Markdown Version | Session Recording

Session Date/Time: 30 Mar 2023 07:30

add

Summary

The add working group session covered updates on existing drafts and a discussion regarding the adoption of the extended HAWK draft. Key topics included split horizon configuration, DNS info attributes, and the security implications of redirection in extended HAWK, especially concerning the change of authentication origin. A non-binding poll indicated support for adopting the extended HAWK draft as a working group document.

Key Discussion Points

• Split Horizon Configuration Draft: Addressed feedback from Paul regarding authorized claims by introducing new attributes like resolved name, parent name, and subdomains. Discussion on whether claim structure should be represented as JSON provisioning domains or a compact binary format for DHCP. Need for test vectors and examples.
• DNS Info Draft: Discussed comments on making QName and URL info optional at retrieval, updating the URL info, and clarifying the purpose of the URL info attribute. Addressed a question regarding implementation experience.
• Extended HAWK Draft:
  • Reusing SDNS was noted as problematic, potentially forcing resolvers to store DoT configuration and RRs in the same zone.
  • Discussion on self-free redirection.
  • Debate about redirecting to other names and the security implications, especially concerning the compromised key.
  • Various approaches for securing redirections, including certificate chaining and alternative architectures like backhauling the handshake.
  • Concerns about the authentication origin changing with redirection and the potential risks.
  • Discussion of federated deployments where redirection source and destination have no hierarchical relationship.
  • Federated deployments use cases.

Decisions and Action Items

• The chairs will issue a new working group call for the split horizon document and send it to the DCW group for review.
• The group will consider adding test vectors to the Split Horizon Configuration Draft
• The extended HAWK draft will be considered for adoption as a working group draft.
• The extended HAWK authors will include text to address the concerns raised.

Next Steps

• Working group chairs will evaluate comments received during the session and proceed with decisions to progress the drafts to the next stage.
• Ben Schwartz will provide diagrams illustrating proposed changes to the Extended HAWK draft.
• Authors of Extended HAWK draft will address concerns on the mailing list and incorporate feedback from discussions.