Markdown Version | Session Recording

Session Date/Time: 12 Feb 2025 15:00

CORE

Summary

The CORE Working Group held an interim meeting to discuss the "DNS over CoAP" (DoC) draft. The discussion focused on recent updates to the draft and a detailed review by Carsten Bormann. Key points included restricting the scope of the current DoC specification to only DNS queries (OpCode Zero), refining terminology related to "valid DNS responses" and "unprotected" communications, and clarifying CoAP-to-HTTP mapping recommendations. The authors committed to a rapid revision, after which the document is expected to proceed to Working Group Last Call. Updates on other CORE documents, OSCORE Group, GroupCOMM, and HREF, were also provided.

Key Discussion Points

• DNS over CoAP (DoC) Draft Updates:

  • The latest version of the DoC draft (draft-ietf-core-dns-over-coap-11) incorporated updates based on core-c PR merge and security considerations from Esco's review.
  • Security considerations were amended to highlight that upstream DNS communication may still be unprotected and that DoC servers might need to trust DNSSEC responses due to client resource constraints.
  • A reference to DNS update was added, though its necessity was questioned during review.

• Scope Restriction to DNS Queries (OpCode Zero):

  • A significant discussion point was whether to restrict the initial DoC specification to only handle DNS queries (OpCode Zero).
  • It was noted that other DNS OpCodes, such as DNS Update (OpCode Five), might require different CoAP methods (e.g., POST instead of FETCH) and specific security mappings not fully explored or tested in the current draft.
  • It was suggested that if an OpCode is not implemented or tested, the document should not imply full support. Future specifications could address other OpCodes.
  • This restriction would lead to the removal of section 4.3.3 specific to DNS update, with a generalized statement for all unsupported OpCodes.

• Clarification of Terminology:

  • The term "valid DNS response" in section 4.3.1 was questioned due to its potential ambiguity and lack of a clear definition within the DNS context, distinct from its use in DNSSEC. A more precise phrasing was requested.
  • The use of "unencrypted" in section 6 was challenged in favor of "unprotected" to encompass broader security concerns like integrity and authenticity, especially when discussing CoAP without DTLS or OSCORE.

• CoAP-to-HTTP Mapping (Section 5.3):

  • The current wording regarding direct CoAP-to-HTTP mapping being "not recommended" was deemed unclear. It was suggested to explicitly state that such mapping might not leverage CoAP's unique features, like Max-Age/TTL processing, effectively.

• Not Implemented Example:

  • The inclusion of an example showing a "not implemented" response for an unsupported OpCode (e.g., DNS update) was suggested, clarifying whether such a response should be a 4.xx (Bad Request) or a 2.05 with a specific DNS response code.

Decisions and Action Items

• Decision: The DoC draft (draft-ietf-core-dns-over-coap) will be restricted to explicitly support only DNS queries (OpCode Zero) for the current version. Other OpCodes may be addressed in future specifications.
• Action Item: Martina to revise the DoC draft to version 12 to incorporate the discussed changes, including the OpCode restriction, refined terminology, and updated explanations. The aim is to complete this revision within the next few days.
• Action Item: Upon release of draft-ietf-core-dns-over-coap-12, the Working Group Chairs will initiate a two-week Working Group Last Call (WGLC) for the document.
• Action Item: The WGLC announcement will be forwarded to the DNSOP and DPRIVE Working Groups, with the CORE WG list in CC, to solicit broad review.
• Action Item: A shepherd is needed for the draft-ietf-core-dns-over-coap document. Volunteers are encouraged.

Next Steps

• The revised draft-ietf-core-dns-over-coap-12 will be published shortly.
• A Working Group Last Call will be initiated for draft-ietf-core-dns-over-coap, running in parallel with the WGLC for DSPN.
• The Working Group is encouraged to review draft-ietf-core-href which is currently in WGLC until next Monday.
• Work continues on other CORE documents:
  • OSCORE Group: A recent submission has been made, and Christian (shepherd) will finalize the write-up.
  • GroupCOMM: The authors are addressing open comments from Ken, and Carsten (shepherd) is working on the shepherd write-up. The aim is to send out GroupCOMM and OSCORE Group in parallel.