Colleagues, here's the draft agenda for RIPE71. Please note that this is
subject to change, most likely in the running order. A definitive agenda will
be circulated in a couple of weeks.
I'll remind you all that the WG co-chair appointment process is under way.
There's still time for volunteers to come forward. It would be nice to see more
statements of support for those who have volunteered too.
Hope to see you all in sunny Bucharest next month.
#
# $Id: agenda,v 1.6 2015/10/21 22:01:47 jim Exp $
#
FIRST SESSION
A. Usual Administrivia 5 mins
Agenda bashing
Minutes of previous meeting
Review of Action Items
B. NCC Report 15 mins
Anand Buddhdev
C. Measuring the impact of IPv6 resolver preference 20 mins
Chris Baker, Dyn
D. Impact of DNS over TCP - a resolver point of view20 mins
Joao Damas, Bondis
The impact two very different aspects of the life of a recursive
server were examined for this project: queries to authoritative
servers as well as the queries from stub resolvers. Traffic from two
different ISP's recursive resolvers was captured to analyse the
potential impact on the servers of long lived TCP sessions,
investigating the effect of timeout settings, the total number of
simultaneous connections that would be kept open and the potential
benefits of connection reuse as proposed in the current version of
draft-ietf-dnsop-5966bis, with the intent of offering simulated
operational advice, based on observed traffic.
E. Integration testing of DNS Recursive servers 15 mins
Ondřej Surý, CZ.NIC
A generic testing framework was produced as a part of developing the
Knot Resolver. This framework is written in python and can use UNIX
domain sockets to bypass the underlying physical network.
F. Discussion of latest SSAC recommendations15 mins
SSAC Stuckee
SECOND SESSION
G. Discovery method for a validating stub resolver 20 mins
Xavier Gorjón, NLnetLabs
This research project aims to develop a discovery method to ensure
DNSSEC information can be delivered to the end host. It used RIPE
ATLAS to study the current state of DNSSEC aware and DNSSEC validating
resolvers, and define a course of action from that information. The
project explored a novel method to discover the capabilities of the
ISP's recursive resolver and bypass incompetent Customer-premises
equipment (CPE) middle-boxes to target the often more capable ISP's
resolver directly.
H. DNSSEC for Legacy Applications 15 mins
Willem Toorop, NLnetLabs
Validating stub resolvers are hampered by middle boxes (typically CPE)
that corrupt the path from the stub to the recursive resolver. Using
the getdns library and the Linux/Unix name resolution framework,
libnss_getdns provides (stub-level) DNSSEC validation for legacy
applications. This module can work around broken middle boxes by
double checking bogus answers. It also offers in-path signalling of
DNSSEC failure for http, informing the end-user why validation failed
and giving them control of deciding how to deal with that.
I. Implementation challenges of geographic split-horizon DNS20 mins
Jan Včelák, CZ.NIC
There are multiple ways to find a network service according to a
client's geographic location. One possibility is to perform a
split-horizon at the DNS level. The presentation will briefly inform
about existing approaches, problems introduced by this mechanism,
possible solutions of these problems, and experience we gained when
implementing this feature into Knot DNS.
J. Root Zone KSK rollover 30 mins
Roy Arends, IANA
K. WG Co-chair appointment 5 mins
L. AOB
