Re: [dnsext] Re: Time-line for forgery resilience phase #2
Ólafur Guðmundsson /DNSEXT chair <ogud@ogud.com> Wed, 12 November 2008 15:33 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B9493A6B3F; Wed, 12 Nov 2008 07:33:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.202
X-Spam-Level: *
X-Spam-Status: No, score=1.202 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KYwMSucTUc9s; Wed, 12 Nov 2008 07:33:22 -0800 (PST)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 65DBB3A6B01; Wed, 12 Nov 2008 07:33:22 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1L0HcS-000Edl-7o for namedroppers-data@psg.com; Wed, 12 Nov 2008 15:27:00 +0000
Received: from [66.92.146.20] (helo=stora.ogud.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <ogud@ogud.com>) id 1L0HcM-000EdF-SA for namedroppers@ops.ietf.org; Wed, 12 Nov 2008 15:26:57 +0000
Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.2/8.14.2) with ESMTP id mACFQvDs036861 for <namedroppers@ops.ietf.org>; Wed, 12 Nov 2008 10:26:58 -0500 (EST) (envelope-from ogud@ogud.com)
Message-Id: <200811121526.mACFQvDs036861@stora.ogud.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Wed, 12 Nov 2008 10:26:08 -0500
To: namedroppers@ops.ietf.org
From: Ólafur Guðmundsson /DNSEXT chair <ogud@ogud.com>
Subject: Re: [dnsext] Re: Time-line for forgery resilience phase #2
In-Reply-To: <200810172024.m9HKOaMV058562@stora.ogud.com>
References: <200810172024.m9HKOaMV058562@stora.ogud.com>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="=====================_68823973==.ALT"
X-Scanned-By: MIMEDefang 2.64 on 10.20.30.4
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
Dear colleagues
It has been rather quiet on the mailing list on this topic.
So far only 3 people have volunteered to be on the design team.
Nicholas Weaver
Matt Larson
David Blacka
The chairs are looking for a design team that includes people from
different backgrounds and experiences. In particular we are looking
for volunteers from the ISP and non-TLD authorative server side.
(contact me privately if you want to be included, only vetted volunteers
will get the magic email telling them the location of the design team
gathering).
If you think this effort is important, please volunteer, or say on the
mailing list what your "solution space would look like" as a template for
the design team to look at.
In addition if there are operational practices that we should recommend please
put them forward as well.
thanks
Olafur
At 15:24 17/10/2008, Ólafur Guðmundsson /DNSEXT wrote:
>Dear colleagues,
>
>Thank you for taking the suggestions below to heart and following the plan.
>
>At this point we have following drafts submitted:
>
>http://tools.ietf.org/id/draft-barwood-dnsext-fr-resolver-mitigations-04.txt
> http://tools.ietf.org/id/draft-reid-dnsext-aleatoric-00.txt
> http://tools.ietf.org/id/draft-weaver-dnsext-fr-comprehensive-00.txt
>
>http://tools.ietf.org/id/draft-wijngaards-dnsext-resolver-side-mitigation-00.txt
> http://tools.ietf.org/html/draft-hubert-ulevitch-edns-ping-00
> http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
>
>If we forgot any please reply to this message with the link for the draft.
>
>The forum is now open for discussion.
>We propose that you start a new thread for each subject rather than just reply
>to this message, in the Subject line put
> FR: Topic
>
>As far as we can tell the ideas contained in the drafts can be summarized into
>following rough categories:
> Packet acceptance
> Data admission
> Data integrity checks
> Attack detection
>
>Please use these words in your messages to facilitate clearer understanding.
>Feel free to propose new categories.
>
>In Minneapolis the WG is scheduled to meet on Tuesday afternoon.
>The chairs have asked for a small meeting room on Monday (during one
>of the first 2 sessions) and on Tuesday morning for a "design" team to meet.
>If you want to be invited to these meetings send us an e-mail, we want to
>get a broad balance of expertise and experience in that room.
>The "design" team will present the recommendations (if any) at the
>Working Group meeting.
>
> Olafur and Andrew
>
>At 12:22 04/09/2008, Ólafur Guðmundsson /DNSEXT wrote:
>
>
>>The WG has had 2 months to learn about the issues and kick ideas around.
>>At this point the discussion has reach the point of diminishing returns.
>>The discussion needs to become more focused!
>>
>>The chairs propose following plan to make progress:
>>0. Discussion on namedroppers on ideas without drafts comes to an end.
>> If you need to ask a clarifying question, please put the tag [CLARIFY] in
>> your Subject: line.
>>
>>1. By September 30'th everyone that has ideas they want to share
>> should have an ID published.
>> suggested names for drafts: draft-<editor>-dnsext-fr-<name>-xx.txt
>>
>>2. During October the WG will discuss the ideas and recommendations from the
>> drafts. Editors are encouraged to update their drafts frequently during
>> this window based on the discussions.
>>
>>3. During November the WG will select from the ideas on what to recommend as
>> the extended Forgery Resilience approach.
>> The chairs plan to have a special session early in the week at the IETF
>> meeting for interested parties to hash out what makes sense.
>> Recommendations from that session will be proposed to the WG at
>> the official WG meeting.
>>
>>4. If the WG does not reach a rough consensus by late November the chairs
>> may form a design team to come up with a recommendation.
>>
>>5. An official WG document(s) will be submitted no later than early
>> December.
>> (we will need editors for this document(s))
>>
>>6. By late January we will have WGLC on the document(s).
>> The document(s) will be advanced to the IESG by March 1'st.
>>
>>Based on this plan, please stop all Forgery
>>Resilience (FR) discussion right now.
>>If you are not writing down your FR ideas in a draft,
>>please review and comment on the following WG last calls:
>>
>>http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01190.html
>>http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01430.html
>>
>> Olafur and Andrew
- Time-line for forgery resilience phase #2 Ólafur Guðmundsson /DNSEXT chair
- [dnsext] Re: Time-line for forgery resilience pha… Ólafur Guðmundsson /DNSEXT chair
- [dnsext] Re: Time-line for forgery resilience pha… Stephane Bortzmeyer
- Re: [dnsext] Re: Time-line for forgery resilience… Ólafur Guðmundsson /DNSEXT chair
- Re: [dnsext] Re: Time-line for forgery resilience… bert hubert
- Re: [dnsext] Re: Time-line for forgery resilience… Nicholas Weaver
- Re: [dnsext] Re: Time-line for forgery resilience… Nicholas Weaver
- Re: [dnsext] Re: Time-line for forgery resilience… Otmar Lendl
- RE: [dnsext] Re: Time-line for forgery resilience… Antoin Verschuren