I'm forwarding this message to DNSOP as DNSEXT is looking for people with
operational experiences to help formulate a possible Forgery Resilience
changes to DNS protocol and practices.
For people not on namedroppers here are some background messages:
http://psg.com/lists/namedroppers/namedroppers.2008/msg01131.html
http://psg.com/lists/namedroppers/namedroppers.2008/msg01677.html
thanks
Olafur
Date: Wed, 12 Nov 2008 10:26:08 -0500
To: [EMAIL PROTECTED]
From: Ólafur Guðmundsson /DNSEXT
chair <[EMAIL PROTECTED]>
Subject: Re: [dnsext] Re: Time-line for forgery resilience phase #2
List-ID: <namedroppers.ops.ietf.org>
Dear colleagues
It has been rather quiet on the mailing list on this topic.
So far only 3 people have volunteered to be on the design team.
Nicholas Weaver
Matt Larson
David Blacka
The chairs are looking for a design team that includes people from
different backgrounds and experiences. In particular we are looking
for volunteers from the ISP and non-TLD authorative server side.
(contact me privately if you want to be included, only vetted volunteers
will get the magic email telling them the location of the design team
gathering).
If you think this effort is important, please volunteer, or say on the
mailing list what your "solution space would look like" as a template for
the design team to look at.
In addition if there are operational practices
that we should recommend please
put them forward as well.
thanks
Olafur
At 15:24 17/10/2008, Ólafur Guðmundsson /DNSEXT wrote:
Dear colleagues,
Thank you for taking the suggestions below to heart and following the plan.
At this point we have following drafts submitted:
http://tools.ietf.org/id/draft-barwood-dnsext-fr-resolver-mitigations-04.txt
http://tools.ietf.org/id/draft-reid-dnsext-aleatoric-00.txt
http://tools.ietf.org/id/draft-weaver-dnsext-fr-comprehensive-00.txt
http://tools.ietf.org/id/draft-wijngaards-dnsext-resolver-side-mitigation-00.txt
http://tools.ietf.org/html/draft-hubert-ulevitch-edns-ping-00
http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
If we forgot any please reply to this message with the link for the draft.
The forum is now open for discussion.
We propose that you start a new thread for each
subject rather than just reply
to this message, in the Subject line put
FR: Topic
As far as we can tell the ideas contained in
the drafts can be summarized into
following rough categories:
Packet acceptance
Data admission
Data integrity checks
Attack detection
Please use these words in your messages to facilitate clearer understanding.
Feel free to propose new categories.
In Minneapolis the WG is scheduled to meet on Tuesday afternoon.
The chairs have asked for a small meeting room on Monday (during one
of the first 2 sessions) and on Tuesday morning for a "design" team to meet.
If you want to be invited to these meetings send us an e-mail, we want to
get a broad balance of expertise and experience in that room.
The "design" team will present the recommendations (if any) at the
Working Group meeting.
Olafur and Andrew
At 12:22 04/09/2008, Ólafur Guðmundsson /DNSEXT wrote:
The WG has had 2 months to learn about the issues and kick ideas around.
At this point the discussion has reach the point of diminishing returns.
The discussion needs to become more focused!
The chairs propose following plan to make progress:
0. Discussion on namedroppers on ideas without drafts comes to an end.
If you need to ask a clarifying question,
please put the tag [CLARIFY] in
your Subject: line.
1. By September 30'th everyone that has ideas they want to share
should have an ID published.
suggested names for drafts: draft-<editor>-dnsext-fr-<name>-xx.txt
2. During October the WG will discuss the ideas and recommendations from the
drafts. Editors are encouraged to update their drafts frequently during
this window based on the discussions.
3. During November the WG will select from the ideas on what to recommend as
the extended Forgery Resilience approach.
The chairs plan to have a special session early in the week at the IETF
meeting for interested parties to hash out what makes sense.
Recommendations from that session will be proposed to the WG at
the official WG meeting.
4. If the WG does not reach a rough consensus by late November the chairs
may form a design team to come up with a recommendation.
5. An official WG document(s) will be submitted no later than early
December.
(we will need editors for this document(s))
6. By late January we will have WGLC on the document(s).
The document(s) will be advanced to the IESG by March 1'st.
Based on this plan, please stop all Forgery
Resilience (FR) discussion right now.
If you are not writing down your FR ideas in a draft,
please review and comment on the following WG last calls:
http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01190.html
http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01430.html
Olafur and Andrew
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
