----------------------------------------------------------------------------- dnsop WG minutes for IETF 68, Praha, CZ ----------------------------------------------------------------------------- WG: DNS Operations (dnsop) Meeting: IETF 68, Prague Location: Hilton Prague, "Grand Ballroom" Date: Monday, 19 March 2007 Time: 17:40 - 19:50 (UTC +0100) Chairs: Rob Austein, Peter Koch Minutes: Jakob Schlyter Jabber: xmpp:dnsop@jabber.ietf.org J-Scribe: Shane Kerr, Alex Mayrhofer J-Script: http://www3.ietf.org/meetings/ietf-logs/dnsop/2007-03-19.html Audio: http://limestone.uoregon.edu/ftp/pub/videolab/media/ietf68/ietf68-ch5-mon-afnoon-last.mp3 WG URL: http://www.dnsop.org/ Material: https://datatracker.ietf.org/public/meeting_materials.cgi?meeting_num=68#wg-dnsop ----------------------------------------------------------------------------- 1) Administrivia [17:47 {audio 0:19:25}] Updates regarding the state of the mail archive, the IETF Tools Site and the WG Request Tracker. The meeting agenda was posted as and accepted as proposed ----------------------------------------------------------------------------- 2) Status Update [17:50 {audio 0:23:11}] - RFCs published since last meeting -none- - Internet-Drafts in the RFC Editor Queue draft-ietf-dnsop-serverid-08.txt - I-Ds at the IESG -none- The WG thanks the leaving operations Area Director David Kessens. The incoming O&M AD and dnsop WG Advisor of operations is Ron Bonica. - I-Ds in or past WGLC draft-huston-6to4-reverse-dns-04.txt (AD sponsored individual submission) draft-ietf-dnsop-reflectors-are-evil-03.txt (see 3.1) draft-ietf-dnsop-default-local-zones-01.txt (see 3.2) ----------------------------------------------------------------------------- 3) Active Drafts [17:53 {audio 0:25:42}] 3.1) draft-ietf-dnsop-reflectors-are-evil-03.txt Editors: Joao Damas, Frederico Neves Draft status presented by Frederico: - minor changes & typos - addition of BCP84 on recomended configuration - added recommendation of no default recursive service for external networks Pekka Savola disagreed with the the use of SHOULD in capital letters. Rob Austein (chair) stated that this was a new issue brought up after WGLC. Let's leave this to the IESG. Pekka suggested he'd likely make a comment during the IETF Last Call. Wording might have been added during post WGLC edit. 3.2) draft-ietf-dnsop-default-local-zones-01.txt [17:59 {audio 0:31:46}] Editor: Mark Andrews Mark reported that the major comment was re-stressing which networks are likely to feel the impact of this in a negative way. He did not try to do addressing architecture, just pointed out where you will have problems. The editor hopes that the text is clear enough now. WG is requested to review post WGLC version of the draft. 3.3) draft-ietf-dnsop-respsize-07.txt [18:01 {audio 0:34:00}] Editors: Akira Kato, Paul Vixie Draft should have been last called already, but was expired, so was revived. One working group participant had actual read the latest version (-07) of the document. Kato-san says there was editoral changes only between -06 and -07. The chairs asked for at least 5 persons to review the document during WGLC, and the following attendees volunteered: - Joe Abley - Stephane Bortzmeyer - Matt Larsson - Bill Manning - Frederico Neves - Andrew Sullivan 3.4) draft-ietf-dnsop-reverse-mapping-considerations-02.txt [18:04 {audio 0:37:12}] Editors: Andrew Sullivan, Daniel Senie Andrew reported a number of closed items, listed a couple of not yet resolved items and a some new issues. After removing text about "recommendations" it was pointed out that some of the RIRs indeed do recommend reverse mapping, so some text was put back in. Editors were confident to have addressed all "emotionally charged" terms but missed one instance of "accurate"; this will be changed in the next version. There were complaints that the -01 draft to some extent was ambigous with not clear consensus. Alternate text has been proposed, but has not been included in the draft due to lack of support from the WG. Issued -02 to address all these issues. Andrew asked the WG to review newly introduced definitions of "existing" and "matching". Abstract was also changed, as was section 3. Discinction between match and existence checks was also added to the anti-spam section. Some counter-considerations to recommendations were introduced to address concerns raised on the mailing list. Andrew asks the WG to comment on the "ambiguity" claim. Additional feedback on -02 so far suggests another version of this draft is needed but the editors hope that -03 will than be ready for WGLC. 10-15 people in the room have read this version, for only one this was the first contact with the draft. The WG chairs encouraged feedback from "fresh" people