IETF
dane@jabber.ietf.org
Monday, 30 July 2012< ^ >
stpeter has set the subject to: DANE WG | http://tools.ietf.org/wg/dane/
Room Configuration

GMT+0
[14:40:27] dane joins the room
[14:41:35] dane is now known as fanf
[14:41:36] fanf is now known as dane
[14:41:36] dane is now known as fanf
[14:41:48] <fanf> UI confusion :-)
[14:44:27] fanf is now known as dane
[14:44:27] dane is now known as fanf
[14:49:30] fanf is now known as dane
[14:49:30] dane is now known as fanf
[14:54:32] fanf is now known as dane
[14:54:32] dane is now known as fanf
[14:57:37] fanf is now known as dane
[14:57:37] dane is now known as fanf
[14:59:34] fanf is now known as dane
[14:59:34] dane is now known as fanf
[15:04:36] fanf is now known as dane
[15:04:36] dane is now known as fanf
[15:09:38] fanf is now known as dane
[15:10:01] dane is now known as fanf
[15:10:02] fanf is now known as dane
[15:10:02] dane is now known as fanf
[15:14:40] fanf is now known as dane
[15:14:40] dane is now known as fanf
[15:19:41] fanf is now known as dane
[15:19:41] dane is now known as fanf
[15:24:43] fanf is now known as dane
[15:29:49] dane is now known as fanf
[15:34:52] fanf is now known as dane
[15:34:52] dane is now known as fanf
[15:39:55] fanf is now known as dane
[15:39:55] dane is now known as fanf
[15:42:39] fanf is now known as dane
[15:44:58] dane is now known as fanf
[15:50:00] fanf is now known as dane
[15:50:00] dane is now known as fanf
[15:55:03] fanf is now known as dane
[15:55:03] dane is now known as fanf
[16:00:06] fanf is now known as dane
[16:00:06] dane is now known as fanf
[16:02:38] fanf is now known as dane
[16:02:38] dane is now known as fanf
[16:05:09] fanf is now known as dane
[16:05:09] dane is now known as fanf
[16:10:12] fanf is now known as dane
[16:10:12] dane is now known as fanf
[16:10:46] fanf is now known as dane
[16:10:46] dane is now known as fanf
[16:15:14] fanf is now known as dane
[16:15:14] dane is now known as fanf
[16:20:17] fanf is now known as dane
[16:20:17] dane is now known as fanf
[16:25:20] fanf is now known as dane
[16:30:22] dane is now known as fanf
[16:30:56] fanf is now known as dane
[16:30:56] dane is now known as fanf
[16:35:25] fanf is now known as dane
[16:35:25] dane is now known as fanf
[16:38:47] PaulWouters joins the room
[16:40:27] fanf is now known as dane
[16:40:27] dane is now known as fanf
[16:45:29] fanf is now known as dane
[16:45:29] dane is now known as fanf
[16:50:31] fanf is now known as dane
[16:50:31] dane is now known as fanf
[16:50:56] fanf is now known as dane
[16:50:56] dane is now known as fanf
[16:55:33] fanf is now known as dane
[17:00:34] dane is now known as fanf
[17:05:36] fanf is now known as dane
[17:05:36] dane is now known as fanf
[17:10:37] fanf is now known as dane
[17:10:37] dane is now known as fanf
[17:12:44] fanf is now known as dane
[17:12:44] dane is now known as fanf
[17:15:39] fanf is now known as dane
[17:15:39] dane is now known as fanf
[17:20:40] fanf is now known as dane
[17:20:40] dane is now known as fanf
[17:22:45] fanf is now known as dane
[17:22:45] dane is now known as fanf
[17:25:02] fanf leaves the room
[17:25:02] dane joins the room
[17:25:44] dane is now known as fanf
[17:25:45] fanf is now known as dane
[17:25:59] dane leaves the room
[17:25:59] dane joins the room
[17:26:00] dane leaves the room
[17:28:20] fanf joins the room
[17:55:50] PaulWouters leaves the room
[17:57:42] christoffer joins the room
[18:26:39] PaulWouters joins the room
[18:30:28] christoffer leaves the room
[19:00:25] PaulWouters leaves the room
[19:01:14] PaulWouters joins the room
[19:05:06] PaulWouters leaves the room
[19:28:40] Florian Zeitz joins the room
[19:38:22] <fanf> anyone got audio working?
