IETF
dnsop
dnsop@jabber.ietf.org
Thursday, August 1, 2013< ^ >
Peter Koch has set the subject to: next DNSOP meeting at IETF 86 in Orlando
Room Configuration
Room Occupants

GMT+0
[08:43:18] Andrew Sullivan joins the room
[09:03:38] Andrew Sullivan leaves the room
[11:11:56] Paul Wouters joins the room
[11:25:40] Paul Wouters leaves the room
[12:56:03] Juan-Pedro Cerezo Martin joins the room
[12:56:15] Juan-Pedro Cerezo Martin leaves the room
[13:00:15] Guangqing Deng joins the room
[13:09:13] Hugo Salgado joins the room
[13:09:36] marka joins the room
[13:12:09] j.jansen joins the room
[13:12:14] j.jansen is now known as jelte
[13:14:37] Juan-Pedro Cerezo Martin joins the room
[13:14:52] danyork joins the room
[13:16:31] Olafur joins the room
[13:16:41] pebersman joins the room
[13:16:51] Chris Griffiths joins the room
[13:18:15] ondrej.sury joins the room
[13:18:18] Carsten Strotmann joins the room
[13:18:48] matthijs joins the room
[13:19:39] wouter joins the room
[13:19:56] <ondrej.sury> Is there anybody else except the primary and backup jabber scribes? :)
[13:20:04] <jelte> yes :)
[13:20:28] <Carsten Strotmann> session starts
[13:20:43] <jelte> sound is garbled
[13:20:49] <jelte> almost sounds german
[13:21:13] <Carsten Strotmann> note well
[13:21:34] fneves joins the room
[13:21:44] yone joins the room
[13:21:53] weiler joins the room
[13:21:57] fdupont joins the room
[13:22:10] <jelte> :)
[13:22:16] <jelte> thanks ;)
[13:22:18] Ning Kong joins the room
[13:22:29] Kent Shuey joins the room
[13:22:31] jaap joins the room
[13:22:38] john.levine joins the room
[13:22:46] Paul Wouters joins the room
[13:22:54] <Carsten Strotmann> Tim indroduces itself
[13:22:59] nemo joins the room
[13:23:07] <Carsten Strotmann> Agenda
[13:23:25] Peter Koch joins the room
[13:23:30] <Carsten Strotmann> Slide 2
[13:23:36] <Carsten Strotmann> slide 3
[13:23:38] <danyork> Current slides: http://www.ietf.org/proceedings/87/slides/slides-87-dnsop-3.pdf
[13:24:01] Bernie (ucom.ch) joins the room
[13:24:06] <jelte> thanks, i was wondering where to find those
[13:24:16] Joao Damas joins the room
[13:24:28] <danyork> Next presentation: http://www.ietf.org/proceedings/87/slides/slides-87-dnsop-0.pdf
[13:24:32] <danyork> Joe Abley presenting
[13:24:37] <danyork> AS112 v2
[13:24:48] <danyork> Slides 2 - Drafts
[13:25:02] <Carsten Strotmann> Slide 3
[13:25:03] <danyork> Summary: Warren and Joe are NOT going to have a cagematch
[13:25:08] Peter Koch has set the subject to: DNSOP, IETF 87 in Berln [meeting in progress]
[13:25:18] Peter Koch has set the subject to: DNSOP, IETF 87 in Beriln [meeting in progress]
[13:25:26] Peter Koch has set the subject to: DNSOP, IETF 87 in Berlin [meeting in progress]
[13:26:03] <ondrej.sury> slide: -omniscient-as112
[13:26:10] <Carsten Strotmann> Slide 4
[13:26:28] Suz joins the room
[13:27:17] <danyork> Problem with AS112 is basically "we don't know who is running it"
[13:27:41] <Carsten Strotmann> -as112-dname
[13:27:46] <Carsten Strotmann> slide 5
[13:28:36] <danyork> Two ideas: 1) -omniscient-as112 uses custom code on AS112 node; 2) -as112-dname uses DNAME redirection
[13:29:42] <Carsten Strotmann> DNAME probably cleaner, if DNAME can be used
