IETF Logo Mail Archive

Re: [Add] A proposed charter for ABCD

"Smith, Kevin, Vodafone Group" <Kevin.Smith@vodafone.com> Mon, 23 December 2019 15:55 UTC

Return-Path: <Kevin.Smith@vodafone.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4D2B1200FA for <add@ietfa.amsl.com>; Mon, 23 Dec 2019 07:55:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D6pbWnMwZbuf for <add@ietfa.amsl.com>; Mon, 23 Dec 2019 07:55:16 -0800 (PST)
Received: from mail1.bemta26.messagelabs.com (mail1.bemta26.messagelabs.com [85.158.142.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A01D312010F for <add@ietf.org>; Mon, 23 Dec 2019 07:55:15 -0800 (PST)
Received: from [85.158.142.101] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-1.bemta.az-a.eu-central-1.aws.symcld.net id 54/47-12484-163E00E5; Mon, 23 Dec 2019 15:55:13 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrHJsWRWlGSWpSXmKPExsWi75kzTzfhMUO cwb8l2hb/T69js/h4eCqLA5PHiWVXWD2WLPnJFMAUxZqZl5RfkcCasfHyT7aCo/kVe6a9ZGxg PJ3UxcjFISSwnVHiyOTljBDOYUaJQ+f62LsYOSEySzdlQyQuMkosmfmLCcKZxCSx8+VEqKq7j BLrDpeA2GwC9hKX1r1gBbFFBMIlTq1rAKsRFtCTmPfzFxtEXF9iypH5LBC2kcTmE6+Yuxg5OF gEVCUOnZUFCfMKxEicnTmNDWJ8gMTmtgVgNqdAoMTmN3/AWhkFZCW+NK5mBrGZBcQlbj2ZzwR iSwgISCzZc54ZwhaVePn4HyvIzbwCD1kkGl4cY4VojpLY+ayDDaJIUaJl4QJWCFtW4tL8bkYI 21di+psnULaWxKP+h1A12RKXLk+AWqYu0fJxHlRcRmLp4blsIMskBP4ySxyYNYcV4oMUibkbt 7FDFMlJrOp9yALT8ODGdrYJjIazkDwBYedJ9M75xzgLHBiCEidnPmGBiOtILNj9iQ3C1pZYtv A1M4x95sBjJmTxBYzsqxgtk4oy0zNKchMzc3QNDQx0DQ2NdYGkuYFeYpVuol5qqW5yal5JUSJ QVi+xvFivuDI3OSdFLy+1ZBMjMHmlFDKs2sE48dtbvUOMkhxMSqK8Si4McUJ8SfkplRmJxRnx RaU5qcWHGGU4OJQkeEXvA+UEi1LTUyvSMnOAiRQmLcHBoyTC+/shUJq3uCAxtzgzHSJ1itGSY 8LLuYuYOT6uWgIkv4NIIZa8/LxUKXFe6UdADQIgDRmleXDjYMn+EqOslDAvIwMDgxBPQWpRbm YJqvwrRnEORiVh3ikga3ky80rgtr4COogJ6KCzsv9igQ4qSURISTUwlU3wiD6f7/TXcNvqOaa b1j96LnlG7dB0w+cLZc4UXZrwYcL6fZ3Bs4U3VGW97/4wk2VPzBwXsZzZjPdXruB5naKyf89l pdl6ze+rD3IvSzjnoLSfldl7yTnVszaqkm1z8/j935k9XHj46e2/flO7JdbISWernTjG4nfYR jTbxnjjPZdr7dPvS3+WKV+5cW3ll5jZ0o0f/6QE/HGavcHitOOZ6Yc/b0vo/sa9dvPXr95nNd 5c1BKI0ksqaW31PHXCfPJ6J2+t40seX+j/Z1IpMilN7VvH9JvyfDdE2Z8+Urf6KbRzo9bsvR+ LZmw5PWHWTu4YNpa7uxjt4j/P9dWY7tpQeWvLn8ca/3g6bkyZYVWhxFKckWioxVxUnAgA5Yga 4nEEAAA=
X-Env-Sender: Kevin.Smith@vodafone.com
X-Msg-Ref: server-6.tower-226.messagelabs.com!1577116510!181381!5
X-Originating-IP: [47.73.108.158]
X-SYMC-ESS-Client-Auth: outbound-route-from=pass
X-StarScan-Received:
X-StarScan-Version: 9.44.22; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 11265 invoked from network); 23 Dec 2019 15:55:12 -0000
Received: from vgdpm16vr.vodafone.com (HELO voxe01hw.internal.vodafone.com) (47.73.108.158) by server-6.tower-226.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 23 Dec 2019 15:55:12 -0000
Received: from VOEXH08W.internal.vodafone.com (47.73.211.206) by edge1.vodafone.com (195.232.244.46) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 23 Dec 2019 16:55:06 +0100
Received: from voxe01hw.internal.vodafone.com (195.232.244.46) by VOEXH08W.internal.vodafone.com (47.73.211.206) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 23 Dec 2019 16:55:06 +0100
Received: from VOEXH10W.internal.vodafone.com (47.73.211.214) by edge1.vodafone.com (195.232.244.46) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 23 Dec 2019 16:55:06 +0100
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (172.17.213.43) by VOEXH10W.internal.vodafone.com (47.73.211.214) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 23 Dec 2019 16:55:05 +0100
Received: from HE1PR05MB3129.eurprd05.prod.outlook.com (10.170.245.143) by HE1PR05MB4684.eurprd05.prod.outlook.com (20.176.165.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2559.14; Mon, 23 Dec 2019 15:55:05 +0000
Received: from HE1PR05MB3129.eurprd05.prod.outlook.com ([fe80::528:7eec:3313:5998]) by HE1PR05MB3129.eurprd05.prod.outlook.com ([fe80::528:7eec:3313:5998%7]) with mapi id 15.20.2559.017; Mon, 23 Dec 2019 15:55:05 +0000
From: "Smith, Kevin, Vodafone Group" <Kevin.Smith@vodafone.com>
To: Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>, ADD Mailing list <add@ietf.org>
Thread-Topic: [Add] A proposed charter for ABCD
