IETF Logo Mail Archive

Re: [dd] starting charter text for the DELEG BOF discussion

Ben Schwartz <bemasc@meta.com> Tue, 05 March 2024 19:53 UTC

Return-Path: <prvs=879478b896=bemasc@meta.com>
X-Original-To: dd@ietfa.amsl.com
Delivered-To: dd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD4C6C151707 for <dd@ietfa.amsl.com>; Tue, 5 Mar 2024 11:53:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=meta.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mbO43qoJxNtN for <dd@ietfa.amsl.com>; Tue, 5 Mar 2024 11:53:22 -0800 (PST)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A510C14F708 for <dd@ietf.org>; Tue, 5 Mar 2024 11:53:21 -0800 (PST)
Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 425JTAlw010559; Tue, 5 Mar 2024 11:53:18 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=s2048-2021-q4; bh=8IVrCggPKMHde5e53Ch+UmH4MQtrFfilwo+hCmHkKrI=; b=LkVGzNF1ubCIRolxmmbaCWt+rF4UVmba7w/wJDkiSPLw5QH35fa4UQ2hzur2R50p8kjV asX7W7luU80JAGbF/yzgfijCJRaQ9m859jkEJycgJNUwroz4qesu4Ar1UhdxzeDeAseE 6YTYpA8jlVwId0fdGd9wpYahPhEOLk0WWxS4UdmBkViLEJ+mpIslsyB0K+pwE17Cftet Wz7SbEc+ilh/lmtkxQceUJ4vENyMeB6uBMcxYLSmgKnKdL9uG0DoXKPY9quWA3ZQvjd2 QhrrKm+wtOm7Ff13kxA37Hk2vJYL8/N6AMKJ8AE105SOAnE5phEJkuHaM6S2/rc/Kz9F xw==
Received: from nam02-dm3-obe.outbound.protection.outlook.com (mail-dm3nam02lp2040.outbound.protection.outlook.com [104.47.56.40]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3wp39su899-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Mar 2024 11:53:17 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Olkzefcnla8HJrMCv+JLOfssfrSvHOk9I+38rv/De+xMVjB/z6cknsEGADvtNRKxRxUSGwlcS8ys4TBjt44GtikT/qpiq6891sy3wWClQ1MBsJuMdgMIB3mZaZzwC0vR3ExGgQto7/cx5zq03ThFaJ2jmQcS0np9pWdAaM1zPdmErDy5gPnsjuCit7rXww/qnRqwVrbDUSKk054TFI3nIoWjjK6dyHGVadl1Rg4y4sIsqHPfMPXVzQKhrhnpyP4L40ktNeM9L4U3rf1rAxf2llwcRbLSZAlmrgP7ZiAEFKHqIq+nD7mHj9/vQSOwZTR1Q9lIQRn4dMC94iRM4hiTPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bDOCIUSMRa7x/WUo5rbJ0IU8Gw4chBsfR1wJdCt1Fgc=; b=lOz1DYZc/P8s543Uh6w/M39qg7wvEdpuT9T30QKZ2JKwV3xscCbAYz0hgR1uBTIcrLRKRtMt9jVxiEGQgFE1MFzcpCUxi8YLpBliFs0rBgaXmCC2paFkzILl/T8R7hdTkZWKxWyN3bPIfUI2O1L1YVFjJtkVHo1O7ObmKMPNE4/oOwlFUBth8nLKSkFNS87fMyzKR2Se5F7DHkfWbpp31wHCigtnBjmujZrnHv6gqAn667lFCaKOYbGjuET7L11M9S9OMlLVhte4Tv2gEfM9bjQrcEYH1MQHzN84dWRm+CMHro/fRzjfEjhByDEiWEMdihHkd8/6hgtRfYrPVU3Vqw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=meta.com; dmarc=pass action=none header.from=meta.com; dkim=pass header.d=meta.com; arc=none
