[DNSOP] Fwd: Re: [dnsext] Re: Time-line for forgery resilience phase #2
Ólafur Guðmundsson /DNSEXT chair <ogud@ogud.com> Wed, 12 November 2008 15:58 UTC
Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@lists.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CD3ED3A6A6E; Wed, 12 Nov 2008 07:58:26 -0800 (PST)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5CD993A6A6E for <dnsop@core3.amsl.com>; Wed, 12 Nov 2008 07:58:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.15
X-Spam-Level:
X-Spam-Status: No, score=0.15 tagged_above=-999 required=5 tests=[AWL=1.052, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hbsBHHZfec-K for <dnsop@core3.amsl.com>; Wed, 12 Nov 2008 07:58:24 -0800 (PST)
Received: from stora.ogud.com (stora.ogud.com [66.92.146.20]) by core3.amsl.com (Postfix) with ESMTP id 78CE63A67F0 for <dnsop@ietf.org>; Wed, 12 Nov 2008 07:58:23 -0800 (PST)
Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.2/8.14.2) with ESMTP id mACFwR1u037048 for <dnsop@ietf.org>; Wed, 12 Nov 2008 10:58:28 -0500 (EST) (envelope-from ogud@ogud.com)
Message-Id: <200811121558.mACFwR1u037048@stora.ogud.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Wed, 12 Nov 2008 10:57:37 -0500
To: dnsop@ietf.org
From: Ólafur Guðmundsson /DNSEXT chair <ogud@ogud.com>
Mime-Version: 1.0
X-Scanned-By: MIMEDefang 2.64 on 10.20.30.4
Subject: [DNSOP] Fwd: Re: [dnsext] Re: Time-line for forgery resilience phase #2
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2070404514=="
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org
I'm forwarding this message to DNSOP as DNSEXT is looking for people with operational experiences to help formulate a possible Forgery Resilience changes to DNS protocol and practices. For people not on namedroppers here are some background messages: http://psg.com/lists/namedroppers/namedroppers.2008/msg01131.html http://psg.com/lists/namedroppers/namedroppers.2008/msg01677.html thanks Olafur >Date: Wed, 12 Nov 2008 10:26:08 -0500 >To: namedroppers@ops.ietf.org >From: Ólafur Guðmundsson /DNSEXT > chair <ogud@ogud.com> >Subject: Re: [dnsext] Re: Time-line for forgery resilience phase #2 >List-ID: <namedroppers.ops.ietf.org> > >Dear colleagues >It has been rather quiet on the mailing list on this topic. >So far only 3 people have volunteered to be on the design team. > Nicholas Weaver > Matt Larson > David Blacka >The chairs are looking for a design team that includes people from >different backgrounds and experiences. In particular we are looking >for volunteers from the ISP and non-TLD authorative server side. >(contact me privately if you want to be included, only vetted volunteers >will get the magic email telling them the location of the design team >gathering). > >If you think this effort is important, please volunteer, or say on the >mailing list what your "solution space woulFrom dnsop-bounces@ietf.org Wed Nov 12 07:58:26 2008 Return-Path: <dnsop-bounces@ietf.org> X-Original-To: dnsop-archive@optimus.ietf.org Delivered-To: ietfarch-dnsop-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CD3ED3A6A6E; Wed, 12 Nov 2008 07:58:26 -0800 (PST) X-Original-To: dnsop@core3.amsl.com Delivered-To: dnsop@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5CD993A6A6E for <dnsop@core3.amsl.com>; Wed, 12 Nov 2008 07:58:25 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.15 X-Spam-Level: X-Spam-Status: No, score=0.15 tagged_above=-999 required=5 tests=[AWL=1.052, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hbsBHHZfec-K for <dnsop@core3.amsl.com>; Wed, 12 Nov 2008 07:58:24 -0800 (PST) Received: from stora.ogud.com (stora.ogud.com [66.92.146.20]) by core3.amsl.com (Postfix) with ESMTP id 78CE63A67F0 for <dnsop@ietf.org>; Wed, 12 Nov 2008 07:58:23 -0800 (PST) Received: from Puki.ogud.com (nyttbox.md.ogud.com [10.20.30.4]) by stora.ogud.com (8.14.2/8.14.2) with ESMTP id mACFwR1u037048 for <dnsop@ietf.org>; Wed, 12 Nov 2008 10:58:28 -0500 (EST) (envelope-from ogud@ogud.com) Message-Id: <200811121558.mACFwR1u037048@stora.ogud.com> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Wed, 12 Nov 2008 10:57:37 -0500 To: dnsop@ietf.org From: =?iso-8859-1?Q?Ólafur?= =?iso-8859-1?Q?_Guðmundsson?= /DNSEXT chair <ogud@ogud.com> Mime-Version: 1.0 X-Scanned-By: MIMEDefang 2.64 on 10.20.30.4 Subject: [DNSOP] Fwd: Re: [dnsext] Re: Time-line for forgery resilience phase #2 X-BeenThere: dnsop@ietf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe> List-Archive: <http://www.ietf.org/pipermail/dnsop> List-Post: <mailto:dnsop@ietf.org> List-Help: <mailto:dnsop-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe> Content-Type: multipart/mixed; boundary="======= 70404514=" Sender: dnsop-bounces@ietf.org Errors-To: dnsop-bounces@ietf.org
