.@ Tony Finch – blog

IETF 113 in Vienna is now nearly finished. In between meetings I found some time to look around the Uhrenmuseum and catch up with old friends.

As I mentioned in my previous post I have not been keeping up with IETF activity in the last year or two, so a lot of what I have been doing this week is getting an overview of current activity in the working groups that are most relevant to me. Here I am going to note a few things that caught my attention.


Wednesday morning was the measurement and analysis for protocols research group meeting, with several DNS-related presentations which provoked some interesting discussions.

I liked the performance measurements of DNS over different transport protocols, mainly because it was unsurprising: it is reassuring when measurements confirm predictions. They only measured the latency for the first query on a connection, so it will be interesting to see some follow-up work on multi-query connections.


The DNS privacy working group meeting was moved from Friday to a joint session with add on Thursday.

The current topic is (still) the difficult question of how to encrypt DNS traffic between recursive resolvers and authoritative servers. I think I am less grumpy about the working group’s problems with authenticated encryption than I used to be, but it is still frustrating.


The adaptive DNS discovery working group aims to give devices more information about a network’s DNS resolvers, such as support for encrypted transports.

There was a presentation about “split horizon DNS configuration” which seemed problematic to me in a number of ways. I am not sure I understood the mechanism properly - it’s to do with putting information about private domains in the public DNS - so I need to read the draft and make some thoughtful questions and comments.


On the mailing list, the brokenness of SHA-1 raised its ugly head again. I posted a message to remind everyone of what the SHA-1 break means for DNSSEC and that they should not be complacent about it.


I had a chat with my friend Reese about the TCP maintenance and minor extensions meeting. Reese works on TCP performance for Netflix, so the presentations about congestion control tweaks were particularly relevant to them. But the most entertaining talk was on tcpls, which is basically “what if QUIC, but TCP?” to which most people here answer, “why?!?!”


My discussion about data structures with folks from NLnet Labs continued over email. Jeroen Koekkoek gave me an idea for reducing locking and copy-on-write problems by getting rid of prev/next pointers in DNS record objects.


Now it is Friday afternoon, the meeting is over, and soon it will be time to leave for the journey home. It has been really nice to see people in person again, and get to know some of my new colleagues better.

And it isn’t long until the next trip, which will be UKNOF in Manchester next month.