IETF Logo Mail Archive

[hackathon] IETF 119 Hackathon: Rapid and automatic synchronization of DNS delegation data between child and parent

Johan Stenstam <johan.stenstam@internetstiftelsen.se> Fri, 08 March 2024 11:23 UTC

Return-Path: <johan.stenstam@internetstiftelsen.se>
X-Original-To: hackathon@ietfa.amsl.com
Delivered-To: hackathon@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6C5BC14F614; Fri, 8 Mar 2024 03:23:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level:
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=internetstiftelsen.se
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hUKnk7wFs0b6; Fri, 8 Mar 2024 03:23:19 -0800 (PST)
Received: from GVZP280CU001.outbound.protection.outlook.com (mail-swedencentralazon11021007.outbound.protection.outlook.com [52.101.75.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BC2DC14F60E; Fri, 8 Mar 2024 03:23:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X3xn/Q+FpdCYtpqqAEv2FpnkCw2rntrYXS9nt/oQ97ZMhoYFZVctfaLE2/C8SCblfviiYHooKPpspHIodyU0bZqCtPQ8RZ8WLh2bMdfQuaTy/Qig9Y06P/KzwAmKvRyc7CKQa+dquUbGL8LXrxmjEpssY6Qv7T7U3/Wk7Aj6DDIXKjhV0m9QVI6DK4aweLbm9fQGEMebgtXy8iinj6IsJ4TMuNukw2khgeNFqeHFufGt1zqKt/AD3AYAfxk0HJEVO2kAS063A2ZqWAEnuUqrBRm8i4SRV8DHbDhCFpsNBaN9jvAteP4KfTDhxshSF8oEakGAp7iubwXBiCZs12ooVQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iDFPbQLdGPavDm9DTDi9hpE3jFeanArUThVtytBUdnU=; b=eTyqJ87kr6OslfkO101Pv4Iq+67uhxCp1gP7CH9UfMJkPyxExqygjwbHhUPW3+B/Un89Ol6I4eRICXqbbgsdNbqHOLR0/kLerkhUs9hVf0vERCEdZGDoCo11dMyQklrwn9baE3WANjXCTALXSRCUGS1Y/Jnhs26tTCTGHnIB+kRKbWRGWMTVskm+7E2pz+WhjCkVzEyYDuT+bIaMl9aS4ebBx9Yqn8dCy6JrHRj+fWrSpXrNBq52o0603OV+pD4r1Tf+Hb+YcHVhMUrl8pH7jgSPRsHN7tCIcR0qA0lEn7uyLpGBG3OftzPc6j4BR6Zhu8/CbEsqtgTIzA4D5JZ0mw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internetstiftelsen.se; dmarc=pass action=none header.from=internetstiftelsen.se; dkim=pass header.d=internetstiftelsen.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=internetstiftelsen.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iDFPbQLdGPavDm9DTDi9hpE3jFeanArUThVtytBUdnU=; b=IuVWbh5rdPTeT/Nd/xBQwvaAot7gKSxLUNsqsbR7rCCj2tD31hS6gjNlFunwRxE6OqaZbtiqdX1eu+yveZhCnePsPnJoRSpRvDo1UMkCK2kBNs/DtF4SQDrBjvveKlyWNegQWoDb6Cgj9WQXmKu1DN0n+N4vIh0BBxZ/MJ+0ByqGz8O1rXcmi/2jZG06lMWpWPsN433w6zOebFYxT5Y8viYrfvlNxEX8tOJPB/RAEycyb12WHu4VGe23yw8FCCFSy2qe7bv/tzopBDPz2zVq9OFeKunT8tsemoijD9wJff6AtQRcSSWrdgTi7P08GlDaJtu3SJFbk6hcdTzJhBFQ8A==
Received: from GVYP280MB0112.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:1b::5) by MM0P280MB0392.SWEP280.PROD.OUTLOOK.COM (2603:10a6:190:13::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7362.27; Fri, 8 Mar 2024 11:23:12 +0000
Received: from GVYP280MB0112.SWEP280.PROD.OUTLOOK.COM ([fe80::6efa:ae42:88:6822]) by GVYP280MB0112.SWEP280.PROD.OUTLOOK.COM ([fe80::6efa:ae42:88:6822%5]) with mapi id 15.20.7362.024; Fri, 8 Mar 2024 11:23:12 +0000
From: Johan Stenstam <johan.stenstam@internetstiftelsen.se>
To: "hackathon@ietf.org" <hackathon@ietf.org>, dnsop <dnsop@ietf.org>
CC: Johan Stenstam <johan.stenstam@internetstiftelsen.se>, Peter Thomassen <peter@desec.io>
Thread-Topic: IETF 119 Hackathon: Rapid and automatic synchronization of DNS delegation data between child and parent
Thread-Index: AQHacUsBQmVsH5jJbUGk3PT1eLB4xQ==
Date: Fri, 08 Mar 2024 11:23:12 +0000
Message-ID: <49A5C3B2-65DC-41FF-A604-13F2FA3F1895@internetstiftelsen.se>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=internetstiftelsen.se;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVYP280MB0112:EE_|MM0P280MB0392:EE_
x-ms-office365-filtering-correlation-id: 22ce02aa-6311-491e-f064-08dc3f622443