[19:44:43] naptee joins the room
[19:50:08] Sean Turner joins the room
[19:55:43] christoffer joins the room
[19:55:47] christoffer leaves the room
[19:56:16] Phillip Hallam-Baker joins the room
[19:56:37] christoffer joins the room
[19:56:46] Dan York joins the room
[19:59:31] <Dan York> Anyone remote?
[19:59:42] <fanf> me
[19:59:45] Andrew Sullivan joins the room
[19:59:57] <fanf> i have not been able to get audio working (404 from the streaming server)
[19:59:59] Jakob Schlyter joins the room
[20:00:27] <fanf> ah but now it has come to life
[20:00:29] sandoche joins the room
[20:00:37] <Dan York> I'll Jabber-scribe
[20:00:42] PaulWouters joins the room
[20:00:45] <fanf> thanks
[20:00:46] yoav.nir joins the room
[20:00:58] <Dan York> And I'm sitting near the mic so feel free to ask me to raise a question
[20:01:50] <Jakob Schlyter> FYI: Audio is Right channel only, intentional?
[20:02:14] <Dan York> No clue
[20:02:15] ondrej.sury joins the room
[20:02:20] <Dan York> Agenda at http://tools.ietf.org/wg/dane/agenda?item=agenda-84-dane.html
[20:03:05] <Dan York> First slides: http://tools.ietf.org/agenda/84/slides/slides-84-dane-2.pdf
[20:03:13] <Dan York> Session starting now
[20:03:19] sftcd joins the room
[20:03:37] Satoru Kanno joins the room
[20:03:49] mlepinski joins the room
[20:03:51] <Dan York> Slide 2
[20:03:53] yone joins the room
[20:03:56] barryleiba joins the room
[20:04:03] m&m joins the room
[20:04:06] <ondrej.sury> Jabber is at dane@jabber.ietf.org <mailto:dane@jabber.ietf.org> and not dane@ietf.jabber.org <mailto:dane@ietf.jabber.org> if you haven't noticed yet :)
[20:04:06] <Dan York> Slide 3
[20:04:07] resnick joins the room
[20:04:13] <fanf> hmm didn't ondrej send an updated agenda which included draft-fanf-dane-mua?
[20:04:35] <ondrej.sury> I think the presentations have been merged
[20:04:39] <Dan York> Sign the blue sheets
[20:04:59] mrex-ietf joins the room
[20:05:01] <Dan York> Slide - Agenda Bashing
[20:05:04] jinmei joins the room
[20:05:31] <ondrej.sury> Yup, it's smtp & mua in one nice package
[20:05:34] AK joins the room
[20:05:43] Hugo Kobayashi joins the room
[20:05:56] <fanf> ok (that is how i did the slides so it makes sense)
[20:06:08] <Dan York> http://tools.ietf.org/agenda/84/slides/slides-84-dane-1.pdf
[20:06:09] David Cooper joins the room
[20:06:29] <Dan York> draft-fanf-dane-smtp
draft-fanf-dane-mua
[20:06:36] <Dan York> Paul Hoffman
[20:06:59] Cheevarat joins the room
[20:07:40] richard.barnes joins the room
[20:07:41] <fanf> i am
[20:07:45] <Dan York> Yep
[20:07:53] <Dan York> I relayed that to the room (although not at the mic)
[20:08:25] Peter Yee joins the room
[20:09:10] ykjung joins the room
[20:09:34] <Dan York> Slide 2 - draft-fanf-dane-smtp
[20:09:57] <Dan York> (grumble about slides missing numbers.... makes it hard to relay to remote people where we are)
[20:10:06] <fanf> sorry!
