[dnsext] DNSEXT Working Group status report from Chairs

[Andrew Sullivan <ajs@shinkuro.com>]

Dear colleagues,

This is the DNSEXT Working Group status report from the Chairs.  As we
did for the meeting in Stockholm, we are undertaking this report on
the mailing list rather than at the meeting.

Please be aware that, if there are issues you want to have addressed
at the meeting and you feel they're not being addressed in this mail,
you should not hesitate to raise them.

Reminder: contributions to the WG are covered by the "Note Well"
statement, which can be found at
http://www.ietf.org/about/note-well.html.  

1.  DRAFTS PUBLISHED

    1.  draft-ietf-dnsext-dnsproxy became BCP 152, RFC 5625.  Many
    thanks to Ray Bellis for his work on the draft, and to the WG
    participants for their reviews.

    2.  draft-ietf-dnsext-dnssec-rsasha256 became RFC 5702.  Many
    thanks to Jelte Jansen for his work on this draft, and to the WG
    participants for their reviews.

Yay! for draft completion.  Let's do some more!  

2.  DRAFTS IN OR PAST WG LAST CALL

    1.  draft-ietf-dnsext-dnssec-gost.  This draft will be discussed
    in the meeting.

    2.  draft-ietf-dnsext-tsig-md5-deprecated.  This draft went
    through WGLC before Stockholm.  It's waiting for the shepherd's (Olafur)
    write-up, but it appears that some changes requested during WGLC
    require some adjustments to the IANA registry.  There is a draft
    in progress intended to help with this.

    3.  draft-ietf-dnsext-rfc2672bis-dname.  This draft had some work
    that was needed, and there was a plan to advance it to the IESG
    when another issue cropped up occasioned by work in DNSOP.
    Happily, we caught it in time.  The editors missed the meeting
    cutoff date, but posted a URL to the mailing list for reference.
    PLEASE NOTE that the shepherd (Andrew) will inititate a new WGLC
    for this document, because of the difficulty of coming to a clear
    consensus on it.  _Please_ help.

3.  ACTIVE DRAFTS  
           (ordered by number of updates, then alphabetically)

    1.  draft-ietf-dnsext-dnssec-bis-updates.  We need to come to a
    consensus once and for all on the issue of ANY versus CLOSEST
    validation, and then publish this draft.  There will be time for
    discussion on this in Hiroshima.

    2.  draft-ietf-dnsext-rfc2671bis-edns0.  The Chairs would like at
    least five volunteers to review the document.  In Dublin (!) we
    had a report that the document was done, so it would be nice to
    clear it from our plate.

    3.  draft-ietf-dnsext-dns-tcp-requirements.  This draft is part of
    a major topic discussion in the Hiroshima meeting.  

    4.  draft-ietf-dnsext-dnssec-alg-allocation.  This draft is the
    result of our request for a volunteer in Stockholm on the basis of
    discussion of algorithm allocation in that meeting.  There is time
    on the agenda to discuss it in Hiroshima.

    5.  draft-ietf-dnsext-dnssec-registry-fixes.  This draft is an
    attempt to clean up some of the registry for DNSKEY.  It is
    inspired by more than one conversation on-list.  It is urgently
    needed, and should be an easy one to review.  So if you have
    thought about contributing to the WG but think you don't have
    time, this would be a good one to pick. 

    6.  draft-ietf-dnsext-rfc3597-bis.  This is intended to advance
    the unknown RRTYPE to Draft Standard.  We've had some review
    on-list, but it needs a little more.  If you're new to the WG and
    interested in contributing, this is an excellent place to start!

4.  EXPIRED DRAFTS

    draft-ietf-dnsext-axfr-clarify has expired, but the shepherd
    (Andrew) is assured it is not dead.  Alfred Hoenes has offered to
    help bring it to a close, and current editor Ed Lewis has accepted
    the help.  Look for another version soon.  Note that this draft
    sometimes attracts the attention of someone who purports to
    operate a more honest DNSEXT mailing list.  If you want to discuss
    the draft, please be careful with your email headers:
    cross-posting to two lists by some but not all participants tends
    to make the conversation fracture quite badly.