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: SncQEDc9d4XSBQB5tq7BNgcM8rhXmRiQxFljl4Q5preurOARR0OHvXcH8tKGV5IKdt0hbGYXWt4Zw6uIyyzi3mh0USMMtdYADfUcivEEoUQePFyLb6TALpfcE/Fq3VGSbTSyXX/3eoqCBNmFmfu8ieqb50ymXRSO9WAAcdvpVktwy8IVcxN7zcsR9ip49bpcj2r3Zn+3nw7pI2M+Qokhyxtq31p559EGx6eM/RWoLOFhWJXXUrhmY+46xGIVK7EM+UES50bwYuIvwGDEumFm30XsusFXxZ6vVvm9Bt6Ev4mslj6xZqFMerOdFVHwdcQazqb2K5C0p4ZaoDwqGOD5gnKTCG9oxGijNwOGnzg2WFP0TBgrIS1AYJfMi6YkuBYV6S9lW9QWbTqole8FouvUFE3wTZWqlzlaz9Kjk3KW1kGcLpsx+C9Ma3SSUZehntdWBgLxQZrgy7aexOrPLVTRD5+JGkzDjzO3YTHIY16+fXrY62vVo3sBjewQ8TgAg8O4mQUZ9WiYQj3nepVQ9Zw2MFEFsZnuWUawS8P/RiRu0PFgTONEDsItjCA7+cAoNyquL4od2B+yT2v2RmUVkIzWUhxbi7xwqwtkZzvNJT3MqQUS/YupWnIvYj6rZav7GlduxPveNRTOZyg4MiLXRtGj+Cd2XSxyHpemdUlqUKUsvJo=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVYP280MB0112.SWEP280.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(38070700009); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: j9NN8b4P1YXCHQtu12A8JqXFjLGIvVUYmtDjKjw2QHrQ42xVP+nkM7pvaxH68pCMXvhweTEoBL/V2Im4flLDcRv0D/G3+NBs2B+ObRaASNrfYFzr4ILGTnssp2/hyxFVLhjaC0T54nzNNVjQ6UXij4byi/aaqaKz5U/+TK94eDM+PgXvQeUt+CnWE+XP1w6vTPB6mgKBVonGdaa15tQyKD0tOKx8AenfgOy8PBIv9LCzaci3U0yArUFcGfshLKH1elG4tq5AtfPd065MWy2YvwajTkfcZIXrzhn+2hpDeSrQemsT+RvxOFfsl6/pd+ijAJy0vQb5UrOPQbTc9cvQC2KYJPY31MYLjqBgfS1wdaAa/JAEhqviagWsHCWT1jUfjA3zB6pUby8Uouy1nLzCME4/ekTCscqA/usfdoza0qx4Zo6+IxDaPxVhmITV169/9OPogBBrBros58IQHn9UsocEttKguwPRLbedrI6ReJs6hvxHfNF8pa2JimRzZoCPrvaF3ZHGISUPePGDjqg1Qa7ZqZFVLra+62jp88NvfcPjtadmwkpVM2z6rEfTLlRy1HOKTtrJIbrFRamk3U3BsjFWNFHbGXw8RQH5uhw9BtJ9sw830hcrTYXxDFd1LyLMDLnNFjMuscutBpGt0mdy2fjCtIm0FbG90U3lyZaOx9bTtXxrcbtpE4emyegEZeDnwtdEV/GxZL3PakTDco6wLDjkxT+/8MwPK9bxUzoC+fg2ooK1ysqv9CFAXVdYzGvNrjDn9l7q7jxMYcEwHdno7RcYfwyIqwLKTxPHbWK3V3jmjOqZaxpwjRXJ/Ym2NLra0wWLAJlZKqcVUUisKngiTIbNLy0hh4LoD1TNU/WzwCe8OYTBJ2TuCaXnfJlOAws4/mqtDZ+LXTavUA+E8sWMUVstbGe+N2L27yOJLFOyM69PUMG6n5KyVlANZtENWDLmade2xDhmzkQJubao9lkEXYKyOdArcR7fQYKBJgFiJa1FzSOutXiUajK4+leHkRwh4hMUyb9HNgOZRhGFB06yM627IKo8rpJHTsh63AK78cqBnLBQZ7KVWI1mIqEv1/dex3QlLS95F+U0CyMm8zZx3Ignlw5MPwL02hkL+o942dfVh2KqhxwDq8XCHvvIlLw3zqQTVLkv6eaGC74Db2RBQ2wRf6JAXX/Oo8Pw+4jKnjuRDenjMCW/+anMcKYSvSmK+KOY0Mo5JaPnmpcfvwWkUt5noqlJj4+GsmvSH9obJ83SafkwHxKYDxJvWEROLOXzxLPYa/B5+ctdHSqByJPD6+qHzN4FJP5AzxLZksmpulj+VVkBGESy99tIEjiMGJVI9ZiuGPzzzA+d7Ou6y7KpJN7iOl9KdPVpQBuICYKFprzOloV0BlhNUWxcPTkaWVrd12ADnn3Jis3x58XjYmdBVCU+Hk5w/dndea7VH2+NojLt0dcqo4qkzViV6JwLCd88fekePWLfPq52bMGV1ouE9H49t9gkd6lnlQT6R9fXK6CqGhIoB+6ICHNcydtE3Vx8WXZSTkkQssFV4D1Wy/qI10nKwjIhBMs/wNuezxDcIr+x3fUsoBBK5HVuTB/yy1JiryqBiGBUiYDq3LYp0ImiicV67pManmtavxTOpJ7MjP0=
Content-Type: multipart/signed; boundary="Apple-Mail=_6435BFC5-8BB1-4A3C-A629-1324B014FF9E"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-OriginatorOrg: internetstiftelsen.se
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVYP280MB0112.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 22ce02aa-6311-491e-f064-08dc3f622443
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Mar 2024 11:23:12.7451 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c2aa68f8-18f3-48ae-81ba-02301d121d9a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GLk764NiI+QA6cePeyZFNSWpoOZTI6QqARkBEhWZlxv1gn2Go1IFCT/nGhAc5QWEkDyCSc5HD5RJDgk+/IGVAv4/4QofLSrnKVbr1c5r9X9n/cyfyuOXSKAhUg//8fGB
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MM0P280MB0392
Archived-At: <https://mailarchive.ietf.org/arch/msg/hackathon/eu58zyv5rg8SY9EoLZh9pDRpTGk>
Subject: [hackathon] IETF 119 Hackathon: Rapid and automatic synchronization of DNS delegation data between child and parent
X-BeenThere: hackathon@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion regarding past, present, and future IETF hackathons." <hackathon.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hackathon>, <mailto:hackathon-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hackathon/>
List-Post: <mailto:hackathon@ietf.org>
List-Help: <mailto:hackathon-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hackathon>, <mailto:hackathon-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2024 11:23:23 -0000