[20:10:27] <Sean Turner> we appreciate the effort
[20:10:35] <fanf> aside: paul is explaining this very well
[20:10:50] AK leaves the room
[20:10:51] <Dan York> No worries... you're not alone, Tony. :-)
[20:11:22] <Dan York> slide 3 - draft-fanf-dane-smtp - sections 3 & 4
[20:11:47] fneves joins the room
[20:13:13] <Dan York> Next slide: draft-fanf-dane-smtp - sections 5 & 6
[20:14:37] choimh joins the room
[20:15:05] fdupont joins the room
[20:15:19] <Dan York> Just finished draft-fanf-dane-smtp - sections 5 & 6
[20:15:45] <Dan York> Pete Resnick at mic
[20:15:56] <Dan York> Line forming at mic
[20:16:18] fanf laughs
[20:16:41] fdupont leaves the room: Computer went to sleep
[20:17:24] <fanf> question for pete: does he think the approach in the draft is right? especially the rationale
[20:18:15] <fanf> which is supposed to answer the comments he is making right now
[20:18:17] Karen O'Donoghue joins the room
[20:18:19] <Dan York> someone at mic
[20:18:29] <fanf> name at the mic?
[20:18:31] <Dan York> Alec?
[20:18:34] <ondrej.sury> Alexey Melnikov
[20:18:38] <Karen O'Donoghue> Alexey
[20:18:44] Melinda joins the room
[20:18:59] Cheevarat leaves the room
[20:18:59] <Dan York> I'll relay that question Tony
[20:19:03] <ondrej.sury> Paul Wouters
[20:19:06] <Sean Turner> ah good the mail guys are there - this cut down on the coordination time ;)
[20:19:29] <fanf> comment to alexey about transmitted: it is added by the client whereas received is added by the client
[20:19:49] <Dan York> any other remote comments while i go to the mic?
[20:20:08] <Dan York> Andrew Sullivan at mic
[20:21:47] liman joins the room
[20:22:10] <fanf> yes that's roughly what the draft intends to do
[20:23:01] <Dan York> Tony - sorry... I think you meant to say "received is added by the server", right?
[20:23:05] <fanf> sorry received added by server but someone else made that correction for me
[20:23:09] <Dan York> Right
[20:23:16] <resnick> And there is no reason that a client can't add Received. And they do.
[20:23:25] <fanf> ok :-)
[20:23:53] <Dan York> And that was all addressed as "SMTP stuff" that didn't need to be discussed here. :-)
[20:24:21] <Dan York> Now on slide about draft-fanf-dane-mua
[20:25:17] <Dan York> Next slide: draft-fanf-dane-mua - compatibility
[20:26:17] <Dan York> Tony - as an aside, I'll say that this was quite an interesting draft to read.
[20:26:23] <Dan York> Pete Resnick at mic
[20:26:34] <fanf> although paul says MX and SRV indirection is different, i have tried to make the way they use DANE consistent - and i think my drafts are consistent with matt's xmpp draft
[20:26:49] <Dan York> "This is the part that will make me crazy." - Pete
[20:26:53] <m&m> /nod
[20:27:05] russmundy@jabber.org joins the room
[20:27:24] <Dan York> Tony - do you want me to relay that comment?
[20:28:01] <fanf> comment to pete: port number in DANE is not a problem in the way my drafts use it - in fact it is the right thing because DANE checking comes after service -> port lookup
[20:28:06] <fanf> please
[20:28:17] <Dan York> ok. in line
[20:28:28] <Dan York> Richard Barnes at mic
[20:28:52] ogud joins the room
[20:29:34] <Dan York> pete at mic
[20:30:15] <fanf> agree with pete. this is why the drafts rely on DNSSEC to secure the indirection
[20:30:30] <Dan York> Andrew Sullivan at mic
[20:30:55] <Dan York> Peter Koch is at mic
[20:31:55] <mrex-ietf> SRV looks like MX nailed to port 25
[20:32:03] AK joins the room
[20:32:45] Cheevarat joins the room
[20:32:47] <Dan York> mrex-ietf - do you want that relayed?
[20:32:50] <fanf> (sarcastic aside: oh god naptr whose idea was it to put regexes in the dns?)