Received: from SA1PR15MB4370.namprd15.prod.outlook.com (2603:10b6:806:191::8) by IA1PR15MB5557.namprd15.prod.outlook.com (2603:10b6:208:422::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7362.24; Tue, 5 Mar 2024 19:52:52 +0000
Received: from SA1PR15MB4370.namprd15.prod.outlook.com ([fe80::50:3dc9:3ace:9a3a]) by SA1PR15MB4370.namprd15.prod.outlook.com ([fe80::50:3dc9:3ace:9a3a%5]) with mapi id 15.20.7362.019; Tue, 5 Mar 2024 19:52:52 +0000
From: Ben Schwartz <bemasc@meta.com>
To: Wes Hardaker <wjhns1@hardakers.net>, "dd@ietf.org" <dd@ietf.org>
Thread-Topic: [dd] starting charter text for the DELEG BOF discussion
Thread-Index: AQHabOHOiz6hVjO5QUOdWu0Ephar7LEpkk99
Date: Tue, 05 Mar 2024 19:52:52 +0000
Message-ID: <SA1PR15MB4370F1D275E94CD1AE2C8A89B3222@SA1PR15MB4370.namprd15.prod.outlook.com>
References: <yblbk7wl65k.fsf@wx.hardakers.net>
In-Reply-To: <yblbk7wl65k.fsf@wx.hardakers.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR15MB4370:EE_|IA1PR15MB5557:EE_
x-ms-office365-filtering-correlation-id: f4e13bc6-267b-4e28-6925-08dc3d4dd82c
x-fb-source: Internal
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LyImPRhuztoTIKQsEpjp68IzCKVx1IeOz4kU9j1LkIa8G0tgABjRvPQLxDP7y0XGSNAb3XyrYXKQ5xBrOfO8SFrejPZIEigCotLkXC7IkOM2bcTQVHSYqusV35K83vj4ePx/SI7yPYmufkL2Jq7Iyb3ZkPS3BDKaNAFB3hHzzbpbFkP3WE6xMS/LXGzbyLUof71GwzG9DMxKG7r6bOYrqvBIsW4rMbjuzUdn11En3oQ+mOOiqNfleQhdAtrQuzSS8NEDUPGMekHOAx/yWDp27Wo45FamasKkGCHHzIRGH3Ecnhq1VT82acKO2u29xji6iwDkhiOOhbUv0sACSYkqGgSKAcOyli9J0HKVWKRgK0IIa2ygxiT5/FMuqKCp0zOZIUetGkDtkZTPG92HyN9/IbEs0B4hm8OptteW5KKrBbv7aYYg28S7VcDSCsIfHBzqPwOGuevimoGPOtN91X54c3bPHje+TD0ebn7NcY9SYIxbH6cvmlvT7rVfIvNpvcqi3WeDm5CzwGhUSH21oHGTvJyDTqdHPu53DDmM111LNxwxWcik9fkiETTyw8j58WJr4hXneCdgdMn28h6D5nNJmrjeocfMZJ06AVCK/pC7nNQ8znnzgBUw+gkEFDlxOzOCswmso7cWnT6Jh5E7mCEPu/288gKmEA/wExUOcFykP3c=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR15MB4370.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376005)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: MsuLWvcJi2APhhic7OWnJmDCaEmlHrPPRqU7D+iEjYeqZALRViPZLJ/NUSR21LkurmPLcChhCL/dM5ObnzWV00y8l+WMb6/h32BJq9k6Zm6t4Itk3OkVp+xi9Re0IjMUBMRX3PSMxEFOA5TKVKmjBbeCnJuusM4ju2qEzBrxBtG54p2gJKfXDhFIDnQzyHpqgT3YbKhEcucFjRuv1/ntzLEmk4PuaiWRGQZPPWJ23wIGjUmaalq+RohRxJjWtIAogHHCu3iGZIRh2f+4weHFu6MtU5uEbIC1GWsYaqUnkbvHsP2k87YVSEqz7znFVwDGT8FzGTnLS15T5tl33CC3ceS1UWAPB0wh04qaClliNC88ULEb89T27eX+FJCuK4685ws6UK25udSOpUffUiFrjgkdkswCJMm2RTrJyYQUIj4sVv6uZkgi5lbfRhZLbJq5CzQDGF1E2aEhtWZ4jZP9LukJgD