I'm forwarding this message to DNSOP as DNSEXT is looking for people with operational experiences to help formulate a possible Forgery Resilience changes to DNS protocol and practices. For people not on namedroppers here are some background messages: http://psg.com/lists/namedroppers/namedroppers.2008/msg01131.html http://psg.com/lists/namedroppers/namedroppers.2008/msg01677.html thanks Olafur >Date: Wed, 12 Nov 2008 10:26:08 -0500 >To: namedroppers@ops.ietf.org >From: Ólafur Guðmundsson /DNSEXT > chair <ogud@ogud.com> >Subject: Re: [dnsext] Re: Time-line for forgery resilience phase #2 >List-ID: <namedroppers.ops.ietf.org> > >Dear colleagues >It has been rather quiet on the mailing list on this topic. >So far only 3 people have volunteered to be on the design team. > Nicholas Weaver > Matt Larson > David Blacka >The chairs are looking for a design team that includes people from >different backgrounds and experiences. In particular we are looking >for volunteers from the ISP and non-TLD authorative server side. >(contact me privately if you want to be included, only vetted volunteers >will get the magic email telling them the location of the design team >gathering). > >If you think this effort is important, please volunteer, or say on the >mailing list what your "solution space wod look like" as a template for >the design team to look at. > >In addition if there are operational practices >that we should recommend please >put them forward as well. > > thanks > Olafur > >At 15:24 17/10/2008, Ólafur Guðmundsson /DNSEXT wrote: > >>Dear colleagues, >> >>Thank you for taking the suggestions below to heart and following the plan. >> >>At this point we have following drafts submitted: >> >>http://tools.ietf.org/id/draft-barwood-dnsext-fr-resolver-mitigations-04.txt >> http://tools.ietf.org/id/draft-reid-dnsext-aleatoric-00.txt >> http://tools.ietf.org/id/draft-weaver-dnsext-fr-comprehensive-00.txt >> >>http://tools.ietf.org/id/draft-wijngaards-dnsext-resolver-side-mitigation-00.txt >> >> http://tools.ietf.org/html/draft-hubert-ulevitch-edns-ping-00 >> http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 >> >>If we forgot any please reply to this message with the link for the draft. >> >>The forum is now open for discussion. >>We propose that you start a new thread for each >>subject rather than just reply >>to this message, in the Subject line put >> FR: Topic >> >>As far as we can tell the ideas contained in >>the drafts can be summarized into >>following rough categories: >> Packet acceptance >> Data admission >> Data integrity checks >> Attack detection >> >>Please use these words in your messages to facilitate clearer understanding. >>Feel free to propose new categories. >> >>In Minneapolis the WG is scheduled to meet on Tuesday afternoon. >>The chairs have asked for a small meeting room on Monday (during one >>of the first 2 sessions) and on Tuesday morning for a "design" team to meet. >>If you want to be invited to these meetings send us an e-mail, we want to >>get a broad balance of expertise and experience in that room. >>The "design" team will present the recommendations (if any) at the >>Working Group meeting. >> >> Olafur and Andrew >> >>At 12:22 04/09/2008, Ólafur Guðmundsson /DNSEXT wrote: >> >> >>>The WG has had 2 months to learn about the issues and kick ideas around. >>>At this point the discussion has reach the point of diminishing returns. >>>The discussion needs to become more focused! >>> >>>The chairs propose following plan to make progress: >>>0. Discussion on namedroppers on ideas without drafts comes to an end. >>> If you need to ask a clarifying question, >>> please put the tag [CLARIFY] in >>> your Subject: line. >>> >>>1. By September 30'th everyone that has ideas they want to share >>> should have an ID published. >>> suggested names for drafts: draft-<editor>-dnsext-fr-<name>-xx.txt >>> >>>2. During October the WG will discuss the ideas and recommendations from the >>> drafts. Editors are encouraged to update their drafts frequently during >>> this window based on the discussions. >>> >>>3. During November the WG will select from the ideas on what to recommend as >>> the extended Forgery Resilience approach. >>> The chairs plan to have a special session early in the week at the IETF >>> meeting for interested parties to hash out what makes sense. >>> Recommendations from that session will be proposed to the WG at >>> the official WG meeting. >>> >>>4. If the WG does not reach a rough consensus by late November the chairs >>> may form a design team to come up with a recommendation. >>> >>>5. An official WG