[20:32:53] AK leaves the room
[20:33:01] <Dan York> Pete at mic
[20:33:48] <Dan York> Peter K at mic
[20:34:51] <Dan York> Now talking DANE for S/MIME - http://tools.ietf.org/agenda/84/slides/slides-84-dane-0.pdf
[20:34:58] <Dan York> Slide 2
[20:37:12] barryleiba leaves the room
[20:37:50] Sean Turner leaves the room
[20:37:59] <Dan York> Slide 3: The one main difference for S/MIME
[20:38:46] <Dan York> Slide 4: What should be in the doc?
[20:39:54] <Dan York> Any questions?
[20:40:08] <Dan York> Jim Chuck (?) at mic
[20:40:11] <Andrew Sullivan> I can't be bothered to struggle out to the mic, but (1) seems wrong, since if DANE is changed in some significant way we'd want the S/MIME doc to change too, right? A pointer's easier to keep correct.
[20:40:24] <ondrej.sury> Jim Schaad (not Chuck :)
[20:40:29] <Dan York> Thank you
[20:40:39] <fanf> pedantic comment: i think IMA is a much better reason for BASE32 - RFC 1035 has an example of how to escape dots in the hostmaster mail address field of SOA records
[20:40:50] <Dan York> Want that relayed, Tony?
[20:41:04] <fanf> not sure if it's interesting enough :-)
[20:41:08] <ondrej.sury> ajsaf: well, that's the question - maybe we don't want the document to be updated as well
[20:41:20] <Dan York> Mark Andrews at mic
[20:41:29] <ondrej.sury> tony: what about internationalized left hand parts?
[20:41:40] <fanf> answer to jim's question: another problem is user-defined localparts - plus-suffixes
[20:41:44] tlr joins the room
[20:42:02] <Dan York> Tony - will relay?
[20:42:07] <Dan York> Will relay.
[20:42:14] <fanf> so i expect that most deployments will use a wildcard record rather than per-user records
[20:42:31] <fanf> thanks
[20:42:34] <mrex-ietf> the username part of an email address is case-sensitive
[20:42:50] tlr leaves the room
[20:43:03] <fanf> mark's comment about normalization rules gives me a massive dose of fear and loathing :-)
[20:43:12] <mrex-ietf> (i.e. mail relay must not change it and let the end system decide)
[20:43:24] <Dan York> richard barnes at mic
[20:43:25] <Andrew Sullivan> @fanf: so it should
[20:43:45] m&m leaves the room: Disconnected: connection closed
[20:43:50] <Andrew Sullivan> I do think the "kick it to someone else" is a bad idea, though
[20:43:53] barryleiba joins the room
[20:44:39] <Andrew Sullivan> pretending this normalization issue isn't something to cope with will cause us to re-invent the IDNA problems we have
[20:45:41] tlr joins the room
[20:45:53] m&m joins the room
[20:46:02] <mrex-ietf> I'm wondering whether heuristics on the NSEC3 records would allow to discover all names in a _smimecert zone fairly efficiently
[20:46:18] <ondrej.sury> Stephen Farell at mic
[20:46:19] <Dan York> Steve (?) at mic
[20:46:27] <ondrej.sury> our AD
[20:46:37] <fanf> no i meant they would chain from the same parent cert, as someone else said
[20:46:39] <Dan York> Thank you.
[20:46:41] john.levine joins the room
[20:46:52] <resnick> Stephen.
[20:47:16] <richard.barnes> wtf is a mail vpn?
[20:47:33] <Andrew Sullivan> "A bad idea"
[20:47:34] <fanf> comment on mail VPNs - sounds like a workaround for lack of draft-fanf-dane-smtp :-)
[20:47:40] <Dan York> pete at mic
[20:47:50] tlr leaves the room
[20:48:04] <mrex-ietf> sounds like mandatory encryption with/for a limited group of recipients/participants
[20:48:24] <Dan York> Matt Miller going up to speak
[20:48:30] <Dan York> http://tools.ietf.org/agenda/84/slides/slides-84-dane-3.pdf
[20:48:45] <Dan York> Slide 2: Two problems
[20:49:24] <Dan York> Slide 3: Delegation
[20:49:47] tlr joins the room
[20:50:15] barryleiba leaves the room
[20:50:36] <Dan York> Slide 4: DNSSEC Helps...