1Frjq5HHYyuXUu1nIAa834o5D9IevoZ6zM9kqNtzDGO8PShzMegRhmW4p0LIJit+9c9N4k6//Dx9r3oqvV+l5XQTyg7Qeqe0GM7jgUXo0grYu703e9lQlZQAZgYEARmDFNYo40gPzH2/DTLCW25l5UxjiNKTiI66Hn4KQ4AqSC+uAsQm42NqTbMsGy2gtz/8Ln8rU+624kQbNihJkBeVxHd4w8sZ303qw6cGzT//7F6GDnGZ4XV0lrMnbK8urU0hONCI7EYuZ54acuQX6g6evmvXZJoZa6wVOt91LlMyBfqisYnkTf1TqLCCCa2wSToEzpcfc/4Dg7ZMVNellUSmzyhzxacp+ZhS4lki6db3yzZZl5GwUPp1B0ajfCS35AOhLYJUFChL+thP6zutq5pcb9no5Gov6EUH8YNcWWFgKSmeb5i1WijP27m27XUfbxd+m3vlFj+n41zRLZxYkXM/j7Szytw0bdaBiiFB0IM64T25E3igtEY9ENA0rr3GxO5rqw0N5BCnSD/e+YISJHgdBGsyJ6Epeh1Ag6GNFXle7MMvvjKAM8ACAdKW73vBUziNsynqCUfDCC+ZLnXbidAzZEudpWBGttS2/yROUFOQify1s7Byd1zMwq01fqMjFOVS5RUTUQPcRzE94JAuWk2yJ7euv3Amf+pysHjyqt8JGBZPPPgAS2O6N9hOehbztgToDy6Zzf75lp9FRhVquUzo/rZyQJwPd3fOyqe6KODnJ/Gwts1ua5UlJDQz+oT7omQO3Hkqj5dl3IiLfSvIcIwef6O1r6D9BYadAQR9fL100IcpBGKwKc7YNUjh9M3wGZMKaMzsJIW6JKzeuw0ngf+9hgNvd9zhj3QImxo8mKLyPd3cI0RizRZK8G6HVk1NtVEWedXx466jKkwtvigkbDlvHj//HFL1+/eQRT5iaUPHivo2tDqxDtw/aN9raxhnQuPVVTjUFeWgA15gIkEY+J2SZPV3C4DIDvniSlyYzj6GqaoRxuFmxIXkPWJQFFdkANCVVkBDrWm6jsk0Dr71dE1mFn5bUrFTIp0WmEchLGLcphXY3l4F9LbsAsn/CRApQOsGMnNF4mfGlaJqQ16GjEzmp8bBLF7B+Ys9EtrPnD
Content-Type: multipart/alternative; boundary="_000_SA1PR15MB4370F1D275E94CD1AE2C8A89B3222SA1PR15MB4370namp_"
X-OriginatorOrg: meta.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR15MB4370.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f4e13bc6-267b-4e28-6925-08dc3d4dd82c
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2024 19:52:52.7769 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: FlzKS8Iibc0pL8TXFLNdae2fD5ELFpakZM/Jrs4V81ZATfG8l+3PZMwpcjUjKolp
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR15MB5557
X-Proofpoint-GUID: w3g-QJICzlpK3Vo_UfUFBa_qQivkwvqd
X-Proofpoint-ORIG-GUID: w3g-QJICzlpK3Vo_UfUFBa_qQivkwvqd
X-Proofpoint-UnRewURL: 4 URL's were un-rewritten
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-05_16,2024-03-05_01,2023-05-22_02
Archived-At: <https://mailarchive.ietf.org/arch/msg/dd/jvKvPpKCdY310w734SXZP44eG2k>
Subject: Re: [dd] starting charter text for the DELEG BOF discussion
X-BeenThere: dd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DNS Delegation <dd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dd>, <mailto:dd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dd/>
List-Post: <mailto:dd@ietf.org>
List-Help: <mailto:dd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dd>, <mailto:dd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2024 19:53:25 -0000

