Stéphane BortzmeyerMar 22, 2024

Last working group meeting of #IIETF119, the second meetng of dnsop (all things #DNS )

https://datatracker.ietf.org/meeting/119/materials/agenda-119-dnsop-02

agenda-119-dnsop-02.md

Show threadStéphane BortzmeyerMar 22, 2024

Discussion post-BoF about the DELEG (or DD) project, "the most significant change in the #DNS since DNSSEC"

#braceYourself #IETF119

Show threadStéphane BortzmeyerMar 22, 2024

Possible change in the process for crypto recommendations (the current one is too slow).
The proposal will require more RFCs, but smaller.
(PQ algorithms are ready to pounce.)

#IETF119 #DNS

Show threadStéphane BortzmeyerMar 22, 2024

Not all #DNS data were created equal. A project for a new ranking of DNS data credibility.Top: DNSSEC-signed data. Bottom: glue.

#IETF119

Show threadStéphane BortzmeyerMar 22, 2024

Analysis of existing CDS/CDNSKEY records in the wild. They are sometimes broken, sometimes in funny ways (authortative name servers not returning the samed CDS...)

Why would a domain in .com publish a CDS (.com does not handle CDS) and a broken one (does not match the keys)?

#DNS #DNSSEC #IETF119

Show threadStéphane Bortzmeyer

Also, proposal to make #DNSSEC configuration easier. The difficulty is how to do it easier for the good guys without makeing it also easier for an attacker.

#IETF119

Mar 22, 2024 at 6:23amWeb