[13:30:03] <danyork> Slide 7 - Next
[13:30:16] Andrew Sullivan joins the room
[13:30:24] <danyork> Joe asks if both documents be adopted and merged
[13:30:29] <ondrej.sury> First go with DNAME, then go with omni
[13:30:47] <Carsten Strotmann> tim asks if both documents should be worked on -- audience says "yes"
[13:31:08] <Carsten Strotmann> no questions to the authors
[13:31:16] keith_nm joins the room
[13:31:40] Guangqing Deng leaves the room
[13:31:44] <danyork> Next slides -> http://www.ietf.org/proceedings/87/slides/slides-87-dnsop-1.pdf
[13:31:49] <ondrej.sury> Wes, Olafur & Warren on the stage
[13:31:51] <Carsten Strotmann> Wes Hardaker, Olafur, Warren Kumari
[13:31:53] <danyork> Wes, Olafur and Warren on the stage
[13:31:55] <danyork> Hahahahaha
[13:32:01] Hugo Kobayashi joins the room
[13:32:01] <danyork> Dueling Jabber scribes
[13:32:16] <Carsten Strotmann> :)
[13:32:30] SM joins the room
[13:32:31] <Carsten Strotmann> slide 2
[13:32:42] <Carsten Strotmann> Slide What is the problem?
[13:32:48] <danyork> (I'll noticed that none of us attempted to spell Olafur's last name)
[13:33:04] <ondrej.sury> Gudmundsson?
[13:33:20] <Carsten Strotmann> how to sync records that need to by synced between parent and child
[13:33:24] <danyork> Carsten - I'll leave it to you to do the slide numbers / titles
[13:33:28] Francisco Arias joins the room
[13:33:34] <Carsten Strotmann> Slide 3
[13:33:53] <Carsten Strotmann> Consequences of differences between parent and child
[13:34:02] <Carsten Strotmann> Slide 4
[13:34:04] <danyork> (taking more notes because Olafur is up speaking)
[13:34:05] <jelte> it's been almost ten years and here i was thinking it was just Olafur
[13:34:07] <jelte> like Bono
[13:34:07] <Carsten Strotmann> "What can we do"
[13:34:12] <jelte> or Cher
[13:34:48] <ondrej.sury> or Sting?
[13:34:48] <Carsten Strotmann> two proposed solutions - CDS record - for DS; CSYNC - more general for DS, NS, A/AAAA glue
[13:34:54] <danyork> Root issue is that when the DS, NS and Glue records are wrong there can be security issues and traffic problems
[13:35:04] <Carsten Strotmann> Slide 5
[13:35:06] <marka> Other consideration miss DNS UPDATE secured with TSIG
[13:35:10] <Carsten Strotmann> "Design Requirements"
[13:35:16] <danyork> Child needs to be able to publish data upward.
[13:35:31] <danyork> Parent zone needs to securely get data and also control their policies
[13:35:56] <Carsten Strotmann> Slide 6
[13:36:00] <danyork> IF THERE ARE QUESTIONS FROM REMOTE PARTICIPANTS, please preface those comments with "mic:"
[13:36:12] <ondrej.sury> My view is that registrant-dns operator-registrar-registry is already too complicated to add TSIG to the bunch...
[13:36:21] <Carsten Strotmann> "Design Choices  - What protocol to use"
[13:36:28] <Carsten Strotmann> both solutions use DNS
[13:36:40] <Carsten Strotmann> Pull model - parent pull
[13:36:49] <Carsten Strotmann> no need for new security model
[13:37:11] <Carsten Strotmann> slide 7
[13:37:13] <danyork> Difference is that CDS publishes a DS record that needs to be pulled into the parent zone.  CSYNC tells parent zone which records to copy.