before the WGLC, if possible. Chairs' plan is to issue WGLC on -03. Stephane Bortzmeyer commented that it's important to state the fact that you have two actors in the target audience: producers of reverse mappings and consumers. It is not a contradiction to say "producers should produce reverse mapping, but consumers should be careful when using it." 3.5) draft-ietf-dnsop-as112-ops-00.txt [18:15 {audio 0:48:02}] draft-ietf-dnsop-as112-under-attack-help-help-00.txt Editors: Joe Abley, William Maton Joe Abley presented the work on the "AS112 Work Basket", explaining it as the second level after the "local zones" draft. Open questions: - Processes for adding and removing zones from the list to be served - Should AS112 support DNS over IPv6? The editors' intention is to update the two drafts soon and have a WGLC issued for the -01 versions. Qustion to the WG is what to to with the potential third document on changing the list of zones. Mark Andrews noted that is doesn't matter if a certain anycast cluster supports IPv6 or not, as long as all nodes return the same data. Keeping the list of zones coordinated is important. Rob Austein recommends the use of the IANA registry for a list of things being delegated, since it is the most straightforward. Does not believe an automated mechanism for changes is needed due to loose cooperation. Joe explained that removing a zone is easy in this case: only the delegation needs to be revoked. The difficulty is with adding zones since due to the loose cooperation again not all AS112 instances can be tested for presence of that zone and lame delegations need to be avoided to give less surprising and consistent responses (NXDOMAIN). With "local zones" the difficulty is exactly the other way round. Precise list of zones covered can never be determined due to loose copuling. When Joe Abley noted that the documents shouldn't refer to a registry that does not yet exist, Rob Austein responded that a list can be provided in the document and be superceded by the IANA registry, if one will be created. After some further discussion about automated changes to the list of zones two "hums" were initiated (with discussion in between): "Who is onfavor of/opposed to v6 transport for DNS queries/responses for the current list of zones?" Chairs determined support for v6 transport, no opposition Joe clarified that the "help" document would not depend on the decision pro/con automated changes, but the operational guidelines would. Stephane Bortzmeyer suggested to start with a document on current status only and update if necessary. Start working on the third document, but ship the two asap. Bill Manning questions need for a special registry. Rob clarifies that the WG decided this when discussing the "local zones" draft. Jim Reid noted that maintenance is not something this WG needs to care about. Rob Austein closed the discussion and asked for the second hum: Result was almost no support for a third document on how to add/drop zones from AS112 servers, some support for "no additional documents" and a lot of apathy. Peter Koch asked if the documents address the question: Why do we need AS112 in the first place instead of deploying delegations to, e.g., localhost? Any support in the WG for explaining this? Stephane Bortzmeyer argued that "defensive delegations" with maybe legal implications are a more general problem and should not be addressed under the AS112 discussion. Chairs asked the room if the documents were ready for WGLC and found the answer to be yes, for both drafts. Chairs asked the room if the "help help" document should be published as FYI as well as RFC and found noone opposed. Volunteer reviewers for the AS112 RFC/FYI documents: - Mark Andrews - David Hankins - Lucy Lynch - Geoff Sisson - Andrew Sulivan Reviewers for the AS112 operational guidelines: - Stephane Bortzmeyer - Olafur Gudmundsson - David Hankins - Matt Larsson - Geoff Sisson (of these reviewers are 2 involved with AS112 systems) ----------------------------------------------------------------------------- X) Supplementary Slot: Message from ICANN NOMCOM [18:49 {audio 1:23:30}] Lucy Lynch from ISOC, speaking as an ICANN NomCom member appointed by the IETF, asked for nominiations for various open positions on the ICANN Board, the GNSO, the ccNSO and ALAC. Bill Manning is also an ICANN NomCom member. ----------------------------------------------------------------------------- 4) WG Charter [18:51 {audio 1:25:12}] Peter Koch presented the remaining WG milestones and noted that the WG is slightly behind on the DNS IN-ADDR.ARPA mapping and more behind on the DNS response size issues. All other milestones are either done or about to be done. For the WG re-charter and new work baskets there need to be milestones