Thread-Index: AQHVt0kW/l+9dnGimkqXhkI5p91jqqfH3u/Q
Date: Mon, 23 Dec 2019 15:55:04 +0000
Message-ID: <HE1PR05MB3129BA0D41DD845A9BC94578912E0@HE1PR05MB3129.eurprd05.prod.outlook.com>
References: <CAHbrMsACEWWFxw04KUc4Q66G4hf_P3V3eOnAHqw18PDxCn-b2g@mail.gmail.com>
In-Reply-To: <CAHbrMsACEWWFxw04KUc4Q66G4hf_P3V3eOnAHqw18PDxCn-b2g@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Enabled=True; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_SiteId=68283f3b-8487-4c86-adb3-a5228f18b893; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Owner=Kevin.Smith@vodafone.com; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_SetDate=2019-12-23T15:55:03.7942165Z; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Name=C2 General; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Application=Microsoft Azure Information Protection; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Extended_MSFT_Method=Automatic; Sensitivity=C2 General
x-originating-ip: [47.73.248.111]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7d709269-5049-4a5d-30c3-08d787c07a4d
x-ms-traffictypediagnostic: HE1PR05MB4684:
x-microsoft-antispam-prvs: <HE1PR05MB46845E9D80FDBE8B047A3E43912E0@HE1PR05MB4684.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0260457E99
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(366004)(136003)(346002)(376002)(39860400002)(199004)(189003)(8676002)(81156014)(9686003)(55016002)(8936002)(478600001)(2906002)(81166006)(7696005)(64756008)(66556008)(5660300002)(71200400001)(33656002)(52536014)(316002)(66446008)(26005)(186003)(110136005)(86362001)(6506007)(66946007)(53546011)(66476007)(76116006); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR05MB4684; H:HE1PR05MB3129.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: vodafone.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: V2TAeZ5DCGrSbrQu8vykSl4e2iY+uMBDLufXavoGqv+745d4vmHIbVVYuWC4/GQc7OZXUeFhAWa0iIpRKE/+nzMMhwPLbMoliGJ5rBHGCJ5MSw64OMDcFHxSYWYSvzfQ8CLmInEk3IRFNtxE/1nRFNv9mHyIZVrzHWUsezrNGOsQDkyFaJvYZqDbgNh8Y6rCY5zf/eoISvmp/5YiyeFTm2xFxfIk3BxF8F6+vipO2bvjc4aiCpvbIAuw+f7WlNeLMgA9YnFgRquG47MzSeMc9KOdR4IgS6SpmAy3YmhOsKBVk+kf2mVCuxGopKbfLMI/nNmfli7c84KYBJsc0NleXfst3bShL4J6a2KZSZrSzA/8PxS03Zz2IMWliUV1XQT2oCQvpCnAXFDv1WXUfD4V0XHlKYAIBKeC998Qa8T5m6OVYKz9alADWXiSgIwveAsx
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OsV2tJTRDcfQLXaRC3p7mbbL28OAT+i8v3gsFyXC92w6eq7kp4D9ybrj93O92j1ilje+wFShj/sGroIg4FMejKAOSdNfF1/lcseEXJKj3YHVZJuWwuc0SK+O2QiMi2okHYXxfHrpdIrTwAYDmuwPIjtnLdAglF3mMrzfU0wogNbGo4TVgVv+RfZzTRMmWvRDJu5WuZi5CH90tAlcHV+wu741QjiCNljj2ZF6mSCJc2Xa4zG+3Zhge0qArdFTWQ7sS9bikl99Yr8qvVwLOCeih9uB7OFFgIgoo/o+9/Rx1KD65Ike4VyYMp1pGveW8aOwyrfItBl3IigRqMr0iuVIQw==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eR6PJHuYGZC1E5fTY84sm80tcRCE/VD8WB3QRtGVXXI=; b=GivaiAiLX6NLV9yGlYritAsSY7vuJYzfwPSvoJoIKMGj0MdixNKanIh+0oL39uOe/TzArZ98ByqP1ednb9xzaISrfnxSjw81+qnCIispExgWP8a/tzlaQhV9Zo2Q26k3KdThLt9t6zCeY9L+lociecxZBS0q5hbgXSfVXiMCUaOKh00va7MbiyBP/T8s06xJ2r8rDasu2Xv4blAiJxI0apzHhT8rEfOsLI5dbk9nEfkBb8V1YzItf0rCsO1PayRifWvTheWL6GuZL0/NWoILMlEsSPfGQSWKnE69/15xrC7l8vfXKBDlj0KajY36+GgtSeyWUXBeOGGRW2zRd/cJgQ==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=vodafone.com; dmarc=pass action=none header.from=vodafone.com; dkim=pass header.d=vodafone.com; arc=none
x-ms-exchange-crosstenant-network-message-id: 7d709269-5049-4a5d-30c3-08d787c07a4d
x-ms-exchange-crosstenant-originalarrivaltime: 23 Dec 2019 15:55:05.0334 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 68283f3b-8487-4c86-adb3-a5228f18b893
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: YKzzLmMu9rJ7Ot9K8TMigrNMa6Daai0uGvxAuCj/K9Xc4HVLu9zPYtbw09TSiQw60paXYYAQYRb7Axhj8p3QUxLcmMYNzsLhNAp2Uwsosqo=
x-ms-exchange-transport-crosstenantheadersstamped: HE1PR05MB4684
Content-Type: multipart/alternative; boundary="_000_HE1PR05MB3129BA0D41DD845A9BC94578912E0HE1PR05MB3129eurp_"
MIME-Version: 1.0
X-OriginatorOrg: vodafone.com
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/U7CMtnU90SW2qnGqoG1hijyK39I>
Subject: Re: [Add] A proposed charter for ABCD
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Dec 2019 15:55:20 -0000