[13:37:18] <Carsten Strotmann> "How to publish"
[13:37:55] <Carsten Strotmann> Slide 8
[13:38:01] <Carsten Strotmann> "where to publish"
[13:38:27] <Carsten Strotmann> Slide 9 - CDS record
[13:38:50] <danyork> Wes notes that there are a couple of choices for where to publish, and that's not a discussion we need to have today. He's just highlighting that there is a choice.
[13:39:07] <Carsten Strotmann> Slide 10
[13:39:19] <Carsten Strotmann> "Tricky Issues - DS records"
[13:39:35] <Carsten Strotmann> Slide 11
[13:39:42] <Carsten Strotmann> CSYNC
[13:39:52] <danyork> One issue with CDS is that some parent zones want keys (back to the DNSKEY vs DS discussion)
[13:40:32] <Carsten Strotmann> slide 12
[13:40:47] <Carsten Strotmann> which direction to go
[13:40:56] <jelte> depending on *why* they want that the issue might be moot with CDS
[13:41:06] <danyork> Any remote questions?
[13:41:10] <danyork> mic line is forming
[13:41:21] scottr.nist joins the room
[13:41:27] <jelte> not from me
[13:41:45] <danyork> lots of hands
[13:41:50] <danyork> Matthius Mekking at mic
[13:41:54] <weiler> and now we get a lesson in set theory
[13:41:57] <Carsten Strotmann> Matthijs / NLnetLabs
[13:42:19] <Carsten Strotmann> Question for Slide "Tricky"
What is "tricky"
[13:42:21] <Carsten Strotmann> ?
[13:42:54] <Carsten Strotmann> from child point it is not tricky
[13:43:14] <Carsten Strotmann> Warren: parent policy is tricky
[13:43:34] Paul Wouters leaves the room
[13:44:08] Francisco Arias leaves the room
[13:44:27] <Carsten Strotmann> Olafur answer question issues about future keys / pre-published DS
[13:44:49] <Carsten Strotmann> Matthijs: one more question: CSYNC mostly KISS; except for DS
[13:45:41] <Carsten Strotmann> Matthijs: for DS sync would prefer CDS, CSYNC for others still good
[13:46:17] <Carsten Strotmann> Wes: explains the reason for DS coverage in CSYNC, would prefer CDS
[13:46:22] Olafur leaves the room
[13:46:24] <danyork> Ondrej Sury at mic
[13:46:51] <Carsten Strotmann> Ondrej: does copy means "copy in place"
[13:46:56] <Carsten Strotmann> Answer from authors: yes
[13:47:12] <weiler> he asked " copy AND replace"
[13:47:31] Francisco Arias joins the room
[13:47:47] <Carsten Strotmann> Ondrej: datamodel from registries possible not compatible to this
[13:47:49] <Andrew Sullivan> I'm not going to mic — too hard and line too long — but I note that the CSYNC approach has the nice advantage that we get A and AAAA and NS for free.
[13:47:57] <Andrew Sullivan> whereas CDS doesn't give us that
[13:48:41] <weiler> andrew: good point.  go to the mic.  :-)
[13:48:46] <danyork> i am in line t make that point
[13:48:59] <Carsten Strotmann> Anoin: CSYNC more generic, does not like the record name CDS (because if prefers DS over DNSKEY). Use CSYNC record for CDS
[13:49:02] <Andrew Sullivan> there are four people in line, and this is as much on the record.  You've all seen it :)
[13:49:09] <Andrew Sullivan> also, Antoin just made the same argument
[13:50:18] Benno Overeinder joins the room
[13:50:23] <Carsten Strotmann> Dan from Jabber: CSYNC more generic
[13:51:52] Bernie (ucom.ch) leaves the room
[13:52:12] <danyork> Haikuo Zhang at mic - how do you delete records using these approaches?
[13:52:21] <ondrej.sury> when I imagine our registrars and the word generic together, my head wants to blow...
[13:52:36] <danyork> Matthius at mic
[13:52:45] <ondrej.sury> the delete question was already answered by mine „copy&replace“...
[13:53:14] <weiler> did they pay warren for the product placement?
