July 18th, 2018, 1520-1650 (EDT)
Thanks to both.
(Daniel Migault, Jacques Latour, 20m)
drafts on front-end-naming-delegation and naming-architecture-dhc-options, and their implementation [See slides for presentation]
Draft has been on hold pending architecture work but is pretty well baked.
Ted Lemon: Useful and important work. Main question, have you tried implementing?
= Daniel: Have synced main and secondary. Have not implemented myself but Jacques Latour has.
= Jacques Latour: Have spent two years developing a secure home gateway at CIRA labs. Goal is to have DNSSEC inside and outside the house for the home gateway. Sign DNSSEC inside the house.
Ted Lemon: How was the document?
= Jacques Latour: It is a bit long and could be shortened. Don't know if we do the signing on the gateway or the outsourced signing gateway - capacity issues.
Ted Lemon: I think the document needs to be more concise.
Denis Ovsienko: Have you considered home.arpa? Did you consider possibility of desynchronization of records?
= Daniel: We assume home has a zone, not looking at using .arpa zone.
Juliusz Chroboczek: Can you hear me now? :-) What problem are you solving that is not solved by DYN-DNS?
= Mark Andrews: Juliusz is talking about Microsoft Dynamic update. If you are doing Windows AD the host does a periodic DNS update and this pushes the records to the zone uses the standard DNS protocol then reads them back forcing garbage collection. Difference is that the update is permanent.
Juliusz Chroboczek: What problem is being solved by the more complex protocol that is not solved by the simpler?
(This has subsequently been taken to list so any further discussion is likely better on that thread.)
(Barbara Stark, 10m)
What Babel will deliver...
(Ted Lemon, 50m)
What's Left? Slides
Robin Wilton: Privacy question, concern that vendors will deploy Homenet in such a fashion that requires the outsourced service to be used.
= Ted: Agree
PHB: Whether or not reverse mappings are needed as a mechanism, the network must be debugable.
= Ted: MDNS will provide response (prods Stuart)
= Stuart Cheshire: Yes
Phillip Prendaville: If we are using static mappings, discovery must work when the device is switched off.
If we gather use cases, will help make informed decision. May have authorization controls to limit visibility of reverse.
The specification of friendly link names should be a WG item.
Phillip Prendaville: VLANs should also be in this. Guest salons, etc.
Robin Wilton: Not sure selecting SSIDs is as simple as suggested. After Google snarfing issue, proposal was that "nomap" suffix would avoid being mapped. That meant less flexibility in SSID. Wireless repeaters also constrain. Potential for breaking the law if someone connects to a SSID without authorization.
= Ted: We already see default behavior and this is bad.
PHB: The issue of DNSSEC roots that are not delegated has been addressed before, may be able to reuse work
= Ted: Various solutions need to decide if we should do it.
Suggestion is to have 4-5 calls, 2-3 weeks apart to progress this draft to the point where it's editorially complete and consistent, and at the point where we can get good implementer feedback.
Plan is for WG to wait for implementer feedback before hitting the "Publication Requested" button for the draft, so these calls do not have that as an immediate target.
Juliusz: We need a prototype to play with
= Ted Lemon: Have been working quite a bit on implementation. Discovery relay is done, need to finish discovery proxy. Needs to work how to get code out (will be OS some point).
Barbara: Would be good if people mailed chairs and say if they are interested and when their times would be.
Phillip Prendaville: Does the draft address the issue of what happens when IPv4 uplink goes away?
= Ted: There are issues here, draft says to deconfigure IPv4 on the local network. This makes sure that devices don't try to connect on IPv4 which will prevent them contacting external network.