DELEG

Summary

The DELEG Working Group met at IETF 125 to discuss the progress of the base protocol specification and the associated requirements. The session focused on the transition to a new Area Director, the status of draft-ietf-deleg, and technical hurdles regarding delegations that do not include Name Server (NS) records. The chairs indicated that the base protocol draft is nearing Working Group Last Call (WGLC), pending resolution of specific operational considerations and code point allocations.

Key Discussion Points

Administrative Updates

Area Director Transition: Dwayne Wessels announced that Tommy Jensen is taking over as Area Director for the DELEG working group, succeeding Eric Vyncke.
Secretary Search: Tommy Jensen has stepped down as the WG secretary to fulfill his AD duties. The chairs are seeking a new volunteer for the secretary role.

Protocol Status: draft-ietf-deleg

Ralph Dolmans presented the Deleg Draft Slides for IETF125. Key technical updates include:

Terminology: Clarified "Delegation Point" (where delegation occurs) and "Delegated Zone" (the zone being delegated).
Structural Changes: The draft now includes a protocol overview, parameter definitions, and an operational section.
DNSSEC: Clarified that while the ADT flag is useful, a positive DELEG delegation can be proven without it if both parties are DELEG-aware.
Overwork Protection: Discussion occurred regarding whether to specify a hard limit (currently 3) for indirection hops in delegparam processing. Florian Obser and Paul Hoffman spoke against including a specific number, suggesting the protocol instead follow the general guidance in RFC 1034 to "not overwork."

"To NS or Not to NS"

A significant portion of the session was dedicated to whether DELEG should allow delegations without accompanying NS records.

Encrypted Transport: Ralph Dolmans noted that allowing DELEG-only delegations is necessary for future goals of mandated encrypted transport, where DO53 (unencrypted DNS) via NS records might be undesirable.
Operational Impact: The current draft follows RFC 1034 behavior, which results in an NXDOMAIN if a DELEG-unaware client queries a name below a DELEG-only delegation point. Ralph Dolmans cited research suggesting that a proper negative response is operationally superior to "delegations to nowhere" or timeouts.
Split-Horizon Comparison: The authors argue that this behavior is similar to existing split-horizon deployments. Paul Hoffman supported this framing as an "operational consideration," cautioning against "throwing shade" on existing split-horizon practices.
Requirements Alignment: Brian Dickson raised concerns via chat regarding how this aligns with specific requirements (H2 and S5) in draft-ietf-deleg-requirements.

DNS Update and ANY Queries

DNS Update (RFC 2136): Mark Andrews noted that removing NS records from the top of a zone has significant implications for DNS Update, which typically uses NS records to discover where to send updates. Peter van Dijk acknowledged this and suggested that the spec might need a paragraph stating that DELEG should be treated similarly to NS for update purposes. Paul Hoffman suggested this broader issue might also be relevant for DNSOP.
QTYPE=ANY: David Lawrence asked how a server should respond to an ANY query at a delegation point. Mark Andrews suggested that if an NS record is present, it should return a referral; otherwise, it should return the DELEG record.

Early Allocation of Code Points

The chairs and authors discussed the need for early allocation of several code points, including:

Two RR types (DELEG and delegparam).
An EDNS flag (DE).
DNSSEC key flags and Extended DNS Errors (EDE). Dwayne Wessels noted that the DELEG RR type allocation is complicated by the fact that it seeks a range for "parent-centric" types, a concept currently being developed in a separate DNSOP draft.

Decisions and Action Items

Note-taking: The session relied on Meetecho recordings and chat logs as no formal volunteer stepped forward during the meeting.
Terminology: The WG accepted the refined terminology of "Delegation Point" and "Delegated Zone" as presented by the authors.
Consensus on "No NS": The sense of the room was to continue with the current approach (allowing delegations without NS) while addressing the operational side effects in the draft.

Next Steps

Mailing List Discussion: Brian Dickson will open threads on the mailing list to specifically address how draft-ietf-deleg satisfies the requirements in draft-ietf-deleg-requirements.
DNS Update Analysis: Authors will perform a "deep dive" into the implications of DELEG on the DNS Update protocol and likely add a clarifying section to the draft.
Early Allocation: The chairs will initiate a formal call for consensus on the mailing list to request early allocation of code points once the draft is deemed sufficiently stable.
WGLC Preparation: Once the "NS or not to NS" and DNS Update issues are resolved, the chairs intend to move draft-ietf-deleg to Working Group Last Call.

Automatic IETF Minutes