Thanks for sharing the draft, Ben.

> Where possible, any mechanisms that specify exchange of information between clients and resolvers should provide the security properties expected of IETF protocols, e.g., confidentiality protection, integrity protection, and authentication with strong work factor.

The preceding text explicitly states 'recursive resolvers' several times, but 'recursive' is not explicitly stated here. Does this  statement therefore encompass all resolvers in a chain, and the security/ privacy uplift that implies?

Regarding 'where possible': I'm struggling to think of a case where it wouldn't be possible, only a case where there may be a side-effect: e.g. a constrained-power IOT device incurring additional radio transmissions and crypto cycles.

> Each specification must clearly indicate under what circumstances and assumptions these properties are or are not provided.

And so should implementations (as part of 'resolver information') at the point of discovery.

All best,
Kevin
Vodafone R&D

From: Add <add-bounces@ietf.org> On Behalf Of Ben Schwartz
Sent: 20 December 2019 15:20
To: ADD Mailing list <add@ietf.org>
Subject: [Add] A proposed charter for ABCD

Hello ADD list,

Based on the feedback from the ABCD BoF at IETF 106, and with additional input from chairs and area directors from relevant working groups, the ABCD BoF chairs have drafted the following updated charter for a working group.  Please review it and share your perspective.

Tommy Pauly has recently posted a charter text proposal that considers closely related issues. This is not a competition, so please avoid "voting" for one proposed text over the other.  The text of any final charter will be written by the IESG.  To help them judge whether a working group should be formed, and how it should be chartered, the most productive input would be to know which elements of each text you find valuable (if any), and which you would like to see changed in any final charter.

-----------------------------------

Proposed charter text:

This working group will focus on DNS client side topics, particularly discovery and selection of resolvers. This complements existing DNS-related working groups, which are responsible for improvements to the DNS protocol itself, and for operational questions that are principally of interest to DNS server operators.

The working group is chartered to develop an extensible protocol for a DNS client to learn detailed information about a resolver, based on draft-ietf-dnsop-resolver-information, which will be transferred from dnsop.  Relying on this new protocol where appropriate, the working group should produce standards-track, informational, or experimental documents that provide the following items, using the drafts in brackets as input (with no obligation to adopt them):
 * methods for a recursive resolver to advertise support for an alternative transport protocol [draft-sah-resinfo-doh],
 * methods for a recursive resolver to indicate that it will sometimes return DNS results that are different from the global DNS [draft-grover-add-policy-detection],
 * methods for improving user privacy by avoiding DNS queries that leak information or directing them to a server that will have this information anyway [draft-pauly-dprive-adaptive-dns-privacy], and
 * a format for describing the client's DNS configuration, suitable for diagnostics and debugging.

Where possible, any mechanisms that specify exchange of information between clients and resolvers should provide the security properties expected of IETF protocols, e.g., confidentiality protection, integrity protection, and authentication with strong work factor.  Each specification must clearly indicate under what circumstances and assumptions these properties are or are not provided.

This working group will coordinate and share WGLC announcements with the following working groups: dnsop, capport, dprive, dhc, and homenet. The working group will also coordinate with the Security Area, and will be assigned a security advisor.

P.S. One note regarding this proposal: the chairs of the doh working group expect that doh would be closed if a new working group were chartered in this manner or similar.


C2 General

v2.23.0 | Report a Bug | By Email