IETF Logo Mail Archive

Re: [Add] Proposed charter and BoF request for IETF 106

Alissa Cooper <alissa@cooperw.in> Wed, 09 October 2019 14:52 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA6C71200E0 for <add@ietfa.amsl.com>; Wed, 9 Oct 2019 07:52:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b=LVq/KyV3; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=pYLHTO/b
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N3VakqROM06E for <add@ietfa.amsl.com>; Wed, 9 Oct 2019 07:52:38 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDF5812008B for <add@ietf.org>; Wed, 9 Oct 2019 07:52:37 -0700 (PDT)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id 17C9218A; Wed, 9 Oct 2019 10:52:37 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute7.internal (MEProxy); Wed, 09 Oct 2019 10:52:37 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h= from:message-id:content-type:mime-version:subject:date :in-reply-to:cc:to:references; s=fm1; bh=BteZMfbJExhgZhR5xUFsFLN Z/ZJUt3608Q/cEPsyLBU=; b=LVq/KyV3z2r+TKOYWSoKs/1p5/9G2qaovGjFbRr mKVrKlxqh1poqCqkBWYYxj3/3vEP6NRvXVcSlS1ug/xZ3TNpWMUvhRGvjGmr5+K2 KBaobtYGkTsFCjVf8KGeQzXienAXTLvCEGwFV2S13owK6uVKqpEQzQIzIPqGNpBi pFMUF5wcBrwelqtAa14rcTdAIIYF4z0dQfeZCLrc1xKDiZk0pIOmBDZ4ztvACpi1 UpyIUTJJxw9mXWL+ZFzTwTLsb0F0eiXKB2d8LOj7X+3dh1H4A8ne3pbewx1V74IP D4j6lELQv46VLtIdJpqGdKG9v+mGBKRIgaUf7pCUKySjqpA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=BteZMf bJExhgZhR5xUFsFLNZ/ZJUt3608Q/cEPsyLBU=; b=pYLHTO/bYIwbroyd1YUh6Q V9dpXijrYB1HBzhBwXSpbwth659pWmq0O2mNYtXk5itaS0tcC0NNYv6mFPi/cMkH 0BIau4HLIXD1y/pB5KfkdqHNIxsNO4eOZn4FsRM6KIbRcFxjt2i4vyFcHrvyE7ly 4tw/xYqS9LDFwOz3Libhku8X2GsBnF43haSj6G+jKY4sYGSo9kz/iHRunUWJrnB0 jJsrsFx1N0iH6gpO2TTGBQklO7CHht3ny2mf8rSeypBGYDeksR5uds3sEc4LdXfs FukcdBm+uyVPcAEHhdXBCLPcUWft7lYIJRPZke8uEF879YwJj6XxjDGihnY2H/3w ==
X-ME-Sender: <xms:NPSdXc_jOvntWNMkNxZ42qLaudWp5Bxt3mtskFoRHfNBlbvWPpU3CA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedriedugdehjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefhkfgtggfuffgjvfhfofesrgdtmherhhdtjeenucfhrhhomheptehlihhsshgr ucevohhophgvrhcuoegrlhhishhsrgestghoohhpvghrfidrihhnqeenucffohhmrghinh epihgvthhfrdhorhhgnecukfhppedujeefrdefkedruddujedrkedvnecurfgrrhgrmhep mhgrihhlfhhrohhmpegrlhhishhsrgestghoohhpvghrfidrihhnnecuvehluhhsthgvrh fuihiivgeptd
X-ME-Proxy: <xmx:NPSdXRq3Hx-KTp8bDL96O06CP_6hzgmxqQ2FLxcB5vu1NsDND1h3yQ> <xmx:NPSdXdpv44tmV-ffv_fs_oMQto0_EmPso8l7A37n_oMaDbl1EOVs9g> <xmx:NPSdXU0Kizd3DtiDZm6dStAUWjPhn3-WtkC_s0eEw4OOvNH_xJTQTg> <xmx:NPSdXSQl_AFnqgehxMXSSB0ibeZeaQJGR-xZ0BZ5sViFLiVq7f5iUw>
Received: from [10.82.168.16] (unknown [173.38.117.82]) by mail.messagingengine.com (Postfix) with ESMTPA id C26D6D60062; Wed, 9 Oct 2019 10:52:35 -0400 (EDT)
From: Alissa Cooper <alissa@cooperw.in>
Message-Id: <0F11A08C-F93F-43F9-A3EF-3D1E378D4073@cooperw.in>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4B0BB8C6-D820-463C-9777-CD484974AED1"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Wed, 09 Oct 2019 16:52:33 +0200
In-Reply-To: <CAChr6SyhEQLvm8ddgb1HxfqD4Ru_gVajduVggVA=4O5U5ytRcA@mail.gmail.com>
Cc: Joe Abley <jabley@hopcount.ca>, Barry Leiba <barryleiba@computer.org>, ADD Mailing list <add@ietf.org>
To: Rob Sayre <sayrer@gmail.com>
References: <CALaySJLxXVuHQNfTnaeKZ_R9xtBYWfbta+A1bWcE-ZQZwd3VZg@mail.gmail.com> <CAChr6Szdm=VEAMOLnuU26aZcs0ppXoenZVPtWY-b40zEtZ5YiA@mail.gmail.com> <CALaySJ+r0WAt+=33cV73q88KKc+gj3O6LtfcLxFOhDjcLP+U3A@mail.gmail.com> <CAChr6Sx2Yh7BecWw-Q=QrD1WchL0jTj7gzCnr-B-N=04WmV7RQ@mail.gmail.com> <C9D02221-0B92-4458-8A93-1DE880FDD638@hopcount.ca> <CAChr6SyhEQLvm8ddgb1HxfqD4Ru_gVajduVggVA=4O5U5ytRcA@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/flFOfZaTJi9JmEGqRzAiUOOyPCg>
Subject: Re: [Add] Proposed charter and BoF request for IETF 106
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 14:52:41 -0000