[13:53:16] <danyork> Doug Montgomery at mic
[13:53:26] Alex Mayrhofer joins the room
[13:53:41] <danyork> Doug - does CDS support split-view DNS?
[13:53:48] <Carsten Strotmann> Matthijs: if CSYNC more generic but makes it more complex, prefer CDS for DS and CSYNC (later) for others
[13:54:17] <danyork> Brian Dixon at mic
[13:54:46] <Carsten Strotmann> CSYNC instead of SOA serial - RRSIG inception date
[13:55:02] <Carsten Strotmann> Wes: maybe independent serial number for CSYNC
[13:55:15] <Carsten Strotmann> Brian: maybe timestamp on when to act
[13:55:23] <danyork> Andrew Sullivan at mic
[13:55:24] <weiler> would a checksum in the csync help?  
[13:55:37] <weiler> checksum all the records intended to be put in place?
[13:56:12] <jelte> the question to me would be "is there, or will there be, a need for a generic system?"
[13:56:41] <matthijs> I actually think that CSYNC introduce complexity for both developing and operating
[13:56:51] Olafur joins the room
[13:57:09] <Carsten Strotmann> question from Peter: if you thing there is a problem worth solving
[13:57:14] <Carsten Strotmann> answer: yes
[13:57:20] <matthijs> good question Jelte
[13:57:22] Juan-Pedro Cerezo Martin leaves the room
[13:58:00] <Carsten Strotmann> question from Peter: two approaches; are we aiming at one approach are going for two approaches?
[13:58:06] <Carsten Strotmann> Dan York on the mic
[13:58:49] <jelte> How many engineers does it take to screw in a DNS record?
[13:59:28] <Carsten Strotmann> question from Peter: two proposals; are we aiming at one approach are going for two approaches? (2nd take)
[13:59:43] <Carsten Strotmann> Matthijs on the mic
[14:00:26] <Carsten Strotmann> Ray Arends on the mic
[14:01:10] <Carsten Strotmann> Roy: let the authors work on migrating
[14:01:15] <Carsten Strotmann> question from Peter: two proposals; are we aiming at one approach are going for two approaches? (3rd take)
[14:01:26] <Alex Mayrhofer> Hum for single solution
[14:01:27] <Carsten Strotmann> indifferent
[14:02:23] <Carsten Strotmann> Peter asks who will work on the document(s)
[14:02:50] <Alex Mayrhofer> Willing to review.
[14:03:27] <Carsten Strotmann> Roy on the mic: how many are willing to work on an implementation
[14:03:36] <danyork> how many people would be willing to work on an implementation?  (several responses)
[14:04:07] <Carsten Strotmann> Q from Peter: is the right WG?
[14:04:55] <Andrew Sullivan> I am willing to shepherd this up the AD sponsored path, if that helps
[14:05:22] <Andrew Sullivan> (I am unwilling to let this languish due to IETF bureaucratic rules)
[14:05:40] Francisco Arias leaves the room
[14:06:43] Bernie (ucom.ch) joins the room
[14:06:44] <Carsten Strotmann> Dan York: clear path to deployability and avoid confusion
[14:06:48] <Olafur> Thanks Andrew
[14:07:41] Francisco Arias joins the room
[14:07:56] <Carsten Strotmann> Dan: prevent DNS vs. DNSKEY confusions
[14:08:13] <Carsten Strotmann> Anoin: need proposal that is policy neutral
[14:08:28] <Alex Mayrhofer> MIC: Multiple proposals definitely hurt interopability - compare RTP encryption...
[14:09:10] <Alex Mayrhofer> HURT!
[14:09:13] <Carsten Strotmann> hurt, not "help" interopability
[14:09:13] <Alex Mayrhofer> not HELP!
