meeting summary: 19 January 2005

James M Galvin galvin at elistx.com
Mon Jan 24 14:29:29 EST 2005 

DNSSEC Deployment Working Group
19 January 2005


PRESENT:
    Steve Crocker
    Jim Galvin

    Allison Mankin
    Amy Friedlander
    Bill Manning
    Cathy Murphy
    Ed Lewis
    Frederico Neves
    Jaap Akkerhuis
    Jakob Schlyter
    Johan Ihren
    Matt Larson
    Mike St. Johns
    Olaf Kolkman
    Olafur Gudmundsson
    Peter Kock
    Ralph Droms
    Rob Austein
    Rodney Joffe
    Russ Mundy
    Sam Weiler
    Scott Rose
    Steven Cheung
    Suresh Krishnaswamy
    Suzanne Woolf
    Wes <??> - sorry, don't know last name; anybody?


REGRETS:
    Geoff Sisson
    Paul Vixie
    Doug Barton


SUMMARY

  -- Kyoto Program Committee Update

There will not be a separate meeting of the committee this week.  There
will be more to say next week.


  -- DNSSEC Deployment Roadmap

     As previously announced, the discussion this week will be an
     opportunity to "brainstorm" about the DNSSEC software plan.

Regarding Jaap Akkerhuis' mailing list message describing registry and
registrar systems, there is very little commonality in the systems.
Although software heterogeneity is a good thing, this complicates the
deployment of DNSSEC since it means that everyone has their own
development cycle to progress.

More generally, the issue of heterogeneity complicates deployment.  In
addition to software issues there are operational issues.  There is a
large variation in operational processes.

We need to focus on conceptual processes and software toolkits.  Even
so, we can not expect to cover everything.

There was some discussion of what kind of connection we expect to have
with those who adopt DNSSEC but there was no consensus.  We know that
operations are affected by DNSSEC but we do not know all the
requirements.

Rather than get delayed by making sure we have all the details exactly
right, we have a pretty "cut" at what it is needed so we will move
forward with that.


We need to construct or work what we have into a roadmap for software
with something specific for registrars (which includes both the
registrar-registry and registrar-registrant relationship) in order to
deploy DNSSEC.

We should continue this discussion in subsequent teleconferences,
perhaps focusing on the registrar question next time.


The meeting closed with two more suggestions for how to proceed:

1. We should consider a broad survey of those who would deploy DNSSEC to
   make sure we have included everything essential.

2. There are indications in Suresh's document of work to be done.  We
   need to pick up those pieces and complete them.

More information about the Dnssec-deployment mailing list