The agenda for next week's meeting has been updated. Here's the latest version. Please note that things are not finalised and there might be further tweaks to the agenda or running order. # # $Id: agenda,v 1.7 2015/11/11 14:08:51 jim Exp $ # FIRST SESSION A. Usual Administrivia 5 mins Agenda bashing Minutes of previous meeting Review of Action Items B. NCC Report 15 mins Anand Buddhdev C. Measuring the impact of IPv6 resolver preference 20 mins Chris Baker, Dyn D. Impact of DNS over TCP - a resolver point of view 15 mins Joao Damas, Bondis The impact two very different aspects of the life of a recursive server were examined for this project: queries to authoritative servers as well as the queries from stub resolvers. Traffic from two different ISP's recursive resolvers was captured to analyse the potential impact on the servers of long lived TCP sessions, investigating the effect of timeout settings, the total number of simultaneous connections that would be kept open and the potential benefits of connection reuse as proposed in the current version of draft-ietf-dnsop-5966bis, with the intent of offering simulated operational advice, based on observed traffic. E. Integration testing of DNS Recursive servers 15 mins Ondřej Surý, CZ.NIC A generic testing framework was produced as a part of developing the Knot Resolver. This framework is written in python and can use UNIX domain sockets to bypass the underlying physical network. F .nl Open DNS datasets and Statistics 10 mins Marco Davids, SIDN SIDN makes available aggregated datasets from .NL authoritative servers to the Internet/Research/DNS communities. It includes visualizations of the DNS-traffic for .nl, as well as statistics on domain registrations, DNS queries, DNSSEC usage, plus layer-3 and layer-4 information. The datasets (starting from May 2014) are updated on a daily basis. They are provided in JSON-format and can be found on https://stats.sidnlabs.nl. G. Discussion of latest SSAC recommendations 10 mins SSAC Stuckee SECOND SESSION H. Discovery method for a validating stub resolver 20 mins Xavier Gorjón, NLnetLabs This research project aims to develop a discovery method to ensure DNSSEC information can be delivered to the end host. It used RIPE ATLAS to study the current state of DNSSEC aware and DNSSEC validating resolvers, and define a course of action from that information. The project explored a novel method to discover the capabilities of the ISP's recursive resolver and bypass incompetent Customer-premises equipment (CPE) middle-boxes to target the often more capable ISP's resolver directly. I. DNSSEC for Legacy Applications 15 mins Willem Toorop, NLnetLabs Validating stub resolvers are hampered by middle boxes (typically CPE) that corrupt the path from the stub to the recursive resolver. Using the getdns library and the Linux/Unix name resolution framework, libnss_getdns provides (stub-level) DNSSEC validation for legacy applications. This module can work around broken middle boxes by double checking bogus answers. It also offers in-path signalling of DNSSEC failure for http, informing the end-user why validation failed and giving them control of deciding how to deal with that. J. Implementation challenges of geographic split-horizon DNS 20 mins Jan Včelák, CZ.NIC There are multiple ways to find a network service according to a client's geographic location. One possibility is to perform a split-horizon at the DNS level. The presentation will briefly inform about existing approaches, problems introduced by this mechanism, possible solutions of these problems, and experience we gained when implementing this feature into Knot DNS. K. Root Zone KSK rollover 30 mins Roy Arends, IANA L. WG Co-chair appointment 5 mins M. AOB