[20:52:05] <Dan York> Slide 5: Identity Verification
[20:52:20] <Dan York> Slide 6: Prooftypes
[20:53:26] <Dan York> BTW, draft being discussed is http://tools.ietf.org/html/draft-miller-xmpp-dnssec-prooftype-02
[20:53:45] <Dan York> Slide 7: DANE Prooftype
[20:54:00] <Dan York> Slide 8: Virtual Hosting
[20:54:06] <Dan York> Any questions from remote?
[20:54:09] barryleiba joins the room
[20:54:20] sandoche leaves the room
[20:54:52] <Dan York> All this is being discussed in the XMPP working group
[20:54:59] m&m leaves the room: Disconnected: connection closed
[20:55:06] <Dan York> Pete Resnick going to mic
[20:55:50] <Dan York> XMPP is tomorrow at 1520-1650 Afternoon Session II
[20:55:56] <Dan York> in Georgia A
[20:56:11] <fanf> just a comment that this delegation problem is exactly the same for mail - or worse because of the deployed base of many virtual domains on mail hosting providers
[20:56:23] <Dan York> Will relay
[20:56:28] <Dan York> Richard Barnes at mic
[20:56:36] <Dan York> Peter Koch is next, followed by me
[20:56:57] <fanf> comment to pete: this is what i tried to explain this in my rationales
[20:57:05] <Dan York> k
[20:57:07] <ondrej.sury> not sure if it's that much worse. Google Apps do jabber hosting as well, so same problem there.
[20:57:24] Phillip Hallam-Baker leaves the room
[20:57:59] <fanf> agree with current speaker before peter koch
[20:58:21] clarkzilla joins the room
[20:58:31] <ondrej.sury> Pete Resnick replies to Peter Koch
[20:59:18] <ondrej.sury> Peter Koch again
[20:59:42] <Dan York> Richard Barnes
[20:59:56] <fanf> i think peter koch is arguing that you can't trust anything you get from the dns
[21:00:09] <ondrej.sury> his usual argument :)
[21:00:18] <ondrej.sury> Pete now
[21:01:08] <fanf> violent agreement with pete
[21:01:30] <Andrew Sullivan> I think pr is saying "none of us in apps care about this" mostly because so far you haven't been able to rely on the DNS data.
[21:02:02] <fanf> no i think its more that if an attacker has control over your dns, then you have already lost
[21:02:05] <Andrew Sullivan> I predict that if all this DNSSEC-secured infrastructure gets going, the next thing we'll have to do is be able to show that the data in the zone _is_ all legit
[21:02:16] <ondrej.sury> Wes Hardaker at mic
[21:02:23] <Dan York> Wes Hardaker at mic
[21:02:23] sandoche joins the room
[21:02:38] <Andrew Sullivan> I still don't think that's a problem, and I also don't see why we want to boil the Pacific Ocean when we've already tackled the Atlantic.
[21:02:42] <russmundy@jabber.org> The responsibility for the content of a dns zone has (& I think still is) the responsibility of the "holder" of the zone
[21:02:57] <mrex-ietf> There is the common habit in the apps area to skip authentication entirely and rely entirely on "whatever the networking guys configured"
[21:03:03] Sean Turner joins the room
[21:03:17] Sean Turner leaves the room
[21:03:24] <Dan York> russ, mrex-ietf - are you in the room or do you want these comments relayed?
[21:03:33] <Dan York> Richard Barnes at mic
[21:03:40] <russmundy@jabber.org> please relay
[21:03:47] <Dan York> k
[21:03:51] <ondrej.sury> last chance, we are cutting the mic in a minute
[21:04:01] mguod joins the room
[21:04:16] <russmundy@jabber.org> also, that the security of the content provisioning is unknown not insecure
[21:04:20] <Dan York> relayed
[21:04:25] <Dan York> Presentation done
[21:04:32] <Dan York> Moving to the Future of DANE
[21:04:41] <russmundy@jabber.org> thanks
[21:04:44] m&m joins the room
[21:04:44] <Dan York> http://tools.ietf.org/agenda/84/slides/slides-84-dane-4.pdf
[21:05:03] <Dan York> Slide 2 - Our current charter
[21:05:12] <Dan York> Slide 3 - Goals and Milestones
[21:05:49] barryleiba leaves the room
[21:05:58] <Dan York> (I wish I'd sat where I could see people's nametags who go to mic)
[21:06:11] <Dan York> Slide 4 - What to do next?
