In message <4B545BEB-EA0E-4BA8-A45E-15AF12CDB1EC(_at_)piuha(_dot_)net>, Jari
Arkko writes:
I wanted to come back to the status of the discussions.
We have an ongoing discussion of the changes Marc made on the -02. My
read of the feedback is that the update has done the right things, but:
1) Paul Hoffman's clarifications & editorial changes seem useful, but I
would like to hear what others think. Marc, you should respond to those
as well.
2) Mark Andrews' suggestion of further requirements regarding reserved
bits was discussed, but should proceed separately.
3) Mark Andrews' suggestion of further requirements regarding EDNS0 has
not been discussed, but I would note that at this stage we should not add
major requirements without substantial community portion indicating that
this is needed. I'm not hearing it.
I suspect this is because the root servers actually correctly
implement EDNS. If a server was changed to a implementation that
failed to correctly implement EDNS that would change. There are a
number of drafts before dnsop at the moment that require EDNS to
be properly implement. I'm a co-author of one of them.
4) I've also received feedback from IESG members that the text about
moving 2870 to Historic in Section 1.1 could be problematic. While I'm
not sure that is necessarily the case, I think this draft merely replaces
2870, so I am not sure we need to say anything more. I have confirmed
with the IAB that it does not believe the part about moving 2870 to
Historic is necessary. Does anyone object to this change?
With regards to the earlier discussions in the last call in the summer,
Marc's message discussed some of the things where an agreement was
clearly found. I don't think I need to report further on that. However, I
wanted to highlight a few other items:
I believe there is rough consensus to publish an updated BCP (subject to
some detailed clarifications, still ongoing). There was some discussion
about whether it is appropriate for the IETF to do this, but my read of
the discussion is that the topic was explored and that a reasonable
division of work between the RSSAC and IETF exists, even with some
roughness of the opinions within the group. The IETF role in this case is
to provide high-level requirements for the service. Specifically for this
service, even if some broader statements have been made about all nodes
previously. But is not our role to enforce anything or deal with the
operational issues.
There was some discussion of the meaning of the requirements currently in
the document, and whether clarifying text was needed to specify whether
they apply to individual nodes or the service. Michael Richardsson (among
others) has supported the current text as it really is about the service.
This is another topic where there is some roughness in the group, but I
believe the initial question has been adequately answered and has at
least some support in the group.
A big problem last summer was that we did not yet have a document from
the RSSAC. With the stable RSSAC document now available, it is possible
to proceed.
From my read of the commentary, the following items may deserve further
thought. Marc, can you deal with these?
* Joe Abley's comment about qualifying the requirement to answer queries
from any valid IP address with respect to operational events (such as
attacks). While I believe the operational issues are indeed in the RSSAC
scope, I think we should qualify our requirement to be subject to
operational issues.
* Klaas Wieranga's Secdir review made a suggestion about privacy related
to root queries, and how caching mitigates some of the concerns. Text
could be added about this, although it is of course somewhat obvious
state of affairs. I'll leave it to the editor's discretion what to do
here.
Jari
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka(_at_)isc(_dot_)org