Minutes of DNSIND Working Group

Reported by Randy Bush, NSRC


o  Administration
o  Notify
o  Dynamic update


We will forward draft-degroot-classless-inaddr-00.txt, delegation of 
IN-ADDR on a non-octet boundary, for BCP.  The authors are working 
on a new draft.


Ask author to consider issue of IXFR optionally condensing multiple 
versions into one change.  Then send up for standard track.


o  Removed auto-discovery of "stealth servers" - instead, have a list.
o  Default list of servers: set of NS records, minus MNAME, minus self
o  Comment: leave issue of auto-discovery vs. list up to implementation.
o  Disagreement: some servers might not be notified
o  Make it a recommendation only?
o  Question about primary having an "optional" NS RR, decided once 
   again that NS RR for primary master is optional
o  Add a new definition for "listed" name servers.
o  What about lack of alternate implementations?  (Not an issue until it 
   goes from Proposed Standard to Draft Standard).  Differing 
   implementations of specific features, although all are in BIND, 
   may be reasonable.
o  ICMP network unreachables?  Ignore.  Same for host unreachable.

Dynamic update

o  Removed use of SIG RR to decouple from DNSSEC draft 
   (authentication can be added later)
o  To Protect against re-ordering:

o  Could use SOA RR for protection against non-malicious reordering, 
   but doesn't scale
o  Could use non-wildcard DELETE as "weak" protection against non-
   malicious reordering

o  SIG RRs would serve many other useful purposes: can age info in 
   authoritative servers, authentication, replay protection
o  NULL SIG RR type: need to keep it until we have a substitute
o  Suggestion: a warning label saying ADD is dangerous.  not really.
o  Suggestion: table for different RR types and what operation applies
o  Should there be a limit on # of requests over TCP connection?  
   Consensus was no.  It was felt that the draft should specify multiple 
   (quite separate) updates in a single connection.
o  Make ADDNAMENEW fail when on an empty nonterminal name 
   (you can ADDNAMEEXIST though)
o  Granularity of updates?  Single RRs, or a set?  Make it single.
o  Not all RRs in a set must have same TTLs?
o  Do changes, then issue last call