[21:06:19] <mrex-ietf> The question here is: Do we want to define a very narrow set of DNS records for which the Networking guys will have to perform more scrutiny when entering/maintaing/changing them, or do we want to force them to perform scrutiny on each and every record (because we want to use all of them for trust-related decisions). Then the networking guys are likely to continue to not apply any scrutiny at all
[21:06:37] <Dan York> mrex-ietf - what is your name?
[21:06:45] <Dan York> (I'll relay your comment)
[21:07:10] <Dan York> Paul Hoffman at mic
[21:07:46] <Dan York> Line queing
[21:08:01] <Dan York> queuing, even
[21:08:15] <fanf> sounded like there was some interest in moving my drafts to apps area?
[21:08:54] <Dan York> Tony - I think the issue was that the STARTTLS work should move to apps, define it there, and then deal with the DANE aspects here.
[21:09:09] <fanf> right
[21:09:16] <Dan York> Paul Wouters at mic
[21:09:25] Hugo Kobayashi leaves the room: Replaced by new connection
[21:09:27] Hugo Kobayashi joins the room
[21:09:30] <Dan York> He believes there *is* some interest in IPSEC
[21:10:08] <Dan York> Paul Hoffman back at mic
[21:11:09] <Dan York> (IPSEC working group is trying to close down too.)
[21:11:17] <Dan York> Andrew Sullivan at mic
[21:11:28] <fanf> IPSECKEY records have a horrible polymorphic format which is a bugger for draft-levine-dnsextlang
[21:11:46] <Dan York> Tony - is that a relay question?
[21:12:03] <fanf> only if there's more discussion of ipsec
[21:12:16] <Dan York> Richard Barnes at mic
[21:12:55] <Dan York> Matt Miller at mic
[21:13:28] <liman> We should close down if we're done. Lingering WGs. If it's costly to take down and/or spin up a new WG (for future issues), _that's_ the problem that needs to be fixed.
[21:13:28] <fanf> comment towards richard barnes: my drafts were partly intended as input to that kind of discussion, which is why they have fairly lengthy rationale appendices
[21:13:31] <Dan York> Olafur Gudmundsson at mic
[21:14:27] <fanf> violent agreement with olafur
[21:14:30] <Dan York> k... in line
[21:14:43] wilton@jabber.isoc.org joins the room
[21:14:45] <Dan York> liman - do you want that relayed?
[21:14:55] <Dan York> Murray Kucherawy
[21:15:26] <liman> Time for the "WG hot potato routing protocol"? :-)
[21:15:47] <Dan York> :-)
[21:15:56] <liman> Nope. I'm in the room. :-)
[21:16:04] <Dan York> Lief Johansson
[21:16:21] <Dan York> liman - k
[21:16:34] <Dan York> Pete Resnick at mic
[21:16:42] <Dan York> (next)
[21:16:46] Sean Turner joins the room
[21:16:56] <Sean Turner> hiatus = don't meet ;)
[21:17:30] <Dan York> mrex-ietf - do you want your comment relayed?
[21:17:38] <Andrew Sullivan> spfbis isn't meeting this time, but we're busy getting a document done
[21:17:51] <Andrew Sullivan> we just didn't have anything we needed to discuss in person, so we cancelled the slot
[21:18:17] <fanf> comment to pete: agree the dane part of my drafts is a trivial usage of DANE
[21:18:30] <fanf> maybe not quite a no-op :-)
[21:18:42] Rhys joins the room
[21:19:14] resnick nods
[21:19:21] <Dan York> Elliot Lear at mic
[21:19:48] <Dan York> Paul Hoffman at mic
[21:20:09] john.levine leaves the room
[21:20:16] AK joins the room
[21:20:35] =JeffH joins the room
[21:21:26] <richard.barnes> well, yeah, it'll be short
[21:21:31] <richard.barnes> i tried to get it in the base document :)
[21:21:45] <Dan York> Wes Hardaker at mic
[21:21:49] <fanf> i think paul's suggested draft about indirection targets is doable
[21:22:09] <Dan York> Awesome moment - Wes posed for the photographer :-)
[21:22:21] Sean Turner leaves the room
[21:22:38] clarkzilla leaves the room: Replaced by new connection
[21:22:44] john.levine joins the room
[21:22:49] <richard.barnes> fanf: here's my proposal: http://www.ietf.org/mail-archive/web/dane/current/msg04033.html
[21:22:56] <fanf> thanks!