This charter text doesn't mention encryption, TLS, or QUIC.  It seems to me that enabling encrypted transport upgrade is a key motivating factor that drives many aspects of the DELEG design.  Encryption should at least be mentioned in the charter, and the group's intention should be spelled out here to avoid confusion about the division of responsibility between DELEG and DPRIVE.

--Ben Schwartz
________________________________
From: dd <dd-bounces@ietf.org> on behalf of Wes Hardaker <wjhns1@hardakers.net>
Sent: Saturday, March 2, 2024 3:39 PM
To: dd@ietf.org <dd@ietf.org>
Subject: [dd] starting charter text for the DELEG BOF discussion

!-------------------------------------------------------------------|
  This Message Is From an External Sender

|-------------------------------------------------------------------!


Greetings all,

Your BOF chairs have worked on starting text for a potential charter based on the discussions to date.  Clearly, this is starting text and deserves discussion both on the list and in the BOF. We look forward to the upcoming BOF and from hearing from everyone's opinions on this starting point for a charter.

----------


# Background and Problem Space

The DNS protocol has traditionally had limited ability to signal to recursive resolvers about the capabilities of authoritative servers they communicate with.
In part, this stems from the inability of parents (often registries) to specify additional information about child delegations (often registrants) beyond NS, DS, and glue records.
Further complicating matters is the inability of a registrant to signal that the operation of a delegation point is being outsourced to a different operator, leaving a challenge when operators need to update parental information that is only in the control of the child.
A significant issue in today's deployed DNS that derives from these issues is data often being out of synchronization between parents and children. Said another way, children often have more up-to-date information about the nameservers and DNSSEC keying information than their parents due to slowness, or complete lack, of automated child-to-parent updates.

The Internet's dependence on the DNS as a critical starting point for most communication has resulted in the development of a complex ecosystem that consists of many different parties, business relationships, and software packages.
Software deployments exist in environments that range from small CPE devices and software packages to entire clusters of world-wide distributed server platforms.

# Objective and Scope

To address these challenges, the working group will first develop the requirements for adding a new signaling mechanism that allows parents to return DNS delegation information to resolvers.

The working group will also list the other types of information not available today that might be be provided over a designed signaling mechanism.

The working group will then define the semantics of a new signaling mechanism, taking future extensibility into account.

The first use case for this DNS delegation signalling mechanism is expected to be delegation aliasing, where the parent returns a pointer to service provider that will then return the needed delegation information.
This use case has been discussed for many years in the DNSOP and other Working Groups.

The working group will only specify extensions to the DNS protocol that relate to delegation.

# Deliverables

- A document listing the consensus-derived requirements for a new signaling mechanism between a parent and a resolver about communication parameters available for communicating with a delegated child.
This need not be published as an RFC and may remain as an Internet-draft.

- A document listing, and ideally prioritizing, new delegation attributes to be distributed from parents that would benefit resolver and child communications.
This need not be published as an RFC and may remain as an Internet-draft.

- A specification defining the new delegation attribute signaling mechanism.
This is expected to become a standards-track RFC.

- A specification for how to use the new delegation attribute signaling mechanism to perform aliasing for delegation.
This is expected to become a standards-track RFC.



--
Wes Hardaker
USC/ISI

--
dd mailing list
dd@ietf.org
https://www.ietf.org/mailman/listinfo/dd

v2.40.4 | Report a Bug | By Email | System Status