have adjusted the configuration on my workstation's name server to include the global root servers (for robustness) as well as a local stealth slave (for low latency). Here's a count of queries directed at the root zone and the servers chosen to handle them. I wonder how different it would be

Re: [DNSOP] Workshop on DNS Future Root Service Architecture (2014 WDFRSA), Hong Kong, December 8-9, 2014

> Mehmet Akcin > Friday, November 14, 2014 1:18 AM > what is the url for workshop registration? no url was given except for the hotel. to register for the conference itself, you have to send e-mail. hereis: > > On Nov 13, 2014, at 11:14 PM, Paul Vixie

Re: [DNSOP] Workshop on DNS Future Root Service Architecture (2014 WDFRSA), Hong Kong, December 8-9, 2014

what is the url for workshop registration? mehmet > On Nov 13, 2014, at 11:14 PM, Paul Vixie wrote: > > Registration is now open for the 2014 Workshop on DNS Future Root Service > Architecture (2014 WDFRSA) > > > Location: Hong Kong, HK > > Venue: The Mira Hotel (Kowloon district) > > Date: D

[DNSOP] Workshop on DNS Future Root Service Architecture (2014 WDFRSA), Hong Kong, December 8-9, 2014

Registration is now open for the 2014 Workshop on DNS Future Root Service Architecture (2014 WDFRSA) > Location: Hong Kong, HK > Venue: The Mira Hotel (Kowloon district) > Date: December 8-9, 2014 > Hosted by: ISOC-HK > Sponsors: ZDNS/BII and CNNIC > Co-chairs: Warren Kumari and Paul Vixie This t

Re: [DNSOP] Call for Adoption: draft-eastlake-dnsext-cookies

Support Mehmet > On Nov 13, 2014, at 4:55 PM, Tim WIcinski wrote: > > > DNSOP WG, > > This starts a call for adoption for draft-eastlake-dnsext-cookies. > > The draft is available here: > > https://datatracker.ietf.org/doc/draft-eastlake-dnsext-cookies/ > > Please review this draft to see

Re: [DNSOP] Call for Adoption: draft-eastlake-dnsext-cookies

On Thu, Nov 13, 2014 at 04:55:36PM -1000, Tim WIcinski wrote: > > DNSOP WG, > > This starts a call for adoption for draft-eastlake-dnsext-cookies. > > The draft is available here: > > https://datatracker.ietf.org/doc/draft-eastlake-dnsext-cookies/ > > Please review this draft to see if you thi