[DNSSEC-Transparency] Meeting on IRC during IETF95?

Paul Wouters <paul at nohats.ca> wrote Mon, 4 Apr 2016 16:58:46 -0400 (EDT): | > Would anybody be interested in a 1h chat meeting regarding DNSSEC | > Transparency? | | I'm not sure how well that would work... OK, we'll see. If this fails miserably, I'll try to schedule something like this later. | > - Is the suggested format for a submitted DS RR with chain thought | > through or is it more of a straight translation from CT? | | I think it is still a good idea. especially now that both bind and | unbound/getdns have implemented edns-query-chain! Your comment in another thread about some implementation randomizing RR order made me think you were against the current format. Do you think it's sane to require the first record to be the DS RR, the second to be its RRSIG and after that the chain? According to the draft, the chain has to be ordered too. From an implementation point of view, that requirement is not important to me but it also doesn't hurt. | > - Who's interested in running a frontend system? We're getting closer to | > having some code to run and I'm curious if you're going to prefer some | > specific OS or distro, or if you perhaps fancy Docker more. | | I'm more of a kvm VM kinda guy - so if I would host it, that's what I | would use. You'd run an OS in that VM, which is what I'm interested in. | > - A rough road map would be useful. | | I'm busy with Opportunistic IPsec stuff, so while I can participate on | the list and read through and comment on specs and code, I don't have | much time to wrote a lot of code. Guess that means that the position for writing a DNSSEC Trans client is up for grabs. Who's going to be the lucky one? :)