[14:09:18] joel jaeggli joins the room
[14:09:22] <jelte> lol
[14:09:23] <Carsten Strotmann> yes, corrected by Dan
[14:09:27] <danyork> Yes, I corrected that
[14:09:29] <danyork> :-(
[14:09:32] <Alex Mayrhofer> thanks :-)
[14:09:41] <danyork> (Jabber needs a (banghead) emoticon like Skype)
[14:09:53] <joel jaeggli> :-x
[14:10:24] <Suz> I just use (facepalm)
[14:10:37] <Carsten Strotmann> HAMMER Slides shown
[14:10:49] <danyork> Slides: http://www.ietf.org/proceedings/87/slides/slides-87-dnsop-2.pdf
[14:10:51] <Carsten Strotmann> "pre-fetch  cache records"
[14:11:11] <Carsten Strotmann> Slide 2 - Overview
[14:11:21] <Carsten Strotmann> Slide 3 "What is the problem"
[14:11:29] <Carsten Strotmann> Slide 4 "What is the problem"
[14:11:54] <Carsten Strotmann> extra latency if records just has expired, next requesor pays latency
[14:12:02] <Carsten Strotmann> expired from cache
[14:12:13] <Carsten Strotmann> just an optimization
[14:12:19] <danyork> Warren notes that from the hotel, query from cache is 44 msec, no cache is 454 msec
[14:12:58] <Carsten Strotmann> Slide 5
[14:13:05] <Carsten Strotmann> popular records stay in the cache
[14:13:26] <Carsten Strotmann> almost no additional cache state
[14:13:38] <Carsten Strotmann> similar to Unbound configuration, but different
[14:13:44] <Carsten Strotmann> Unbound implementation
[14:13:51] <jelte> oh boohoohoo
[14:13:51] <Carsten Strotmann> Slide 6
[14:14:12] <Carsten Strotmann> Worth publishing - implementation advice
[14:14:18] <Carsten Strotmann> ?
[14:14:21] <Carsten Strotmann> Slide 7
[14:14:25] <Carsten Strotmann> Is the WG interested?
[14:14:34] <Carsten Strotmann> Quesions?
[14:15:07] <Carsten Strotmann> no implementation yet
[14:15:29] <danyork> Jaap at mic
[14:15:45] <danyork> Draft in question: http://tools.ietf.org/html/draft-wkumari-dnsop-hammer-00
[14:16:15] <Carsten Strotmann> Jaap on the MIC: Unbound implementation is very effective, implemented on request from SurfNet,
[14:16:27] <danyork> Peter asks Jaap to post results to list
[14:16:31] <danyork> Paul Wouters at mic
[14:17:21] <Carsten Strotmann> Paul: is this really a RFC?
[14:17:26] <danyork> Ondrej Sury at mic
[14:17:40] <marka> mic: it says what queries to pre-fetch
[14:17:41] <danyork> Ondrej likes informational RFCs with guidance like this
[14:17:45] <Carsten Strotmann> Ondrej: Answer to Paul - prefeclty happy to have an informational RFC
[14:17:59] <danyork> marka: will relay.  What is your full name please?
[14:18:11] <marka> Mark Anfrews
[14:18:15] <marka> Andrews
[14:18:40] <danyork> thank you - I will even try to use the correct verb
[14:18:42] <Carsten Strotmann> Q from Peter: is this for a caching recursive or inside a Application
[14:18:42] <ondrej.sury> JFTR I would be also happy to have an information RFC for the stuff the Unbound does for prefetching...
[14:19:21] <Alex Mayrhofer> Does it an "ANY" query? ;-)
[14:19:40] <danyork> Paul Wouters at mic
[14:19:46] <Olafur> @marka How hard is to do in bind9 ?
[14:20:00] weiler leaves the room
[14:20:01] weiler joins the room
[14:20:11] <marka> 5 minutes
[14:20:11] <danyork> Paul - prefetching has been in usage for a couple of years (in various Linux versions)
[14:20:25] <jaap> It just refreshes whatever is asked for and is nearly expired in the cache.