Hi all,

I added a project to the Hackathon wiki for IETF 119 last week and I’ve now finished the preparations (cleaning up and making code open-source, more detailed project specifications, etc).

The goal of the project is to enhance a small, but functional, authoritative DNS name server with everything needed to achieve rapid and fully automated synchronisation of delegation information between child zone and parent. We will base the design on the two drafts:

  - draft-ietf-dnsop-generalized-notify
  - draft-johani-dnsop-delegation-mgmt-via-ddns

We will use the same code for both the child and the parent name server and the code (it’s written in Go) for the name server and some support tools is here: https://github <https://github/>.com/johanix/tdns/

There will be several additions needed for the child to do this:

  - detecting changes to the delegation data for the zone
  - look up parent delegation synchronization support in DNS a la the mechanism described
    in the first draft
  - choose a mechanism (assuming the parent supports it):
    - sending a generalised notify, triggering a CDS or CSYNC lookup and validation from
      the parent
    - creating and signing a DNS Update describing the change (only possible mechanism
      if the child is unsigned).

The parent also needs several new features. Please take a look at the project description https://github.com/johanix/hackathon119/ for a more complete list of the various tasks.

As there are a number of separate tasks I think there should be something for everyone with an interest in solving the really, really old DNS problem of how to automatically keep delegation information in sync.

Regards,
Johan

v2.23.0 | Report a Bug | By Email