Colleagues, here's the draft agenda for RIPE71. Please note that this is subject to change, most likely in the running order. A definitive agenda will be circulated in a couple of weeks. I'll remind you all that the WG co-chair appointment process is under way. There's still time for volunteers to come forward. It would be nice to see more statements of support for those who have volunteered too. Hope to see you all in sunny Bucharest next month. # # $Id: agenda,v 1.6 2015/10/21 22:01:47 jim Exp $ # FIRST SESSION A. Usual Administrivia 5 mins Agenda bashing Minutes of previous meeting Review of Action Items B. NCC Report 15 mins Anand Buddhdev C. Measuring the impact of IPv6 resolver preference 20 mins Chris Baker, Dyn D. Impact of DNS over TCP - a resolver point of view 20 mins Joao Damas, Bondis The impact two very different aspects of the life of a recursive server were examined for this project: queries to authoritative servers as well as the queries from stub resolvers. Traffic from two different ISP's recursive resolvers was captured to analyse the potential impact on the servers of long lived TCP sessions, investigating the effect of timeout settings, the total number of simultaneous connections that would be kept open and the potential benefits of connection reuse as proposed in the current version of draft-ietf-dnsop-5966bis, with the intent of offering simulated operational advice, based on observed traffic. E. Integration testing of DNS Recursive servers 15 mins Ondřej Surý, CZ.NIC A generic testing framework was produced as a part of developing the Knot Resolver. This framework is written in python and can use UNIX domain sockets to bypass the underlying physical network. F. Discussion of latest SSAC recommendations 15 mins SSAC Stuckee SECOND SESSION G. Discovery method for a validating stub resolver 20 mins Xavier Gorjón, NLnetLabs This research project aims to develop a discovery method to ensure DNSSEC information can be delivered to the end host. It used RIPE ATLAS to study the current state of DNSSEC aware and DNSSEC validating resolvers, and define a course of action from that information. The project explored a novel method to discover the capabilities of the ISP's recursive resolver and bypass incompetent Customer-premises equipment (CPE) middle-boxes to target the often more capable ISP's resolver directly. H. DNSSEC for Legacy Applications 15 mins Willem Toorop, NLnetLabs Validating stub resolvers are hampered by middle boxes (typically CPE) that corrupt the path from the stub to the recursive resolver. Using the getdns library and the Linux/Unix name resolution framework, libnss_getdns provides (stub-level) DNSSEC validation for legacy applications. This module can work around broken middle boxes by double checking bogus answers. It also offers in-path signalling of DNSSEC failure for http, informing the end-user why validation failed and giving them control of deciding how to deal with that. I. Implementation challenges of geographic split-horizon DNS 20 mins Jan Včelák, CZ.NIC There are multiple ways to find a network service according to a client's geographic location. One possibility is to perform a split-horizon at the DNS level. The presentation will briefly inform about existing approaches, problems introduced by this mechanism, possible solutions of these problems, and experience we gained when implementing this feature into Knot DNS. J. Root Zone KSK rollover 30 mins Roy Arends, IANA K. WG Co-chair appointment 5 mins L. AOB