[14:20:34] <marka> + tests
[14:20:47] <danyork> Shane Kerr at mic
[14:21:06] <Carsten Strotmann> if a percentage is used, means more queries
[14:21:11] <Carsten Strotmann> (from Shane)
[14:21:23] <danyork> Roy Arends at mic
[14:22:07] <marka> mic: it should have almost no measurable effect of authoritative servers
[14:22:09] Francisco Arias leaves the room
[14:22:11] <jelte> if it's not a percentage, the increase should be minimal to the point of unnoticeable, in theory
[14:22:26] <jelte> what mark said :)
[14:22:39] weiler leaves the room
[14:22:55] <jelte> if this is taken up, I propose a change of name, to decrease the amount of cringing.
[14:23:07] <danyork> Olaf Kolkman at mic
[14:23:32] <matthijs> like prefetch? ;)
[14:23:37] <Carsten Strotmann> Roy: this implementation does not create (many) more queries to auth servers
[14:23:46] weiler joins the room
[14:23:57] <jelte> refetch?
[14:24:33] <Carsten Strotmann> Warren: tried to figure out the amount of extra queries, but that is hard and depends on many variables
[14:24:36] <danyork> Joe Abley at mic
[14:24:48] <Suz> this would not be the first or only time any of us has decided it's OK to attract more queries in order to provide better service.
[14:25:12] <jaap> As Warren now is saying, coming up with a model is pretty hard if you think about it for a while
[14:27:34] <marka> mic:  we need to do some tests to determine what is the "best" hammer time
[14:27:38] <Carsten Strotmann> Peter (hats off): more research is need, suggestion is based on some research
[14:27:53] Andrew Sullivan leaves the room
[14:28:37] <danyork> Brian Dixon at mic
[14:29:09] <danyork> marka: will relay
[14:29:11] <Carsten Strotmann> Brian: might actually reduce number of queries
[14:29:50] <danyork> marka - they closed the mic line... but is sounds like Geoff Huston is making the point
[14:29:58] <danyork> Geoff Huston is at mic
[14:30:38] <marka> audio has lag
[14:30:40] <jelte> percentage doesn't make sense with that argument either
[14:31:24] <danyork> marka: That's okay, I didn't hear them cut the line and I'm in the room
[14:32:11] Paul Wouters joins the room
[14:32:54] <marka> needs more work
[14:33:28] <jelte> certainly not ready to go
[14:34:06] weiler leaves the room
[14:34:09] <marka> adopt
[14:34:26] <Carsten Strotmann> WG whats to adopt the proposal as a WG item
[14:34:37] <Carsten Strotmann> whats => wants
[14:34:45] <Carsten Strotmann> Joe Ably: DNS Flush
[14:34:48] <danyork> Slides: http://www.ietf.org/proceedings/87/slides/slides-87-dnsop-8.pdf
[14:34:53] <Carsten Strotmann> Slide 2
[14:34:55] <matthijs> stop. flush time.
[14:35:01] <Carsten Strotmann> Problem Statement
[14:35:18] <Carsten Strotmann> Slide 3
[14:35:23] <Carsten Strotmann> "State of the Art"
[14:36:22] <Carsten Strotmann> Slide 5
[14:36:29] <Carsten Strotmann> Potential Approach
[14:36:33] <danyork> My paraphrase - "Can we make a big red button that can be pushed to flush a cache?"
[14:37:36] <Carsten Strotmann> Slide 6
[14:37:49] <Carsten Strotmann> NOTIFY to recursive servers
[14:38:29] <Carsten Strotmann> NOTIFY instructs recursive server to flush (parts of) the cache
[14:38:33] <Carsten Strotmann> Slide 7
[14:38:55] <Carsten Strotmann> Slide 8
[14:39:43] <Carsten Strotmann> Questions
[14:39:59] <danyork> Lots of people have read the doc
[14:40:07] <marka> mic: It doesn't even have to be the nameserver that sends the notify
[14:40:09] <danyork> Antoin Verschuren at mic
[14:40:21] <danyork> marka: okay, will get in line
[14:40:40] Paul Wouters leaves the room
[14:40:59] <Carsten Strotmann> Antoin: how does this scale (TSIG key exchange)?
