Presentation is loading. Please wait.

Presentation is loading. Please wait.

IETF DNSOP WG Update – and some DPRIVE

Published byAnabel Garrison Modified over 6 years ago

Similar presentations

Presentation on theme: "IETF DNSOP WG Update – and some DPRIVE"— Presentation transcript:

1 IETF DNSOP WG Update – and some DPRIVE
Suzanne Woolf Tim Wicinski Benno Overeinder

2 IETF DNSOP Update on … (1)
Submitted to IESG for publication draft-ietf-dnsop-attrleaf /draft-ietf-dnsop-attrleaf-fix draft-ietf-dnsop-dns-capture-format draft-ietf-dnsop-isp-ip6rdns draft-ietf-dnsop-kskroll-sentinel draft-ietf-dnsop-refuse-any draft-ietf-dnsop-session-signal draft-ietf-dnsop-terminology-bis … and happy OPS AD

3 IETF DNSOP Update on … (2)
IESG document process

4 … or Signposting for Operator Input

5 Provisioning and Multi Provider (1)
Aliasing/redirecting in DNS solution for website hosted by CDNs amongst others ( vs. example.com) ANAME and recently a minimal ANAME (Evan Hunt, Peter van Dijk, and Tony Finch are in the room) CNAME in apex draft and presentation by Ondřej Surý at OARC 29 (in the room; Petr Špaček started discussion in DNSOP) also discusses CNAME+DNAME and SRV

6 Provisioning and Multi Provider (2)
Multi provider DNSSEC models deploying DNSSEC in multiple DNS providers setup to distribute an authoritative DNS service (Shumon Huque, John Dickinson, and Jan Vcelak are in the room) Two main models described: (i) serve only and (ii) sign and server

7 Serving Stale Data to Improve DNS Resiliency
draft-tale-dnsop-serve-stale, authors Dave Lawrence and Warren Kumari (both in the room) and Puneet Sood use stale DNS data to avoid outages when authoritative nameservers cannot be reached to refresh expired data IPR statements by Akamai and Google Implementations exist: Akamai, Knot Resolver, OpenDNS, and Unbound Measurements of serving stale data Giovane Moura, When Dike Breaks

8 WG Last Call: Algorithm Update
Algorithm Implementation Requirements and Usage Guidance for DNSSEC, draft-ietf-dnsop-algorithm-update (Ondřej Surý and Paul Wouters) specify a set of algorithm implementation requirements and usage guidelines to ensure that there is at least one algorithm that all implementations support

9 The Back of the Camel and Code Complexity –a personal perspective–
(New) IETF DNS standards add complexity “We do have the sense that the discussion in London really resonated with people, and a couple of the ideas out if it seem to be continuing as part of the discussion in DNSOP — that we should think about complexity in the protocol, and pay attention to who’s implementing things and why. We know that over the long term, wrestling with these issues is part of how we keep a successful protocol evolving in a useful way.” DNS software implementors Work arounds for broken software DNS flag day

10 DPRIVE Recharter Develop requirements for adding confidentiality to DNS exchanges between recursive resolvers and authoritative servers (unpublished document). Investigate potential solutions for adding confidentiality to DNS exchanges involving authoritative servers (Experimental). Define, collect and publish performance data measuring effectiveness of DPRIVE-published technologies against pervasive monitoring attacks. Document Best Current Practices for operating DNS Privacy services.

11 Q&A

Download ppt "IETF DNSOP WG Update – and some DPRIVE"

Similar presentations

© 2006 NEC Corporation - Confidential age 1 November 2008 - 1 SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.

© 2006 NEC Corporation - Confidential age 1 November SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.
EDNS0 Client-Subnet for DNS based CDNs

EDNS0 Client-Subnet for DNS based CDNs
IETF-751 Olafur Gudmundsson Andrew Sullivan.