[21:23:01] clarkzilla joins the room
[21:23:35] <Dan York> Eliot Lear at mic
[21:23:53] <Dan York> Sounds like Eliot, Wes and Pete Resnick will be discussing this at the mic
[21:24:36] <mrex-ietf> Personally, I believe that infering an implied delegation of trust from existing MX or SRV records is a problem. With a seperate explicit record for performing transformation/indirection of trusted names through DNSSEC, authentication could be gradually adopted by the installed base. Fixing the existing usage of MX and SRV throughout the installed base as a prerequisite before enabling DNSSEC for a zone looks like a roadblock to DNSSEC adoption rather than an enabler
[21:24:39] AK leaves the room
[21:25:42] <Dan York> Lief at mic
[21:25:46] Sean Turner joins the room
[21:25:58] <PaulWouters> we already have "classical dane"? :)
[21:26:05] <Dan York> :-)
[21:26:33] <ondrej.sury> will we have a DNS Witch-doctors directorate? :)
[21:26:38] <Dan York> mrex - do you want a relay?
[21:26:45] <Dan York> Pete Resnick at mic
[21:27:01] <Dan York> Wes back at mic
[21:27:21] mguod leaves the room
[21:27:23] <ondrej.sury> s/DNS/DANE/
[21:27:48] <Dan York> Stephen Farrell queueing
[21:28:13] <Dan York> Matt Miller at mic
[21:28:38] <fanf> comment to pr: DNSSEC already has a fairly clear definition of "secure" which deals with CNAMEs
[21:29:13] <Dan York> Is DANE the support group for other groups? :-)
[21:29:30] <Dan York> renamed D(AA)NE
[21:29:34] <Andrew Sullivan> @Dan: sure sounds like
[21:29:36] <Dan York> Stephen Farrell at mic
[21:29:46] <ondrej.sury> DANE Anonymous?
[21:30:14] <Dan York> Eric Osterweil at mic
[21:30:15] mrex-ietf leaves the room
[21:30:20] <Andrew Sullivan> My name is Andrew, and I am unable to control my urges to keep a WG alive. ..
[21:30:21] mrex-ietf joins the room
[21:30:30] <Dan York> :-D
[21:30:45] mrex-ietf leaves the room
[21:30:50] <PaulWouters> Disillusioned Anonymous Network Engineers?
[21:31:05] <ondrej.sury> I'm in psychotherapy training, is that a good qualification for chairing this?
[21:31:19] <Andrew Sullivan> Gee, I like this argument (@ mic right now)
[21:31:49] <Dan York> Paul Hoffman at mic
[21:32:57] Jakob Schlyter wakes up!
[21:33:32] <Dan York> Stephen Farrell
[21:33:35] <PaulWouters> too late!
[21:33:38] <fanf> to paul: i think richard's draft would basically take the place of the rationale appendices
[21:33:51] john.levine leaves the room
[21:34:18] <Dan York> Me at mic
[21:34:19] <fanf> the rationale appendices in my drafts
[21:34:26] <Dan York> Russ Housley at mic
[21:34:35] <Dan York> Eric Osterweil at mic
[21:34:56] <fanf> violent agreement with eric
[21:35:04] <Dan York> Tony - any last comments?