[14:41:28] <Alex Mayrhofer> MIC: Why not use the DNSSEC chain in some way for authentication?
[14:41:39] <marka> mic:  relay/clearing house would re-sign
[14:41:51] <Carsten Strotmann> PAul WOuters on the mic
[14:42:09] <ondrej.sury> marka: just idea - can SIG(0) be used here?
[14:42:14] <Carsten Strotmann> Paul: can be used as a censorchip tool
[14:42:33] <jelte> i think the scalability problem is not relationships with recursive servers, but relationships with zone administrators (i see a clearing-house-like approach)
[14:42:48] <marka> yes SIG(0) could be used
[14:43:40] <danyork> Alex Mayrhofer: will relay
[14:43:48] <Chris Griffiths> The current process is broken.  Out of band methods are difficult and do not scale, so there is a need for something better
[14:43:57] <Alex Mayrhofer> dan, well, it might be redundant already...
[14:44:23] <Olafur> Q: how about EDNS0 option signed with SIG(0) ?
[14:44:50] <Olafur> and only for the zones below the name on the SIG(0)
[14:45:00] <Chris Griffiths> As a cache operator, I would care
[14:45:28] <ondrej.sury> Olafur: as an extra packet or as an „addition“ to any existing query?
[14:45:29] <Carsten Strotmann> Roy on the mic
[14:45:39] <Carsten Strotmann> Roy Arends
[14:45:47] <Olafur> as an addition to answers
[14:46:18] <Carsten Strotmann> Roy explains an incident where such a function would have been helpful
[14:46:24] <ondrej.sury> that would only help for zones where’s a high chance for another query
[14:46:26] <jelte> didn't we learn in 1986 that you should lower TTL before you make important zone changes? :P
[14:46:27] <Alex Mayrhofer> Another option: Only "trust" TCP-based NOTIFYs that originate from the server in the MNAME of the SOA?
[14:46:48] <Alex Mayrhofer> (assuming that only the zone admin may trigger a cache flush...)
[14:46:58] <ondrej.sury> Alex: that’s similar to SIG(0)
[14:46:59] <matthijs> jelte: danyork is in the mic line, let hem relay that ;)
[14:47:04] <Chris Griffiths> I think having a repository (IE:  red buttton) that I can subscribe that could assist this process
[14:47:10] <Alex Mayrhofer> yep, true.
[14:47:10] <ondrej.sury> but that doesn’t solve the need to create a list of resolvers to notify
[14:47:19] Alex Mayrhofer nods
[14:47:20] <jelte> caches may have actually saved them there, btw, since they still got the good data
[14:47:20] <Carsten Strotmann> Frank Martin at the mic
[14:47:41] <Chris Griffiths> sending this to the resolves directly doesn't make sense
[14:47:55] <ondrej.sury> well, you can „create“ list of the fly if you do dns traffic dumps
[14:48:10] <matthijs> jelte: usually then it is too late, because usually it is only noticed when a resolver has queried for the data
[14:48:17] <matthijs> and returning the servfail
[14:48:32] <Carsten Strotmann> Dan york on the mic for Jabber participants
[14:48:43] pebersman leaves the room
[14:49:07] <Carsten Strotmann> Peter wants to ask 2 questions
[14:49:16] <jelte> flushing an entire TLD in every resolver in the world will be fun for your auths as well :P
[14:49:31] <jelte> hmz my jabber messages now take several seconds to get through
[14:49:34] <Carsten Strotmann> Peter: How many people think the Problem is worth pursuing in the WG
[14:49:54] <Carsten Strotmann> Answer: most "yes", some "no"
[14:50:02] ray joins the room
[14:50:24] <Carsten Strotmann> Peter Q: should the suggested approach be adopted by the WG