and reviewers. Dates and text will be negotiated with the incoming AD. New work includes AS112, Infrastructure TTL, and performance & measurement. ----------------------------------------------------------------------------- 5) Other (non WG) Internet-Drafts [18:57 {audio 1:29:50}] 5.1) draft-regnauld-ns-communication-00.txt Phil Regnauld, Stephane Bortzmeyer Stephane Bortzmeyer presented the draft. Joao Damas says that the ISC will implement something like this and if it's interoperable, that would be even better. Joe Abley said he is not convinced we need a protocol, but rather an "arrangement". Mark Andrews said he thinks we definitely need a protocol and Lars Johan Liman agreed and suggests an extensible framework. Olaf Kolkman believes this as a good thing and also thinks it should be extensible. The chairs asked if this is a server-server protocol, a management protocol or all both? Lars Johan Liman said he needs a management protocol. Joe Abley noted that the important thing is representation of data, not the protocol. Harald Alvestrand stated that we need functions to allow this, perhaps not a protocol. We should not encurage people to implement new protocols. We should not use the word "protocol". Lars Johan Liman agrees with Harald, but doesn't believe in using the DNS protocol for this. The chairs asked whether a requirements document might be needed given the various different views expressed so far or what other means of focusing the work could be chosen. Dave Crocker said that when the IETF does requirement documents, we put too much effort into them. Dave requests a service descriptions to get people to answer the question: "What do you want to do?". Volunteers for compiling a list of services to be addressed: - Joe Abley - Stephane Bortzmeyer - Joao Damas - Kazunori Fujiwara - Lars Johan Liman - Geoff Sisson 5.2) draft-larson-dnsop-trust-anchor-01.txt [19:18 {audio 1:51:15}] Matt Larson, Olafur Gudmundsson Olafur Gudmundsson presented the draft. 10-15 people had read the draft. More than five of those in favor of adopting, no opposition. Confirmation deferred to the mailing list. 5.3) draft-koch-dnsop-resolver-priming-00.txt [19:24 {audio 1:57:15}] Peter Koch Peter presented the draft. Mark Andrews said that glue A doesn't need to be included - it's a workaround for an old BIND bug. Matt Larson said he like to see a specification as a WG document. Rob Austein reminded the room that that people should understand the SBELT thing was well thought out, more than 20 years ago. He also stated that it is not sure we want to make priming a requirement. Pekka Savola said that the specification as written results in an undefined scenerio if the priming query fails. Rob Austein (chair) determines that the sense of the room is that the WG should adopt the document. Matt Larson, Joe Abley and Roy Arends volunteered as co-editors of the document. ----------------------------------------------------------------------------- 6) Current & New Topics [19:34 {audio 2:07:45}] 6.1) SRV underscore registry Jim Fenton appeared as to provide motivation for the work Dave is doing. DKIM was recommended by the IESG to pursue a registry for the _domainkey tag and this raised a larger question about a registry. Dave Crocker presented one slide and the discussion will continue on the WG mailing list. 6.2) TTL considerations [19:40 {audio 2:13:20}] Lixia Zhang Lixia Zhang presented the draft. {audio ends} Chairs have idea to formulate some work item around this research Lars Johan Liman asked if this was investigated using sampled or generated queries? Lixia Zhang stated that the research was based on real live data. Lars Johan Liman would like to see how many queries failed vs succeeded. Lixia Zhang responded that failed queries had been filtered out. ----------------------------------------------------------------------------- 7) I/O with other WGs [19:51 {no audio}] 7.1) dnsext: making DNS more resilient against forged answers 7.2) dnsext: DNS cookies Olafur says both these drafts need input from DNSOP 7.3) dnsext: DNAME operational requirements? No update, but dnsop encouraged to re-read latest version 7.4) v6ops: draft-ietf-v6ops-scanning-implications This document has been reviewed by some dnsop members; chairs ask WG to review latest version and incorporated changes. 7.4) geopriv: draft-schulzrinne-geopriv-relo This document fell off the agenda the last time; chairs asked the WG to review the latest version of this draft with special attention to the proposed use of the IN-ADDR.ARPA tree. ----------------------------------------------------------------------------- 8) A.O.B. [19:57 {no audio}] none meeting adjourned -----------------------------------------------------------------------------