Markdown Version | Session Recording

Session Date/Time: 08 Nov 2022 13:00

add

Summary

The add working group session at IETF 115 covered several drafts, including updates to the Split Horizon DNS configuration draft, discussion of a draft for discovering presolver information, and a proposal for redirecting encrypted DNS servers. The session also included a discussion about a draft addressing security issues related to evil twin attacks in Wi-Fi networks. Working group adoption was discussed for the "discovering presolver information" draft, and the server redirection draft generated significant interest and discussion.

Key Discussion Points

• Split Horizon DNS Configuration Draft: Updates were presented addressing comments on using DDR for local DNS authority and clarifying the scope section, particularly regarding specialization domain names (scdns).
• Discovering Presolver Information Draft: Changes were presented to move away from JSON encoding to a key-value syntax similar to DNS-SD. A poll indicated mixed sentiment on working group adoption, and further discussion on the mailing list was planned.
• Server Redirection Draft: The proposal focuses on allowing servers to redirect clients to one another for load balancing or compliance purposes, reusing the DDR mechanism. The discussion focused on security concerns (e.g., transient attacks, redirection to untrusted resolvers), potential policy implications related to privacy, and the interaction with existing HTTP redirect mechanisms. Several alternative approaches were suggested, including querying the currently used resolver for a better endpoint.
• Evil Twin Detection Draft: The draft proposes using network advertised encrypted DNS servers to identify evil twin attacks in Wi-Fi networks. Discussion centered on the complexity of the solution, its applicability to different network types (e.g., enterprise vs. home/coffee shop networks), and alternative approaches at lower network layers (802.11). Ben Schwartz suggested focusing on eptls and linking the SSID to the network association.

Decisions and Action Items

• Discovering Presolver Information Draft: Decision to bring up the draft again on the mailing list to get a clearer indication of support for working group adoption.
• Server Redirection Draft: Action item for authors (Tommy Jensen and John Todd) to further refine the draft considering feedback from the session, particularly regarding security concerns, alternative bootstrapping approaches, and policy considerations. A virtual coffee between the authors and Ben was suggested.

Next Steps

• Authors to address concerns raised during the meeting and update the drafts.
• Continue discussions on the mailing list, especially regarding working group adoption for the "Discovering Presolver Information Draft" and design decisions for the "Server Redirection Draft".