document(s) will be submitted no later than early >>> December. >>> (we will need editors for this document(s)) >>> >>>6. By late January we will have WGLC on the document(s). >>> The document(s) will be advanced to the IESG by March 1'st. >>> >>>Based on this plan, please stop all Forgery >>>Resilience (FR) discussion right now. >>>If you are not writing down your FR ideas in a draft, >>>please review and comment on the following WG last calls: >>> >>>http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01190.html >>>http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01430.html >>> >>> uld look like" as a template for >the design team to look at. > >In addition if there are operational practices >that we should recommend please >put them forward as well. > > thanks > Olafur > >At 15:24 17/10/2008, Ólafur Guðmundsson /DNSEXT wrote: > >>Dear colleagues, >> >>Thank you for taking the suggestions below to heart and following the plan. >> >>At this point we have following drafts submitted: >> >>http://tools.ietf.org/id/draft-barwood-dnsext-fr-resolver-mitigations-04.txt >> http://tools.ietf.org/id/draft-reid-dnsext-aleatoric-00.txt >> http://tools.ietf.org/id/draft-weaver-dnsext-fr-comprehensive-00.txt >> >>http://tools.ietf.org/id/draft-wijngaards-dnsext-resolver-side-mitigation-00.txt >> >> http://tools.ietf.org/html/draft-hubert-ulevitch-edns-ping-00 >> http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 >> >>If we forgot any please reply to this message with the link for the draft. >> >>The forum is now open for discussion. >>We propose that you start a new thread for each >>subject rather than just reply >>to this message, in the Subject line put >> FR: Topic >> >>As far as we can tell the ideas contained in >>the drafts can be summarized into >>following rough categories: >> Packet acceptance >> Data admission >> Data integrity checks >> Attack detection >> >>Please use these words in your messages to facilitate clearer understanding. >>Feel free to propose new categories. >> >>In Minneapolis the WG is scheduled to meet on Tuesday afternoon. >>The chairs have asked for a small meeting room on Monday (during one >>of the first 2 sessions) and on Tuesday morning for a "design" team to meet. >>If you want to be invited to these meetings send us an e-mail, we want to >>get a broad balance of expertise and experience in that room. >>The "design" team will present the recommendations (if any) at the >>Working Group meeting. >> >> Olafur and Andrew >> >>At 12:22 04/09/2008, Ólafur Guðmundsson /DNSEXT wrote: >> >> >>>The WG has had 2 months to learn about the issues and kick ideas around. >>>At this point the discussion has reach the point of diminishing returns. >>>The discussion needs to become more focused! >>> >>>The chairs propose following plan to make progress: >>>0. Discussion on namedroppers on ideas without drafts comes to an end. >>> If you need to ask a clarifying question, >>> please put the tag [CLARIFY] in >>> your Subject: line. >>> >>>1. By September 30'th everyone that has ideas they want to share >>> should have an ID published. >>> suggested names for drafts: draft-<editor>-dnsext-fr-<name>-xx.txt >>> >>>2. During October the WG will discuss the ideas and recommendations from the >>> drafts. Editors are encouraged to update their drafts frequently during >>> this window based on the discussions. >>> >>>3. During November the WG will select from the ideas on what to recommend as >>> the extended Forgery Resilience approach. >>> The chairs plan to have a special session early in the week at the IETF >>> meeting for interested parties to hash out what makes sense. >>> Recommendations from that session will be proposed to the WG at >>> the official WG meeting. >>> >>>4. If the WG does not reach a rough consensus by late November the chairs >>> may form a design team to come up with a recommendation. >>> >>>5. An official WG document(s) will be submitted no later than early >>> December. >>> (we will need editors for this document(s)) >>> >>>6. By late January we will have WGLC on the document(s). >>> The document(s) will be advanced to the IESG by March 1'st. >>> >>>Based on this plan, please stop all Forgery >>>Resilience (FR) discussion right now. >>>If you are not writing down your FR ideas in a draft, >>>please review and comment on the following WG last calls: >>> >>>http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01190.html >>>http://ops.ietf.org/lists/namedroppers/namedroppers.2008/msg01430.html >>> >>> Olafur and Andrew
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] Fwd: Re: [dnsext] Re: Time-line for forge… Ólafur Guðmundsson /DNSEXT chair