[14:50:34] <Carsten Strotmann> Answer: some "yes", some more "no"
[14:50:42] <jelte> i am not a fan
[14:51:39] matthijs leaves the room
[14:51:44] ray leaves the room
[14:51:59] Hugo Kobayashi leaves the room
[14:52:04] Suz leaves the room
[14:52:09] ondrej.sury leaves the room
[14:52:12] Ning Kong leaves the room
[14:52:13] <Carsten Strotmann> session closed
[14:52:23] Hugo Salgado leaves the room
[14:52:25] SM leaves the room
[14:52:26] Chris Griffiths leaves the room
[14:52:31] nemo leaves the room
[14:52:31] yone leaves the room
[14:52:31] <Alex Mayrhofer> thanks for the Jabber service :-)
[14:52:32] jaap leaves the room
[14:52:33] Alex Mayrhofer leaves the room
[14:52:41] <jelte> yeah thanks
[14:52:50] Joao Damas leaves the room
[14:52:54] scottr.nist leaves the room
[14:53:00] Olafur leaves the room
[14:53:00] Bernie (ucom.ch) leaves the room
[14:53:02] Benno Overeinder leaves the room
[14:53:08] Kent Shuey leaves the room: offline
[14:53:46] joel jaeggli leaves the room
[14:53:48] Peter Koch leaves the room
[14:55:05] john.levine leaves the room
[14:55:18] keith_nm leaves the room: IETF87, Berlin
[14:55:28] wouter leaves the room
[14:56:38] john.levine joins the room
[14:57:06] joel jaeggli joins the room
[14:57:30] john.levine leaves the room
[14:57:42] Paul Wouters joins the room
[14:57:42] Paul Wouters leaves the room
[14:58:00] Paul Wouters joins the room
[14:58:01] fneves leaves the room
[14:58:25] danyork leaves the room
[14:58:30] dane joins the room
[14:58:59] dane leaves the room
[14:59:12] john.levine joins the room
[14:59:57] jelte leaves the room
[15:00:10] Ning Kong joins the room
[15:00:48] Olafur joins the room
[15:01:05] Carsten Strotmann leaves the room
[15:02:00] ondrej.sury joins the room
[15:02:15] Chris Griffiths joins the room
[15:03:11] Chris Griffiths leaves the room
[15:03:41] Olafur leaves the room
[15:03:47] marka leaves the room
[15:03:54] Paul Wouters leaves the room
[15:03:58] marka joins the room
[15:04:07] fdupont leaves the room
[15:04:18] john.levine leaves the room
[15:07:11] fneves joins the room
[15:11:58] Benno Overeinder joins the room
[15:17:36] fneves leaves the room
[15:19:55] Suz joins the room
[15:22:35] Bernie (ucom.ch) joins the room
[15:24:33] Benno Overeinder leaves the room
[15:24:48] joel jaeggli leaves the room
[15:25:17] joel jaeggli joins the room
[15:26:54] Bernie (ucom.ch) leaves the room
[15:27:05] joel jaeggli leaves the room
[15:30:56] joel jaeggli joins the room
[15:40:10] Suz leaves the room
[15:50:47] pebersman joins the room
[15:53:19] pebersman leaves the room
[16:04:36] Ning Kong leaves the room
[16:23:27] Andrew Sullivan joins the room
[16:23:29] Andrew Sullivan leaves the room
[16:24:41] joel jaeggli leaves the room
[16:35:45] joel jaeggli joins the room
[16:36:19] ondrej.sury leaves the room
[17:06:55] Ning Kong joins the room
[17:06:56] Ning Kong leaves the room
[17:08:40] joel jaeggli leaves the room
[17:13:44] Suz joins the room
[17:24:55] joel jaeggli joins the room
[17:33:27] Suz leaves the room
[17:44:25] joel jaeggli leaves the room
[18:21:56] ondrej.sury joins the room
[20:00:52] ondrej.sury leaves the room
[20:50:23] marka leaves the room
[20:51:46] marka joins the room
[23:28:02] joel jaeggli joins the room
[23:37:56] joel jaeggli leaves the room
[23:41:34] Suz joins the room
[23:45:17] Suz leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!