Skip to main content
Resources

RSSAC Meeting, Vancouver, BC

23 rssac  - 06nov2005  - Vancouver ,  BC

Attendees:   (affiliation provided for new attendees)

Brett Carr  - RIPE NCC

Joao Damas

Brian Coppola

Mark Kosters

Andrei Robachevsky

George Michaleson

Russ Mundy

Geoff Huston

Bill Manning

Tim Lister  - DOD

Lars-Johan Liman

Rob Austein

Cathy Handley

Steve Conte

Cathy Murphy

Hiro Hotta     - JPRS

Akira Kato

Paul Vixie

Steve Crocker

Yuji Sekiya

Shinta Sato   - JPRS

Jun Murai

Fredrico Neves

-telephone

Daniel Karrenberg

Kim Claffy

Howard Kash

Minutes taken by Bill Manning, Russ Mundy, Tim Lister,  Steve Conte, and Brett Carr

Agenda:

0. members changes

1. DNSSEC status on root

2. SSAC report

3. anycast  status and updates

4. IPv6 glue statement  & status

5. Measurement, Simulatation  activities

6. ICANN status and report  including IANA status

7. RSSAC between today & next F2F meeting

8. Others

....

Member Changes:  "M" root has new operational help from JPRS.

            Shinto Shato - JPRS

            Hiro Hoto - JPRS

            IANA changes:  David Conrad - IANA GM.

DNSSEC status - Liman

generally moved out to 1q2006. waiting on demonstrated needs/requirements to be stated.  The following list is primarly based on software capability upgrades, not  configuration, testing , or production scheduling.

- A & J, helpful with more focused  pressure from the outside, 6 months lead time.  (clarification,  MarkK - whenever  there are  clear  plans for the IANA to produce a signed zone content)

- B aim at 1q2006  (all machines will be running BIND 9 by first quarter 06)

- C whenever it becomes important

- D Dec 05

- E Jan 06

- F now

- G when we take over  service  at  Columbus, will start  planning (revised to 1Q06)

- H Howard (phone) ready anytime - change nameserver software

- I  4q2005

- K now

- L  1q2006

- M end of this year

SSAC report Ð Steve Crocker

- Root Update Glitch

- DNSSEC Deployment

SSAC is active in working on the examination of some glitches that have taken place in the publishing of the root zone.

- Miscues in 11/04 and 08/05

  What was put into root zone was different than expected. Primary concern was what caused it and what other items could go wrong.  In Aug 2005 closely related effects still residual from first incident which resulted in a lame delegation.

- Uncertainties and partial explanations

- Vigorous IANA/Verisign interactions

- Full clarity is still to come

Crocker's View:

- Root zone has:

 - SOA, etc

 - Root server NS, A and AAAA records

 - TLD NS, A and AAAA records

- Root server ops, TLD ops speak for NS

- Who speaks for A and AAAA

- What happens when NS operator initiates changes

Suzanne's (et al) View:

- Solid model is fine, but humans will make errors

- Need good review process

Future?

- Use of EPP(?) to mechanize update

- Presumably that forces clarity

DNSSEC Deployment

Political Events

- David Conrad now IANA GM

- ICANN/VeriSign settlement agreement

 - Cessation of hostilities

 - Move distribution master to IANA

  - When? DoC approval?

- WSIS reaching a crescendo

Technical / Operational Progress

- SE is running DNSSEC

- ORG and COM/NET in test bed

- NSEC3 w/opt-in progressing

 - Solves privacy problem

 - Solves initial cost of opt'n for large zones

- Other

   RIPE NCC signing three /8s

Status of Root Servers?

A. When will you be ready to accept a signed root zone?

Discussion about the question of "readiness"... is it Bind9/NDS upgrade or is it fully ready and tested to host/answer signed root data.  Cathy asks a general  question: if IANA says they will be producing the signed content  by X date (say July 2006), how long will it take the root server operators to be ready?   Bill suggests that any plan include  coordination  with the root  operators in a testphase before any public announcement.

Milestones:

- Compatible software ready and in operation

- Ready to test with IANA when signed root is available

- Ready to serve after successful testing

Next step: engage IANA to determine when they'll be ready to start authoring a signed root

Anycast status...   Liman * Brian

            Not significant changes - slow deployment for J,I,K - F continues

            scheduled plan. A,D,E, and L remain unicast.

IPv6 glue statement ...  Bill

            the draft text is being refined. expect some impact in legacy caching servers

            hope to have a recommendation to RSSAC chair before end of calendar year. Some operators will need to upgrade DNS software.

Measurement ...  Kim

            testing for anycast

            Neville has new dns monitor up.

            Kenjura Cho is visiting CAIDA this week.

            Paul Vixie: Nominet sending DSC data to OARC

            Russ Mundy: Sparta/DETER testbed work in progress

            Andre Robacheski: RIPE anycast  test work  - here: http://www.ripe.net/ripe/meetings/ripe-51/presentations/pdf/ripe51-anycast_k-root.pdf

            Next CAIDA/WIDE measurement workshop:  17-18mar2006 @ ISI

ICANN status É Suzanne

            Sz...  we should be more active... all our work has been technical and

            fairly infrequent.  See gets the sense that the board would like more

            input from us. Work with the ICANN board takes lots of time.

            Rob Austein - As the IABÕs liaison to rssac ... we have the chance to read and comment on the recent

            ICANN / VSGN documents.  It is worth a read.

            http://www.icann.org/tlds/agreements/verisign/settlement-agreements.html

            Sz would like to have more input on what to say both in the board mtgs and

            again during the public meetings

            Jun asks who will be at Tunis... DFK will be.

RSSAC between today and next face to face meeting - Jun

            19mar2006 next mtg.

http://www.icann.org/committees/dns-root/

to be overlaid by:

http://www.rssac.org - please send comments to the list.

AOB...

         Liman will remain on the ICANN Nomcom for 2006

+++++++++++++++++++++++++++++++++++

++EOF++

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."