5.  EXPERT REVIEW REQUESTS

    None.

6.  PENDING REQUESTS FOR ADOPTION BY THE WG

    1.  draft-hoffman-dnssec-ecdsa
    2.  draft-hoffman-dnssec-dsa-sha2
    3.  draft-barwood-transport-signal

There is a short agenda slot for discussion of these items.  WG
process rules require that we later have at least 5 reviewers who are
willing to state that they have read the document, and that they
support its advancement, in order that we send such a document to the
IESG as a product of the WG.  Therefore, we have a convention that we
won't accept a document as a WG item unless there are at least 5, and
preferably more, volunteers who say they will read and review the
document.  Your names will be taken if you volunteer.

7.  FOLLOW-UP ITEMS FROM IETF-75

No progress has been made on an effort to integrate
draft-wijngaards-dnsext-resolver-side-mitigation,
draft-barwood-dnsext-fr-resolver-mitigations, and possibly other
ideas.  Part of the reason for this was the lukewarm reaction to any
option in Stockholm, so the Chairs have not felt a great urgency here.

There was adequate support for including things like
draft-kerr-ixfr-only-00 in the WG's mandate, so the WG Charter
includes the item, "Improving DNS zone synchronization mechanisms".  

The Chairs ensured the Charter includes "Maintaining a Wiki containing
a guide to DNS protocol RFC's", but did not get any further along the
path actually to setting this up.  (The tools page includes this
facility, so it is simply for want of time that we haven't chased this
down.)

Patrik Faltstrom ruled that the WG's will was both not to add
draft-crocker-dnssec-algo-signal at this time, and that it ought to be
a WG item in case there comes to be a mechanism for easier addition of
DNSKEY algorithms.

8.  OTHER WG ADMINISTRATIVE ITEMS

The WG's mailing list, namedroppers@ops.ietf.org, has had a number of
somewhat painful failures over the period since Stockholm.  Part of
the problem is that the services at ops.ietf.org is operated by
generous volunteers (including Randy Bush and Rob Austein).  Those
volunteers have day jobs, and are therefore not standing by when
something happens, even thoughthey've been terrifically responsive to our
trouble reports.  In addition, the software that is used to host the
namedroppers mailing list is awkward to administer if you do not have
shell access to the host machine, and only one of the Chairs has such
access.  This makes timely response to trouble a little harder than it
otherwise might be

The IETF operates mailing list software to run the mailing lists for
IETF WGs.  Meeting fees go partly to pay for that operation.  There's
been a certain amount of pressure, but not yet an insistence, from the
IESG to move all lists to the IETF-operated systems.  We have
therefore reluctantly concluded that we need to host the DNSEXT
mailing list at the IETF.  We are not unaware of the irony of the IETF
consolidating its operations using a single platform.

Our current plan is to export the subscriber list of namedroppers, and
import it into a new list hosted at the IETF servers.  We anticipate
that the WG's mailing list will be just the WG name at the new server
-- that is, dnsext@ietf.org.  We will not delete the
namedroppers@ops.ietf.org list name, but forward mail sent to that
list to the new list.  This will mean that the old list name will be
available for resurrection when the WG shuts down [yes, yes, I know,
but we can all dream --A].  When the cutover happens, the plan is not
that everyone gets two copies of every mail, but please be
understanding if there are glitches.

We do not have an exact timetable for this work, but you should expect
to see announcements about it shortly after the Hiroshima meeting.
Having discussed this with other WG Chairs, it appears to be a
relatively painless process.  We are benefitting from being among the
"laggards".  

We are extremely grateful for the long-lasting and continued support
from the volunteer operators and administrators of ops.ietf.org.
Thank you very much!


Respectfully submitted,

Andrew (for the Chairs)


-- 
Andrew Sullivan
ajs@shinkuro.com
Shinkuro, Inc.