Deploy360 at IETF 100, Day 4: Woohoo for DOH! Thumbnail
Deploy360 15 November 2017

Deploy360 at IETF 100, Day 4: Woohoo for DOH!

By Kevin MeynellFormer Senior Manager, Technical and Operational Engagement

This week is IETF 100 in Singapore, and we’re bringing you daily blog posts highlighting some of the topics that Deploy360 is interested in. Thursday is another busy day, with the second sessions of the V6OPS and DNSOPS Working Groups, along with the first meeting of the DOH Working Group and other encryption-related activities.

V6OPS continues at 09.30 SGT/UTC+8 from where it left off. On the agenda are drafts relating to 464XLAT Deployment Guidelines for Operator Networks, transition requirements for IPv6 customer edge routers, and IPv6 prefix delegation for hosts. There’s other drafts on DHCPv6 Prefix Delegation and Neighbour Discovery on a cellular connected IoT router, and on using a /64 from a customer prefix for numbering an IPv6 point-to-point link. Finally, there’s an initiative to clarify about what functionalities should determine whether a network is ‘IPv6-only’.

Running at the same time is TLS, which will be primarily focusing on the two big issues of TLS 1.3 and DTLS 1.3. However, it will also be discussing drafts on connection ID, exported authenticators, protecting against denial of service attacks, and application layer TLS.


NOTE: If you are unable to attend IETF 100 in person, there are multiple ways to participate remotely.


After lunch sees the debut of DOH at 13.30 SGT/UTC+8. This is working to standardise encodings for DNS queries and responses that are suitable for use in HTTPS, thereby enabling the DNS to function where existing DNS methods (UDP, TLS and DTLS) have problems. There’s just the one draft so far, although there will also be a discussion on the planned next steps.

Alternatively, you can check out 6LO. There are four drafts relating to IPv6 Neighbour Discovery on node networks with limited power, memory and processing resources, and there will also be a discussion on the 6LO applicability and use cases. Last but not least, is a draft relating to the transmission of IPv6 packets over Wireless Body Area Networks.

Following the afternoon break, ACME is meeting at 15.50 SGT/UTC+8 to finalise the ACME specification. This has been submitted to the IESG for publication, and will focus on the feedback received to-date. Other drafts being discussed relate to automatic certificate management for telephony and email , along with Short-Term Automatically-Renewed (STAR) Certificates.

Running in parallel is DNSOP that will also continue from where it left off on Monday. Much of this session is likely to focus on new business, including returning additional answers in DNS responses, a mechanism allowing an end user to determine the trusted key state of resolvers handling DNSSEC queries, an update to the TSIG specification to address a known bug, and a proposal for a .internal TLD to use the DNS for non-global names.

For more background, please read the Rough Guide to IETF 100 from Olaf, Dan, Andrei, Steve, Karen and myself.

Relevant Working Groups

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...