One of the two drafts I wanted to talk about at dnsop today for WG adoption was "Client ID in Forwarded DNS Queries": https://datatracker.ietf.org/doc/draft-tale-dnsop-edns0-clientid/
The core idea of this document is to be able to provide device-specific identification in an EDNS option sent to a full-service resolver, with the principal motivation to be for filtering products. It uses an IANA Address Family value to indicate the format of the identifier that is being sent. One of the design goals was to avoid creating any new registries. This document treads on controversial grounds because of the obvious privacy implications. It must be noted that both Nominum and Cisco are already doing this via EDNS options, and so the general idea confronts some similar issues we've encountered before about whether to document in-use protocols or let them just continue on with little to no public documentation. As Sara commented on Ray's draft that proposes a very similar option, draft-bellis-dnsop-xpf, this sort of thing clearly needs a close look at privacy, and I whole-heartedly agree. I've already been directly poking privacy-concerned individuals for feedback. Speaking of Ray's draft, our proposal is able to handle his use case but unfortunately our use cases are not achievable in his. I'd welcome joining up. The one other thing I wanted to mention in the WG is that I tried to get an EDNS code point assigned through the "Expert Review" process, which it turns out is very poorly documented for either process or review criteria. The Expert Reviewer, Olafur Gudmundsson, has initially denied the request pending feedback from the WG. I'll leave it to him to state what gave him pause, and to request the feedback he seeks. The denial triggered a bit of a philosophical debate between us, but no matter which side of that debate you line up on it's very clear that Expert Review really needs documentation to appropriately set everyone's expectations. I'm hoping that he and I will be collaborating on a draft. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop