dnsop - Thursday, April 23, 2020

[02:41:30] vixie joins the room
[04:54:24] vixie leaves the room
[06:01:41] vixie joins the room
[07:55:36] marka leaves the room
[07:55:36] marka joins the room
[07:55:49] marka leaves the room
[10:08:09] vixie leaves the room
[14:29:12] Willem Toorop joins the room
[14:39:21] Mike StJohns joins the room
[14:41:44] Yoshiro YONEYA joins the room
[14:43:25] Benno Overeinder (NLnet Labs) joins the room
[14:44:01] <Benno Overeinder (NLnet Labs)> DNSOP WG interim 2020-2 Webex URL: https://ietf.webex.com/ietf/j.php?MTID=m8d49e59807a47eec1d8cf5fbd4f81fa3
[14:44:01] pusateri leaves the room
[14:45:38] pusateri joins the room
[14:46:26] pusateri joins the room
[14:46:43] pusateri joins the room
[14:49:10] <Benno Overeinder (NLnet Labs)> Sorry we had to restart webex.  Same URL.
[14:49:10] pusateri leaves the room
[14:49:10] pusateri leaves the room
[14:50:06] Hugo Salgado joins the room
[14:54:00] vladimir.cunat joins the room
[14:55:36] Paul Hoffman joins the room
[14:56:44] Shumon Huque joins the room
[14:57:10] Warren Kumari joins the room
[14:57:58] hardie joins the room
[14:58:14] bortzmeyer joins the room
[14:58:34] Peter van Dijk (PowerDNS) joins the room
[14:59:06] Petr Spacek @ CZ.NIC joins the room
[14:59:27] Stephen Morris joins the room
[14:59:50] marka joins the room
[15:00:30] Brian Haberman joins the room
[15:00:40] moritz joins the room
[15:00:42] Suzanne joins the room
[15:00:55] <Peter van Dijk (PowerDNS)> for anybody who is just on the audio stream and not on the webex, I can relay questions for you. Please prefix with MIC:
[15:01:29] Mike Bishop joins the room
[15:02:19] Weiler joins the room
[15:02:28] Matt Pounsett joins the room
[15:02:35] John Levine joins the room
[15:02:40] <Mike Bishop> I actually wasn't aware that there *was* an audio stream other than WebEx....
[15:03:25] rickwilhelm-Verisign@jabb3r.org joins the room
[15:03:26] <hardie> @Mike it's phone + jabber .
[15:03:28] Dan York joins the room
[15:03:34] tim costello joins the room
[15:04:14] <Peter van Dijk (PowerDNS)> etherpad at https://etherpad.ietf.org:9009/p/notes-ietf-interim-2020-dnsop-02?useMonospaceFont=true
[15:04:31] Vittorio Bertola joins the room
[15:06:36] neednnelg@sure.im joins the room
[15:06:44] ericorth joins the room
[15:07:30] dee3@hot-chilli.net joins the room
[15:09:42] msk joins the room
[15:15:07] dmcardle joins the room
[15:15:10] <Peter van Dijk (PowerDNS)> any questions for Lada?
[15:15:59] mcr joins the room
[15:16:04] Weiler leaves the room: Replaced by new connection
[15:16:04] Weiler joins the room
[15:18:07] <Mike StJohns> hold until IANA approves the new method
[15:18:40] <vladimir.cunat> perhaps... but hold in *which* stage?
[15:20:11] <Mike StJohns> I don't think there's a state in the datatracker for it... ?  but hold prior to WGLC I would say
[15:21:03] <bortzmeyer> Time for cookies!
[15:21:09] <Peter van Dijk (PowerDNS)> om nom
[15:21:33] <Paul Hoffman> If they served these types of cookies at IETF meetings, the lines would be (a) shorter or (b) longer?
[15:21:55] <Brian Haberman> @paul definitely shorter
[15:21:57] <Peter van Dijk (PowerDNS)> your parenthesises b rendered as a beer here..
[15:22:04] <Peter van Dijk (PowerDNS)> which would make lines longer I presume
[15:22:14] <Peter van Dijk (PowerDNS)> *parenthesised
[15:23:41] <mcr> I think that the process would be that, the cookies would be served during break, you would obtain one (or more?) and then, you would have to surrender the cookie at the MIC line in order to speak.
[15:23:57] <Peter van Dijk (PowerDNS)> soggy edible tokens that people have touched, mmmm
[15:25:04] <vladimir.cunat> Well, that's the point of the draft - to also accept cookies handed out by another vendor.
[15:27:41] <mcr> the problem of finding your own IP on a UDP socket is an ongoing one, and I'd like to have an new API call/flag. "JUST_KIDDING" to send(), which would go through all the effort of sending a packet, but not actually send it. Just tell you what it might look like.
