Last Modified: 2003-09-10
1. Define the processes by which Domain Name System (DNS) servers may be efficiently and correctly administered, configured, and operated on Internet networks. This will include root zone name servers, gTLD name servers, and the name servers of other DNS domains. As part of this effort, the group will produce documents explaining to the general Internet community what processes and mechanisms should be employed for the effective management and operation of DNS servers.
2. Publish (or assume sponsorship for) documents concerning DNSSEC procedures.
3. Publish (or assume sponsorship for) documents concerning the education of new/novice DNS "users" (FYI-RFCs).
4. Identify performance measurement tools and evaluate their effectiveness.
The group sees four main areas with related documents:
Root Name Server Operational Requirements draft-bush-dnsop-root-opreq-00.txt Editor: Randy Bush
Multiple servers sharing the same IP address
Editor: Masataka Ohta
Zone KEY RRSet Signing Procedure draft-ietf-dnssec-key-handling-00.txt Editor: Edward Lewis
Performance and measuring Editors: Randy Bush & Michael Patton
|Jun 99||Publish revised Root Server Requirements.|
|Jul 99||Publish revised version of Key Handling.|
|Jul 99||Publish first version of Servers Sharing IP#.|
|Sep 99||WG last call for Root Server Requirements.|
|Sep 99||Publish first version of Performance and Measuring.|
|Oct 99||Publish revised version of Key Handling.|
|Oct 99||Publish revised version of Servers Sharing IP#.|
|Nov 99||Submit Root Server Requirements to the IESG for consideration as Informational (BCP?).|
|Dec 99||Publish 2nd revised version of Servers Sharing IP#.|
|Jan 00||Publish revised version of Key Handling.|
|Feb 00||Publish revised Performance and Measuring.|
|Mar 00||WG last call for Key Handling.|
|Mar 00||WG last call for Servers Sharing IP#.|
|May 00||Publish revised Performance and Measuring.|
|May 00||Submit Servers Sharing IP# to the IESG for consideration as Informational.|
|Jun 00||Submit Key Handling to the IESG for consideration as BCP.|
|Aug 00||WG last call for Performance and Measuring.|
|Oct 00||Submit Performance and Measuring to the IESG for consideration as Informational.|
|RFC2870||BCP||Root Name Server Operational Requirements|
|RFC3258||I||Distributing Authorittative Name Servers via Shared Unicast Addresses|
DNSOP WG, 58th IETF meeting, November 2003, Minneapolis First session: 2003.11.10 19:30-22:00 -0600 Summary minutes, not attempting to follow meeting chronology, which hopped, looped, and otherwise failed to follow a straight line. Active WG drafts: - draft-ietf-dnsop-bad-dns-res-01.txt. Important topic. Moving target, but doc out of date at the moment. Authors begged WG's indulgence to let them bring the draft up to date, with a promise that they will do so by IETF 59. - draft-ietf-dnsop-dnssec-operational-practices-00.txt. New document, not yet widely read. Important topic. Those who have read it think it's on the right track. May want to drop specific TTL recommendations in favor of discussion of tradeoffs. Discussion of key lengths needs review by crypto experts (request already made to security area). Good discussion of key rollover. - draft-ietf-dnsop-inaddr-required-04.txt. Title is misleading, should be something like "considerations for DNS reverse tree". Author is tired of fighting with people who have not read document and are just reacting to its title. Some feel that subject is still important. Jun-ichiro itojun Hagino kindly volunteered to work on this document if author is tired of holding the pen. - draft-ietf-dnsop-ipv6-transport-guidelines-00.txt. Has been done for a while, WG chairs have been lame about this one. Ready for WG last call, heading for BCP. - draft-ietf-dnsop-respsize-00.txt. Consensus of room was that this is good stuff and should ship without further ado. Ready for WG last call. Chairs forgot to ask WG whether this should be going for BCP or informational, will include that question in last call. - draft-ietf-dnsop-ipv6-dns-issues-02.txt. This one has turned into a grab bag of open issues related to DNS and IPv6. Somewhat dead in the water in its current form. Author has tried very hard to do whatever the WG wants with this, but lacks time to flog the WG at the moment (has more important things to do in real life). Pekka Savola kindly volunteered to help out with this document. Expired WG drafts: - draft-ietf-dnsop-serverid-02.txt. Significant interest in having something in this space, especially from root server operators. Known issues with mechanism proposed in current draft. Suzanne Woolf kindly volunteered to take over this project. - draft-ietf-dnsop-dontpublish-unreachable-04.txt. At least a few people thought this one was important and should not be dropped. - draft-ietf-dnsop-resolver-rollover-01.txt. Author has not been working on it recently, but with DNSSEC finally close to completion, we may have finally become topical again. Author will resubmit draft so that people can read it. - draft-ietf-dnsop-ohta-shared-root-server-03.txt. Author says that experiments with the techniques discussed in this draft are in progress. Author will resubmit draft so that people can read it. - draft-ietf-dnsop-keyhand-05.txt. Nobody spoke up for this draft. New work: - draft-guette-dnsop-key-rollover-requirements-00.txt. Some overlap with draf t-ietf-dnsop-ipv6-transport-guidelines-00.txt, but this draft is about requirements in this space. Not many people in the room had read this draft. No objections to taking it on as WG work item. - Discussion of name server clock synchronization. Roy Arends performed some measurements in this space, sent summary to the mailing list. Has not generated a lot of discussion. This doesn't matter much for DNSSEC proper, but does matter for transaction signatures. Roy agreed to write up a brief draft describing the mechanism he used to perform these tests. DNS Discovery topic was left for second (Tuesday) session, per agenda as announced. Second session: 2003.11.11 13:00-14:00 -0600 Entire session devoted to DNS Discovery discussion. Summary: No clear consensus on anything. Largest single camp seems to think that just using DHCPv6 lite is enough and that we should pick a single mechanism and move on. Sizable (albeit smaller) camp believes that RA based discovery is important; for some reason there seems to be a fairly close correlation between folks who think that RA should be one of the solutions and folks who think that it's not necessary to pick a single solution. Well-known addresses have a few very vocal proponants as well as some determined critics. While other proposals have been surfaced on the list (as well as in previous discussions, some dating back many years), none received any serious discussion time at this meeting. All three of the proposals discussed at the meeting are documented. DHCPv6-lite is documented in a DHC WG (about more than just DNS discovery) which is in IETF last call. The several RA-based proposals have been consolidated into a single draft. There is also a draft for the current spin on the well-known address