Hi Rob,

When the IESG was discussing this, I wrote up the text below. The structure and some of the text made it into the version Barry shared.

—

Application Behavior Considering DNS (ABCD)

DNS over TLS (DoT) [RFC 7858], DNS over DTLS [RFC8094], and DNS over HTTPS (DoH) [RFC 8484] provide confidentiality and tamper-resistance to thwart on-path attacks against DNS queries flowing between clients and recursive resolvers. Along with the deployment of these new transports, various application providers have been exploring having the application configure its own DNS services rather than using DNS services configured by the network operator. (The working group considers a network operator to include Internet service providers, enterprises, and any businesses that provide network access.) Together, these developments may represent a set of shifts depending on how the new protocols are deployed: from cleartext to encrypted transports, from use of unique port numbers for DNS resolution to ports that support significant other traffic (e.g., HTTPS), and from network operator control of DNS configuration to control by clients, third-party resolvers, or others.

This potential set of shifts raises many questions given the long history and current status of DNS operational practices. Network operators have historically used DNS services for a variety of purposes beyond simple query resolution: to mitigate network and security threats, to enforce enterprise policy, to provide parental controls and other filters, and to comply with relevant laws and regulations, among others. To the extent that the presence of encrypted DNS transports or changes in DNS configuration control or both create barriers to achieving the objectives that underlie these practices, this working group is the venue within the IETF to work on engineering and operational solutions. 

This working group is focused on specifying protocols, guidance, and best practices to support the smooth operation of encrypted DNS transports across diverse networks with potentially diverse and changing arrangements concerning where the control of DNS service configuration is located. Specific initial areas of focus include but are not limited to:

- Resolver discovery and selection
- Expression of resolver policy
- Support for split-horizon DNS environments
- Mechanisms to facilitate testing of new configurations

This working group will coordinate with the DNSOP (OPS Area) and DPRIVE (INT Area) working groups, and all last-call announcements (including Working Group Last Calls issued by the chairs) will be copied to all three working groups to ensure thorough and careful review.  The working group will also coordinate with the Security Area, and will be assigned a security advisor.

—

Best,
Alissa


> On Oct 9, 2019, at 3:51 PM, Rob Sayre <sayrer@gmail.com> wrote:
> 
> 
> 
> On Wed, Oct 9, 2019 at 8:48 PM Joe Abley <jabley@hopcount.ca <mailto:jabley@hopcount.ca>> wrote:
> Hi Rob,
> 
> On 9 Oct 2019, at 09:40, Rob Sayre <sayrer@gmail.com <mailto:sayrer@gmail.com>> wrote:
> 
> >> So if it helps, consider "the IESG" as the charter proposal writers
> >> and "5 or 6 ADs" as the BoF proponents.
> > 
> > It does not help. Could those "5 or 6 ADs" put their names on the proposal?
> 
> Can you explain why this is important?
> 
> I don't mean to imply it's not; I'm just trying to understand your question.
> 
> You ask a totally fair question.
> 
> I think the charter is misguided and wrote that "a proposal that no one will put their name on doesn’t even deserve an argument." 
> 
> So, I just asked (again) whether someone would put their name on it.
> 
> thanks,
> Rob
> -- 
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add

v2.23.0 | Report a Bug | By Email