[15:27:58] <Peter van Dijk (PowerDNS)> assuming you are not behind some NAT
[15:28:33] <Peter van Dijk (PowerDNS)> @mcr MSG_POKE to go with MSG_PEEK
[15:30:07] <mcr> sure, that would be a good, if less funny, name :-)
[15:30:29] <Peter van Dijk (PowerDNS)> oh ;)
[15:31:14] <mcr> (Yes, if you are behind some NAT44.  but, it's hard enough on a plain single-interface IPv6 machine to know which LL, Temporary, Stable-Private, etc. IPv6 will get used.
[15:32:18] <Peter van Dijk (PowerDNS)> any questions for Willem?
[15:32:45] <mcr> I'm hungry for cookies. With sprinkles.
[15:35:26] <Suzanne> I did enjoy this slide deck, it's lunch time here on the US East Coast…. :-)
[15:35:50] tale joins the room
[15:36:53] <Willem Toorop> Is Marc Groeneweg here too?
[15:37:05] <Peter van Dijk (PowerDNS)> i don't see him in the list
[15:37:11] Marc (SIDN) joins the room
[15:37:16] <Peter van Dijk (PowerDNS)> ha
[15:37:30] <Peter van Dijk (PowerDNS)> (otherwise, you could have messaged him on webex)
[15:37:42] <vladimir.cunat> number 6 in etherpad attendee list
[15:38:02] <tale > He's on the blue sheet and just joined jabber
[15:38:07] <Willem Toorop> Hi Marc, actually I do not see why we would not ship NSD with the server side cookies implementation because that has been stable for a year now
[15:38:36] <Marc (SIDN)> yes, I'm in now Willem
[15:38:37] <Willem Toorop> And indeed implemented to recipe by knot and bind already, so...
[15:39:04] <Marc (SIDN)> exactly, my opinion indeed
[15:39:07] <tale > mmm cookie recipe
[15:39:17] <Willem Toorop> :)
[15:40:07] rickwilhelm-Verisign@jabb3r.org leaves the room
[15:40:55] <Weiler> this seems like some extra hump.  What problem is it trying to solve?
[15:41:21] rickwilhelm-Verisign@jabb3r.org joins the room
[15:41:31] <Peter van Dijk (PowerDNS)> storing TIMEOUT data in the same database as the records that you want to timeout
[15:41:36] <bortzmeyer> Weiler: allowing clients to do an Add without a Delete later?
[15:41:46] <Peter van Dijk (PowerDNS)> instead of, say, having your dhcpd remembering to clean up records when leases expire
[15:41:52] <Peter van Dijk (PowerDNS)> or when you turn your dhcp machine off forever
[15:43:08] vixie joins the room
[15:47:10] <vixie> vixie joins.
[15:47:15] <Peter van Dijk (PowerDNS)> any questions for Tim? (or was it Tom)
[15:49:15] <vladimir.cunat> It could allow implementing a hash-free version.
[15:49:27] <Peter van Dijk (PowerDNS)> I briefly thought method=0 count!=0 was that
[15:49:46] <Peter van Dijk (PowerDNS)> for an A-set, it would even save space
[15:52:15] Vittorio Bertola leaves the room
[15:52:40] <Peter van Dijk (PowerDNS)> queue is closed
[15:53:09] <Petr Spacek @ CZ.NIC> I feel this is another attempt to add metadata of some sort to zone database - COMMENT RR proposal was very similar. Shouldn't we solve this in a generic way and build TIMEOUT & COMMENT RRs on top of it?
[15:53:39] <Peter van Dijk (PowerDNS)> wasn't the point of COMMENT that it did was special cased in the server? don't serve it, don't put it in AXFR, etc.?
[15:53:51] <Peter van Dijk (PowerDNS)> -did
[15:56:02] <Petr Spacek @ CZ.NIC> Yes, but that should/could also be solved genericaly with metadata if we had these. Imagine an attribute "not allowed to query: true" on arbitrary RRset in the zone.
[15:56:08] Vittorio Bertola joins the room
[15:56:17] <Peter van Dijk (PowerDNS)> sure
[15:56:19] <Peter van Dijk (PowerDNS)> but TIMEOUT does not ask for that
[15:56:22] <Peter van Dijk (PowerDNS)> it requires zero server changes
[15:56:33] <Peter van Dijk (PowerDNS)> previous versions of the draft did, and I objected to that (as did many others)
[15:56:45] <Petr Spacek @ CZ.NIC> Well it does require changes, if server is to do anything with it.
[15:56:53] <Petr Spacek @ CZ.NIC> (is going to do ...)
[15:56:56] <Peter van Dijk (PowerDNS)> the draft expects an external garbage cleaner
[15:57:02] <Peter van Dijk (PowerDNS)> and allows servers to also do something
[15:57:16] <Peter van Dijk (PowerDNS)> that external cleaner can run over AXFR+2136
[15:57:35] <Petr Spacek @ CZ.NIC> Okay, understood what you mean.
[15:58:06] <Petr Spacek @ CZ.NIC> That's the same as for ALIAS and we know how that flew.