[21:35:10] Karen O'Donoghue leaves the room
[21:35:12] <fanf> maybe i should try pacifist agreement
[21:35:58] tlr leaves the room
[21:35:59] yoav.nir leaves the room
[21:36:02] <Dan York> Meeting ended
[21:36:04] john.levine joins the room
[21:36:05] jinmei leaves the room
[21:36:09] <fanf> good stuff
[21:36:12] <Jakob Schlyter> ttfn
[21:36:18] liman leaves the room
[21:36:19] Cheevarat leaves the room: Computer went to sleep
[21:36:19] Andrew Sullivan leaves the room
[21:36:21] ogud leaves the room
[21:36:21] Sean Turner leaves the room
[21:36:21] Satoru Kanno leaves the room
[21:36:27] christoffer leaves the room
[21:36:31] Florian Zeitz leaves the room: offline
[21:36:33] =JeffH leaves the room
[21:36:34] David Cooper leaves the room
[21:36:52] Peter Yee leaves the room
[21:37:08] richard.barnes leaves the room
[21:37:11] yone leaves the room
[21:37:32] Jakob Schlyter leaves the room
[21:37:44] mlepinski leaves the room
[21:37:53] fanf leaves the room
[21:38:26] <russmundy@jabber.org> kudos to Dan for very good jabber room work!!
[21:38:27] m&m leaves the room
[21:38:36] russmundy@jabber.org leaves the room
[21:38:59] Hugo Kobayashi leaves the room
[21:40:22] Rhys leaves the room
[21:40:31] Melinda leaves the room
[21:40:58] fneves leaves the room
[21:42:07] ondrej.sury leaves the room
[21:42:47] Dan York leaves the room
[21:43:05] ykjung leaves the room
[21:44:52] sandoche leaves the room
[21:45:22] sandoche joins the room
[21:47:53] john.levine leaves the room
[21:48:07] clarkzilla leaves the room
[21:48:21] Karen O'Donoghue joins the room
[21:50:45] Hugo Kobayashi joins the room
[21:51:48] Hugo Kobayashi leaves the room
[21:51:52] sftcd leaves the room
[21:51:52] Satoru Kanno joins the room
[21:52:03] Satoru Kanno leaves the room
[21:52:36] naptee leaves the room
[21:55:25] resnick leaves the room
[21:56:14] Karen O'Donoghue leaves the room
[21:58:46] mrex-ietf joins the room
[21:58:54] Hugo Kobayashi joins the room
[21:58:59] wilton@jabber.isoc.org leaves the room
[21:59:00] Hugo Kobayashi leaves the room
[22:04:11] AK joins the room
[22:05:37] jinmei joins the room
[22:06:46] Sean Turner joins the room
[22:12:42] sftcd joins the room
[22:14:00] sftcd leaves the room
[22:14:52] Sean Turner leaves the room
[22:15:02] Sean Turner joins the room
[22:16:01] AK leaves the room
[22:16:05] AK joins the room
[22:16:11] sandoche leaves the room
[22:16:13] AK leaves the room
[22:16:22] Sean Turner leaves the room
[22:19:09] ondrej.sury joins the room
[22:19:21] ogud joins the room
[22:28:06] Sean Turner joins the room
[22:30:31] Peter Yee joins the room
[22:34:53] choimh leaves the room
[22:35:34] Sean Turner leaves the room
[22:37:53] ondrej.sury leaves the room
[22:37:54] ondrej.sury joins the room
[22:38:47] =JeffH joins the room
[22:38:51] =JeffH leaves the room
[22:42:53] Rhys joins the room
[22:43:04] Rhys leaves the room
[22:43:50] christoffer joins the room
[22:44:18] naptee joins the room
[22:46:10] Karen O'Donoghue joins the room
[22:46:42] Karen O'Donoghue leaves the room
[22:50:59] m&m joins the room
[22:56:45] ogud leaves the room
[22:58:19] naptee leaves the room
[23:02:29] PaulWouters leaves the room
[23:08:45] PaulWouters joins the room
[23:10:56] PaulWouters leaves the room
[23:22:52] naptee joins the room
[23:22:52] ondrej.sury leaves the room
[23:24:35] Peter Yee leaves the room
[23:25:08] Peter Yee joins the room
[23:38:05] Peter Yee leaves the room
[23:40:54] Peter Yee joins the room
[23:41:02] Peter Yee leaves the room
[23:49:00] m&m leaves the room: Disconnected: connection closed
[23:54:17] mrex-ietf leaves the room
[23:55:00] mrex-ietf joins the room
[23:57:21] naptee leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!