Minutes of dnsind

I didn't catch a lot of the names and may
be really off on the names of the RRs and drafts and the like.
	--asp

reworking agenda - randy's laptop does not work so went off old one
kre remembered corrections
kitchen sink not being discussed here

skip break - no coffee

purpose of group is to push things PS->DS

map

all set to go w/ testing of insecure, but problems w/ mailing list
if you think you are on the list, send map email
think know 3 implementation of dynimic update/notiffy
- notify - are 2 parts
- same with update
may have 1 example of each; prob have 2 of all of them
need independant implementation of each end
need to demo each proto is interopable w/ 2 impls of each proto
do not need to demo that update is interoperable with notify

dynamic update is kinda uless w/o notify - so testing dynamic will also
test notify
let them know if dont get email by friday

secure dynamic update - one impl in progress - tis
is one other also - rob stevens, competivive automation

need to give justification of why you want to subscribe to list or will
ignore

ohta

have mailing list w/ 10 people
2.5 implementations
martic chapple (??) - seems to be working
prati opta (??) - not yet public, doing private testing now, maybe this month
josh, doing ixfer, not done yet
hope tests to begin this month

do each of the 4 drafts have test plans?
which?  one does - map
please share the test plans publically

what is dns testing event in sj?
vixie: imc is doing an event on jan 27 in bay area
don't know why they are doing this but vixie will be there
	with several versions of bind
also microsoft will be there

someone from usoft: goal is to test on a wide scale
- test dynamic update, and dhcp/dns interaction
- hopes that there are multiple implementations
test plan?  not yet; hope to be one
report?  hope so
please do it formally so that results can be public and usable
- results will not be public
- thus is not useful for this working group


classless - iesg wants some change; waiting for new draft from authors
	issue is the / in the example
	agreement to change has been done
	mild disagreement which way to change
	change has not been done
	1101 examples should be removed
	bush: would kre/bush change the draft and get the authors to resubmit

local-names - informational
test-tlds - bcp
kitchen-sink - need time to update doc
ncache - author not here, kre speaking
	vixie: yes, is ok
	kre: we are done
	in last call
	DS
vixie on tsig
	- way to do cheap security until real thing is there
	all comments are now in or answered
	will go to last call after notice comes out
	no more comments, no more issues, will issue last call
local-compression
	peter is not here
	reading his email message
	draft is out
	implementation in progress
	modifing debugging tool in progress
	testing need guinne pig RR
	ask IANA for RR - GP
	should be more than 1 domain name in the RDATA
	maybe RP RR?
	could use the SOA....
	suggest - use SOA
	bug in section 5, will be fixed
	kre: are only 4 type codes; 2 already used, this will eat 1 more
		- is this worth it?
	there is also a canadate for other bit
	can also have all 4 bits set mean extend bit - to get 6 more bits
	bush: please bring this discussion up on the list

dns error (?)
	got comments
	authors finger pointing who to do next draft
	internationalization concerns
	dname
	other concerns
	prob at least 2 more drafts needed
	please send in more comments

donalds udp draft
	way of getting bigger udp response
	objections heard - forwarding of queries via path of servers that
		may not understand this may cause loss of data
		- problems of recursive queries
		- most queries don't need this
	use tcp instead?  overhead?
	larger udp may be less load than using tcp
	do you need to know path mtu?
	scheme may be too complex - to figure out how big a udp response
		to ask for
	vixie: on really advanced system, you might be able to find how
		big a udp socket you can use
		- but if this comes out, and makes things more
		  usable, then vendors will give us this knob
	need to specify a resonable default behaviour if you don't
		have any better info of what to use - perhaps 1280
	dnssec is the problem we are trying to solve here
		so might be possible to change the dnssec to say that
		security aware resovlers should do something like this
	vixie: 2 other concerns - are a huge base that does not look at rcode
		on queries, so if there are resolvers that send
		garbage, new server will do something whako and
		thus not work; and strict servers that do not
		implement this may ignore these queries
		- will check the root server to see they get rcode with
		  random data
	vixie has another proposal that was more complex, will look
		at merging these
	simplicity is good, but it also has to work
	vixie draft: like tsig, add rr in addition section, cache info
		no ambiguity if you get answer back
		more bits to put size, so less ambiguity
	vixie's way may be a better way of additional funcionality
	hop-by-hop or end-to-end attribute
	further discussion on the list


128bit ipv6 addr, rfc 1880 for quad RR
	view addr different, split into pieces - 8+8 or routing goop
	thus how to renumber a site & change all of the quad RRs
		- esp w/ security & having to resign all of the records
		- takes too long
	so how to change so that don't need to resign if renumber, plus
		get more than 1 prefix
	so add bit length of prefix plus pointer to the rest of the stuff
		and pointers can recurse
	should gain bits at every lookup
		- is it an error to loose?  or stay the same?
	can trade off efficiency of building data vs doing lookups
	need to make sure # of bits is not fixed
	also need to do reverse lookups
	so, should we do this?  does it make sense?
	really an ipng draft, but want feedback from dns community
	additional section should be filled in as much as possible with
		the rest of the quads
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	draft needs work
	rd length will be different from what it is now
	resolver does the combining of these to make real addr
	does this give us variable length addrs????
	can end up with more than 1 real addr as you do the combining
	name compression is unresolved issue
	ignore the d-bit hack in this stuff

d-bit (another draft)
	in-addr lookups (for above) are problems
	need to track delegation heirarchy
	keep going until you get to the host
	but need to store this delegation stuff in the dns
	stored as
		number of bits in this delegation
		owner names
		so N.N.N.N.N.N...ip6.int. Dbit M dns.name
		where NNNN is addr and M is how many more to add
		but things are in binary, not text/bcd
	this presentation was not clear
	not sure if this fits the way the we do delegations????
	where is authority break?
	is it like NS or something else?
	this idea has been around for a while

	this draft does *not* match the way that i do delegations.

	how do you do a lookup on a site local or xx local addr?

	lots of discussion ensused.

	trying to delegate on bit boundaries.
	or just do the cidrized in-addr trick (at least to all but the
	bottom nibble).
	or do bit.bit.bit.bit.....

	further discussion to the list