[15:58:27] <Peter van Dijk (PowerDNS)> ALIAS got drowned in added complexity
[15:58:48] <Peter van Dijk (PowerDNS)> expecting resolvers to change and really working a lot better if auths changed
[16:04:06] rickwilhelm-Verisign@jabb3r.org leaves the room
[16:04:09] <Warren Kumari> Awwww.. lets redesign it all!
[16:04:39] rickwilhelm-Verisign@jabb3r.org joins the room
[16:04:49] <Marc (SIDN)> perhaps we should ;-)
[16:05:03] <Warren Kumari> Erk!
[16:06:03] Weiler leaves the room: Replaced by new connection
[16:06:15] <Warren Kumari> I'd thought there was a 3rd and 4th thing in resimprove...
[16:07:02] <Peter van Dijk (PowerDNS)> any questions for Shumon?
[16:08:08] <vladimir.cunat> In practice I still see quite some servers failing to answer NS on empty non-terminals.  (Though usually I noticed SERVFAIL or other RCODEs, not timeouts.)
[16:08:10] <bortzmeyer> Warren Kumari:3rd became RFC 8020
[16:08:32] <bortzmeyer> vladimir.cunat:many load balancers timeout on NS queries (F5 for instance)
[16:08:35] <Warren Kumari> I was thinking of 4 (Upgrading NS RRset Credibility Upon Delegaton Events), but it seems to be included in this...
[16:08:38] <pusateri> Petr, we want to be able to query TIMEOUT RRs and don’t want any special rules for them.
[16:08:47] <vladimir.cunat> oh, F5 again :-/
[16:09:54] <Petr Spacek @ CZ.NIC> Tom, I did not mean to pick specifically on TIMEOUT - I just want to point out the repeating pattern, maybe there is a good more generic solution. (And maybe there is none.)
[16:10:12] <pusateri> Yes, that is worth considering.
[16:12:04] Benno Overeinder (NLnet Labs) leaves the room: Stream closed by us: Replaced by new connection (conflict)
[16:12:06] Benno Overeinder (NLnet Labs) joins the room
[16:14:05] moritz leaves the room: Stream reset by peer
[16:14:34] Marc (SIDN) leaves the room
[16:16:52] tim costello leaves the room
[16:17:15] <Peter van Dijk (PowerDNS)> any questions for Dmitry?
[16:20:52] <Peter van Dijk (PowerDNS)> any other questions on anything?
[16:21:30] <vladimir.cunat> rfc8624 says MUST NOT for signers and MAY for validation
[16:22:52] <bortzmeyer> Bye
[16:22:53] <Vittorio Bertola> Thank you!
[16:22:58] bortzmeyer leaves the room: Stream reset by peer
[16:23:02] hardie leaves the room
[16:23:08] Vittorio Bertola leaves the room
[16:23:08] dee3@hot-chilli.net leaves the room
[16:23:11] <Willem Toorop> Ciao
[16:23:12] Willem Toorop leaves the room
[16:23:15] Matt Pounsett leaves the room
[16:23:35] ericorth leaves the room
[16:23:35] Hugo Salgado leaves the room
[16:23:39] Stephen Morris leaves the room
[16:23:45] Shumon Huque leaves the room
[16:24:15] Brian Haberman leaves the room
[16:24:21] <Petr Spacek @ CZ.NIC> Bye everyone
[16:24:23] John Levine leaves the room
[16:24:23] Petr Spacek @ CZ.NIC leaves the room
[16:27:24] Mike Bishop leaves the room
[16:28:54] vladimir.cunat leaves the room
[16:32:29] rickwilhelm-Verisign@jabb3r.org leaves the room
[16:33:02] Yoshiro YONEYA leaves the room
[16:34:42] Paul Hoffman leaves the room
[16:36:46] <Benno Overeinder (NLnet Labs)> Thank you Peter for helping as DNSOP jabber scribe!
[16:44:06] Mike StJohns leaves the room
[16:44:16] <Peter van Dijk (PowerDNS)> @benno no problem!
[17:01:16] neednnelg@sure.im leaves the room
[17:01:18] evequefou joins the room
[17:59:41] msk joins the room
[18:00:02] msk leaves the room
[18:02:33] Dan York leaves the room
[18:17:30] tale leaves the room
[18:24:21] tale joins the room
[18:38:50] evequefou leaves the room
[19:42:09] dmcardle leaves the room
[20:50:18] Yoshiro YONEYA joins the room
[20:51:18] Yoshiro YONEYA leaves the room
[21:31:26] tale leaves the room
[21:32:26] Benno Overeinder (NLnet Labs) leaves the room
[21:43:13] msk leaves the room
[22:01:29] tale joins the room
[22:12:22] Warren Kumari leaves the room: Stream reset by peer
[22:14:17] Suzanne leaves the room
[22:26:11] tale leaves the room: Disconnected: closed
[22:46:18] tale joins the room