IETF-751 Olafur Gudmundsson Andrew Sullivan.
1IETF59 DNSOP WG IPv6 DNS Discovery Issues Jaehoon Paul Jeong ETRI 1st March 2004 59th IETF – Seoul,

1IETF59 DNSOP WG IPv6 DNS Discovery Issues Jaehoon Paul Jeong ETRI 1st March th IETF – Seoul,
SIP working group status Keith Drage, Dean Willis.

SIP working group status Keith Drage, Dean Willis.
MPTCP – Multipath TCP WG Meeting Toronto, IETF-90, 21 st July 2014 Philip Eardley Yoshifumi Nishida 1.

MPTCP – Multipath TCP WG Meeting Toronto, IETF-90, 21 st July 2014 Philip Eardley Yoshifumi Nishida 1.
© 1998 R. Gemmell IETF WG Presentation1 Robert Gemmell ROAMOPS Working Group.

© 1998 R. Gemmell IETF WG Presentation1 Robert Gemmell ROAMOPS Working Group.
DIME WG IETF 82 Dime WG Agenda & Status THURSDAY, November 17, 2011 Jouni Korhonen & Lionel Morand.

DIME WG IETF 82 Dime WG Agenda & Status THURSDAY, November 17, 2011 Jouni Korhonen & Lionel Morand.
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.

1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
MPTCP – MULTIPATH TCP Interim meeting #3 20 th October 2011 audio Yoshifumi Nishida Philip Eardley.

MPTCP – MULTIPATH TCP Interim meeting #3 20 th October 2011 audio Yoshifumi Nishida Philip Eardley.
IETF – ECRIT Emergency Context Resolution using Internet Technologies ESW 5 – Vienna October 2008 Marc Linsner.

IETF – ECRIT Emergency Context Resolution using Internet Technologies ESW 5 – Vienna October 2008 Marc Linsner.
XCON WG IETF-73 Meeting Instant Messaging Sessions with a Centralized Conferencing (XCON) System draft-boulton-xcon-session-chat-02 Authors: Chris Boulton.

XCON WG IETF-73 Meeting Instant Messaging Sessions with a Centralized Conferencing (XCON) System draft-boulton-xcon-session-chat-02 Authors: Chris Boulton.
What makes for a quality RFC? An invited talk to the MPLS WG Adrian Farrel IETF-89 London, March 2014.

What makes for a quality RFC? An invited talk to the MPLS WG Adrian Farrel IETF-89 London, March 2014.
IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.

IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.
Working Group #4: Network Security Best Practices September 12, 2012 Presenter: Rod Rasmussen, Internet Identity WG #4 Co-Chair.

Working Group #4: Network Security Best Practices September 12, 2012 Presenter: Rod Rasmussen, Internet Identity WG #4 Co-Chair.
SHIM6 Protocol Drafts Overview Geoff Huston, Marcelo Bagnulo, Erik Nordmark.

SHIM6 Protocol Drafts Overview Geoff Huston, Marcelo Bagnulo, Erik Nordmark.
DNS Privacy Overview Allison Mankin & Shumon Huque, Verisign Labs DNS-OARC Fall Workshop October 3, 2015.

DNS Privacy Overview Allison Mankin & Shumon Huque, Verisign Labs DNS-OARC Fall Workshop October 3, 2015.
Forgery Resilience Phase #2 Ólafur Guðmundsson

Forgery Resilience Phase #2 Ólafur Guðmundsson
Guidance for Running Multiple IPv6 Prefixes (draft-liu-v6ops-running-multiple-prefixes-02) Bing Liu, Sheng Jiang (Speaker), Yang Bo IETF91

Guidance for Running Multiple IPv6 Prefixes (draft-liu-v6ops-running-multiple-prefixes-02) Bing Liu, Sheng Jiang (Speaker), Yang Bo IETF91
A study of caching behavior with respect to root server TTLs Matthew Thomas, Duane Wessels October 3 rd, 2015.

A study of caching behavior with respect to root server TTLs Matthew Thomas, Duane Wessels October 3 rd, 2015.

Similar presentations

Ads by Google