IETF Logo Mail Archive

[Add] Updated charter proposal for ADD

Tommy Pauly <tpauly@apple.com> Tue, 14 January 2020 22:38 UTC

Return-Path: <tpauly@apple.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4DDE120059 for <add@ietfa.amsl.com>; Tue, 14 Jan 2020 14:38:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8WvtM_yhbmZU for <add@ietfa.amsl.com>; Tue, 14 Jan 2020 14:38:27 -0800 (PST)
Received: from nwk-aaemail-lapp03.apple.com (nwk-aaemail-lapp03.apple.com [17.151.62.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2386120046 for <add@ietf.org>; Tue, 14 Jan 2020 14:38:27 -0800 (PST)
Received: from pps.filterd (nwk-aaemail-lapp03.apple.com [127.0.0.1]) by nwk-aaemail-lapp03.apple.com (8.16.0.27/8.16.0.27) with SMTP id 00EMb7rn004255 for <add@ietf.org>; Tue, 14 Jan 2020 14:38:26 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=sender : from : content-type : content-transfer-encoding : mime-version : subject : message-id : date : to; s=20180706; bh=g0YSG0OcdULESS0qLzCweEp8IiZodZg8n1nHZxDAilQ=; b=dp19WpetHE5WOZKQvBszTZuoDa1CIKlm69qyiz3sDN16xAtXYl11AWtDaOSqBSms7pg+ m1mBwJZIAa/R+jw05wnnnxe2yNx+Iv5KHDDKRpXajACgUAx+70rcYllo2ae2p+DGboMX G9v8jVglk0GXaFpeVEUwVkolS/pshtNo+x4oc6jp0BT8uJDLpgQywgn77luN71g2q7zz E6uMIxdHXXoNrbLY5B8nMC/OAtQIB4D1x+mZ3gNEhurFba22z6T0vnXV1ayP66CZNBs0 gaeQmmha0eeB99SbNh9FMaS6S9w6IIzYLNc1w8PzVsFTvlkYpQ4xJI4M9GAhMRD3fNt4 AQ==
Received: from ma1-mtap-s03.corp.apple.com (ma1-mtap-s03.corp.apple.com [17.40.76.7]) by nwk-aaemail-lapp03.apple.com with ESMTP id 2xfyfpj6xa-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <add@ietf.org>; Tue, 14 Jan 2020 14:38:26 -0800
Received: from nwk-mmpp-sz09.apple.com (nwk-mmpp-sz09.apple.com [17.128.115.80]) by ma1-mtap-s03.corp.apple.com (Oracle Communications Messaging Server 8.0.2.4.20190507 64bit (built May 7 2019)) with ESMTPS id <0Q4400F9PC80OR20@ma1-mtap-s03.corp.apple.com> for add@ietf.org; Tue, 14 Jan 2020 14:38:24 -0800 (PST)
Received: from process_milters-daemon.nwk-mmpp-sz09.apple.com by nwk-mmpp-sz09.apple.com (Oracle Communications Messaging Server 8.0.2.4.20190507 64bit (built May 7 2019)) id <0Q4400B00BCYO600@nwk-mmpp-sz09.apple.com> for add@ietf.org; Tue, 14 Jan 2020 14:38:24 -0800 (PST)
X-Va-A:
X-Va-T-CD: 221abde68e6359e30a5cccbd17ef49f2
X-Va-E-CD: 3fcfe56601761e8bdddefe209b9584a6
X-Va-R-CD: f4304487b877ba5f48840d6d4e04541f
X-Va-CD: 0
X-Va-ID: 0a453c92-fd5b-4f98-9ec3-73a77cd119ed
X-V-A:
X-V-T-CD: 221abde68e6359e30a5cccbd17ef49f2
X-V-E-CD: 3fcfe56601761e8bdddefe209b9584a6
X-V-R-CD: f4304487b877ba5f48840d6d4e04541f
X-V-CD: 0
X-V-ID: eaaf7026-9e8f-4dd0-8837-5843aaac101b
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2020-01-14_06:,, signatures=0
Received: from [17.234.71.35] by nwk-mmpp-sz09.apple.com (Oracle Communications Messaging Server 8.0.2.4.20190507 64bit (built May 7 2019)) with ESMTPSA id <0Q44008HFC7ZWZ70@nwk-mmpp-sz09.apple.com> for add@ietf.org; Tue, 14 Jan 2020 14:38:24 -0800 (PST)
Sender: tpauly@apple.com
From: Tommy Pauly <tpauly@apple.com>
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: quoted-printable
MIME-version: 1.0 (Mac OS X Mail 13.0 \(3594.4.17\))
Message-id: <236B0A34-8C7F-49D2-8075-5AF5AC35BDFB@apple.com>
Date: Tue, 14 Jan 2020 14:38:21 -0800
To: ADD Mailing list <add@ietf.org>
X-Mailer: Apple Mail (2.3594.4.17)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2020-01-14_06:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/yFOsdTOf6VfNzsHPUbuFfQ5URzw>
Subject: [Add] Updated charter proposal for ADD
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jan 2020 22:38:29 -0000

Hi all,

I wanted to share an updated proposal for an ADD charter, based on the feedback and discussion on the list in the past several weeks.

This is based on the original proposal that was sent in December, taking into account various comments and suggestions. Glenn Deen, Andrew Campling, and I worked on this revision together and came to consensus on its contents.

Thoughts and comments are welcome as always!

(Note that the proposed name of the group was not changed, and is entirely open to bikeshedding. Naming is hard!)

Best,
Tommy



Adaptive DNS Discovery (ADD)
====================================
Proposed Working Group Charter

Sending DNS messages over encrypted transports, as defined in DNS over
TLS (DoT) [RFC 7858] and DNS over HTTPS (DoH) [RFC 8484], provides
benefits to the security and privacy of DNS data. Clients, such as
applications and host operating systems, have started adopting these
protocols to provide these user benefits.

This working group will focus on discovery and selection of DNS resolvers
by DNS clients in a variety of networking environments, including public
networks, private networks, and VPNs; supporting both encrypted and
unencrypted resolvers.

Clients adopting encrypted DNS protocols need to determine which DNS
servers support encrypted transports, and which server to use for specific
queries if multiple servers are available. These decisions can vary based
on the network environment, and also based on the content and purpose of
the client queries.

Network operators that start offering DNS encryption on their servers also
need a way to indicate this support to clients. Communicating information
about resolver configuration and behavior allows clients to make more
informed decisions about which DNS servers to use. For example, a resolver
may be able to resolve private or local names as a split DNS server.

The Adaptive DNS Discovery (ADD) working group will work on the following
deliverables:

- define a mechanism that allows clients to discover DNS resolvers,
including encrypted DNS servers, that are available to the client
either on the public Internet or on private or local networks;

- define a mechanism that allows communication of DNS resolver
information to clients for use in selection decisions;

- develop an informational document that describes how client
applications and systems can manage selection of DNS resolvers
in various network environments and use cases.

Any mechanisms that specify interactions between clients and
servers must provide the security properties expected of IETF
protocols, e.g., confidentiality protection, integrity protection,
and authentication with strong work factor.

This working group will coordinate with dnsop, doh, and dprive for any
changes required in DNS protocols. It will also work with capport to
ensure that solutions are applicable to captive networks.

v2.23.0 | Report a Bug | By Email