Charter Re: [dnsext] Some reminders about IETF 78 sessions
Phillip Hallam-Baker <hallam@gmail.com> Wed, 21 July 2010 22:15 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A1B683A6986; Wed, 21 Jul 2010 15:15:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.913
X-Spam-Level:
X-Spam-Status: No, score=-0.913 tagged_above=-999 required=5 tests=[AWL=-0.418, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L8TnNq7gO2Y5; Wed, 21 Jul 2010 15:15:34 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 328313A69FB; Wed, 21 Jul 2010 15:15:32 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1ObhSf-0006Tj-KV for namedroppers-data0@psg.com; Wed, 21 Jul 2010 22:08:21 +0000
Received: from [209.85.214.180] (helo=mail-iw0-f180.google.com) by psg.com with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <hallam@gmail.com>) id 1ObhSb-0006Rv-LZ for namedroppers@ops.ietf.org; Wed, 21 Jul 2010 22:08:18 +0000
Received: by iwn8 with SMTP id 8so7824657iwn.11 for <namedroppers@ops.ietf.org>; Wed, 21 Jul 2010 15:07:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding; bh=FaIKsoK8UzF5V3CTjWE+hguu+H7IPEh4NbFQk4UIOgM=; b=Woeg9KfigMzNDtor9V+ESBshO3D/3eVYIWjYWbhF8qq+lrSgZ15I75QmQRcYqE9ptD urreN7JZZJSYTw79uNnHG3tEu0a53c+KFKSBPRp06s3kwUeKDU4i46BWhgAY0Xco2mEF jKUDCHeT47ekOodi2xYgK3Al7aGwzmzZ0i5Z8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=LdE03YfGn7aDGGCOAGGLl0dw4rwkZwcrYYbilVgyML6yODRMLqXsOZTNOzJ607ra1s oHphpbBYyi5VuHwm3xOYrc/s9PebEHcXelLa0lapoxuG4XZOsd2S7GgsWgHLRZiP+Fzk XFO/sZdXwHWnClGgJ4oNEkECpGDqcZRWgcnug=
MIME-Version: 1.0
Received: by 10.231.157.207 with SMTP id c15mr585541ibx.143.1279750071100; Wed, 21 Jul 2010 15:07:51 -0700 (PDT)
Received: by 10.231.10.76 with HTTP; Wed, 21 Jul 2010 15:07:51 -0700 (PDT)
Date: Wed, 21 Jul 2010 18:07:51 -0400
Message-ID: <AANLkTing2viCKHUUCrdkKDZa2_iJIoRnW3Fpt4LBkZ1E@mail.gmail.com>
Subject: Charter Re: [dnsext] Some reminders about IETF 78 sessions
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Andrew Sullivan <ajs@shinkuro.com>
Cc: namedroppers@ops.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
It is not clear to me quite where DNS Curve fits in the charter. While DNS Curve looks like a useful feature, it is not clear to me that it is the best way to do what it is attempting or that what it is attempting is what is most needed. I would like to look at that type of approach but starting with a look at the larger picture and requirements. For example, we have a TSIG mechanism that works fairly well except for the need to use a symmetric key as the means of authentication. If we are going to have a key exchange, wouldn't it be nice to be able to use it for both purposes? For example, why adopt ECC as the crypto mechanism? Shouldn't this be a protocol option? I can see some good arguments for using ECC in DNSSEC, shorter signatures for example. But I can also see reasons why I would much prefer to use RSA. It is not clear to me what requirements or use cases this proposal is meant to meet. That makes it difficult to evaluate the engineering choices. Is this targeted at use within a domain or across domains? I think this is work the group should look at but it is not clear to me that this is currently covered in the charter, (in part because it is not entirely clear to me what DNS Curve is meant to be). The other concrete proposal I would like to make is adding a bullet point to cover is interaction of DNSSEC and X.509 certs. It is very clear that there is an expectations gap between what informed commentators realize DNSSEC is designed to provide and what other people think it will solve. One solution to this gap is to educate people so that they understand the limitations of DNSSEC (yeah, good luck with that), a better solution is work on ways to achieve the effect they want. On Wed, Jul 21, 2010 at 3:41 PM, Andrew Sullivan <ajs@shinkuro.com> wrote: > Dear colleagues, > > The latest, revised agenda for the IETF meetings is up. Please > contact us as soon as possible if you see something either missing > that ought to be there, or something that ought not to be but is. If > you have a _new_ request for time in the meeting, I expect we will not > allow it. We asked some time ago for requests, and what you see now > is in accordance with what we received. > > CHARTER > ======= > > I note that there has been very little discussion of the draft > charter, except that we've had a couple proposals to shorten > timelines. Is there really nothing else to say on this? If so, we > can steal some time from the 25 minutes on the agenda already devoted > to the topic of the charter, and use it for the aliasing discussion > (which already threatens to take over the agenda). Is there even one > objection from anyone to any of the proposed charter (see > http://www.psg.com/lists/namedroppers/namedroppers.2010/msg01836.html > if you don't remember it), apart from the dates? If we hear nothing > before Sunday, we may adjust the agenda to take more of that 25 > minutes away. > > MEETING MATERIALS > ================= > > If you plan to speak to your draft during the session, and you have > materials you want to be up on the screen, you MUST send me those > materials by Sunday 19:00 local time for Monday's session, and by > Tuesday 19:00 local time for Wednesday's session. We will not pause > to accept new materials during the meeting, or to upload them. If we > have not posted the files prior to the meeting session, they won't go > up on the screen. You may send files to me in PowerPoint or PDF > formats. Please don't send Keynote files, because I don't believe > we'll be able to project them. > > SCRIBES AND JABBER SCRIBES > ========================== > > Anyone wishing to perform one of these invaluable services to the WG > is encouraged to contact Olafur or me (or ideally, both, at > dnsext-chairs@tools.ietf.org) in advance of the meeting to get this > sorted. If you're a new participant in the WG, this is an excellent > way to dive into participation, and I encourage you to volunteer. > (Note that your newness will also give us an even greater reason to > harass people for not speaking their names into the mics.) > > TWO SESSIONS > ============ > > A reminder that we have two sessions at this IETF meeting, but only > one of them is really devoted to detailed DNS topics. The second > session is intended to get input from the wider IETF community, so we > expect participants in the WG meetings who may not have as great a > grasp of DNS fundamentals as we might usually expect. Be nice ;-) > > Best regards, > > Andrew > > -- > Andrew Sullivan > ajs@shinkuro.com > Shinkuro, Inc. > > -- Website: http://hallambaker.com/
- Charter Re: [dnsext] Some reminders about IETF 78… Phillip Hallam-Baker