Skip to main content

RSSAC Meeting, Vienna

RSSAC meeting 16
Wien / Vienna


Liman Ray Plazk
Havard Fernado
Andrei Kenjura
Murai Nevil
kato Rip Loomis
Yuji Randy Runkles
Brian Rob Payne
Matt Paul Towmey
Rob A. John Crain
Jao Daniel K.
Paul V S. Woolf
Cathy H Steve Crocker


  1. report of reports
  2. rio & montreal
  3. new ICANN ceo & other
  4. secsac
  5. Tech/Ops summary
  6. anycast
  7. ipv6
  8. security relations
  9. other/local/idn/response size
  10. Measurement
  11. reports
  12. future
  13. Admin issues
  14. Liaison from ICANN
  15. Chair person choice
  16. Presentation at ICANN mtgs
  17. Other organization activities
  18. Time conflicts?


Rio/Montreal Liman & Suzanne

Rio - we gave a report to GAC. GAC wants a liaison w/ RSSAC

Elected Thos DaHarrdt. On the mailing list. Presentation is available. Liman presented the RSSAC notes to the open mtg.

Montreal - no rssac mtg btwn ICANN. update on anycast, ipv6, response size. hallway questions

Paul T. - New ICANN ceo

Paul Twomey - non tech. my view of ICANN / RSSAC relationship

3 parts: - Operator of "L", Partner - manage in terms of "silos",

Grounding the Symbolic value of roots.

ICANN restructures - better information exchange/liaison with other

groups (GAC, etc.)

Steve C. - secsac: focus on the DNS & Addressing - we have no power per se.

Status of DNSSEC - what will it take to roll out? Key Mgmt.

anycast - what is it and how does it affect security?

What are the major security threats to the Internet?

IPv6 deployment - what are the concerns?

one more thing... TLD delegation issues.

Cathy H - DoC concerned w/ level of safety, redundancy, robustness of the system.

Steve would like a strong suite of presentations on why 13 and the impact of TLD server selection. Impact of one server being out is... He will share what files/presentations he has


anycast - PV summaries of the roots cost benefit trade off drives anycast as a way to minimize DDOS impact.

Oct 21 - 900 Mbps attack volume / 12 servers

raising the bar on the amount of traffic necessary

IPv6 - AK summaries of roots. issue is how to publish addresses in the hints file? First offical request submitted today. Some TLDs are also requesting AAAA support for their delegations. Kato/Paul draft out, ICANN has internal draft. about 15 TLDs will have truncation issues when adding v6 support.

DNSOP suggestions - prefer glue of the same type as the query. will address many of the concerns.

IPv6 transport nearly always has EDNS0 capability.

We don't have a problem w/ v6 glue. - need a recommendation.

Security- New TSIG key, Report on existence of testbed for evaluation

.local - killed by IETF? If so, we will draft a recommendation for .local & .workgroup to ICANN

IDN - high order bits as an indication in queries. this may be problematic for the roots. JPNIC/WIDE should have a report on this in the next 90 days.


RIPE: Daniels slides from RIPE

CAIDA: nevil reports - skitter still works, anycast impact makes

this OBE. Now working on IPv6 - skamper.

Brad Huffaker is at WIDE. No new slides. 4 probes.

WIDE: K.Cho -

Admin Issue:

Liaison w/ ICANN. Who is the right person from ICANN?

Chair: We need to define the election process for selection of a new chair.

Presentation @ ICANN mtgs? --

Relationships with others: How to do it? SECSAC is a good example of committee empowered to speak on its own.

Time conflicts: this is a good time, next mtg on Sun.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."