[Members] XMPP and DNSSEC

Simon Tennant simon at buddycloud.com
Sat Jan 18 11:58:01 UTC 2014


On 17 January 2014 22:32, Dave Cridland <dave at cridland.net> wrote:

> > I hardly think that volunteering to help write up specs and guides for
> implementation (voluntarily) is onerous enough to requires members
> referendums. If it really is, we should also ballot on whether the XSF will
> return the ISCO's very generous grant to work on DNSSEC.
>
> Well, first and foremost, the Internet Society has not given us a grant to
> work on DNSSEC. They have, very kindly, given us a gift based on our past
> work toward security. As Peter said in the last Board meeting:
>
> [16:58:54] stpeter: Simon: BTW, we can apply for another grant
> specifically about DNSSEC — the existing one was just to recognize us for
> being good people doing good work
>
> So while we can certainly figure out DNSSEC work to do, and should this
> work actually need some cash, we may be able to get it from ISOC, but ISOC
> is not expecting the money they've given us back - it's for the work we've
> already done in security. (And in fact, it's the XSF getting money for work
> the community has done under our leadership, really). So I don't think
> there's any worry we're about to lose two-thirds of our current cash
> reserves if we don't do something about DNSSEC. :-)
>
> Secondly, although the specification work here is mostly the domain of the
> IETF, I agree the XSF can and should be promoting writing implementation
> guides to a lot of XMPP technologies - we've a lot of blank pages on the
> Wiki specifically aimed at these, in fact - but nobody's filling them in.
> Asking the wider community is probably a good idea here - it's not clear
> the membership can, or should, be the place to get stuff like this written.
>
> Thirdly, we had this debate in Portland about Peter's Manifesto, Matt's
> registration thing, and so on, and I argued these things would be better
> done under the auspices of the XSF - and I lost that argument, and my
> take-home from that was that the vast majority of people felt the XSF
> should be aimed exclusively at developers. I don't see a vast difference
> between pushing operators to deploy DNSSEC and pushing operators to deploy
> TLS, and as such, I don't see how the XSF can take it on. If I'm wrong in
> this, I'd really appreciate knowing - I assumed that was the reason that
> during the Board meeting when you raised this, it was suggested you send it
> to standards@ or jdev@ rather than here.
>
> In fact, I thought you'd argued against me in Portland. If you've changed
> your mind, that's great, but I hate reopening debates without really
> compelling reason. I'm not sure this effort counts as new evidence, but if
> you feel you want to reopen it, go ahead - in the meantime, my
> understanding is that the XSF has to focus on developers only, despite my
> personal opinions.
>
> In the meantime, I would recommend that if you're looking for volunteers
> to push DNSSEC toward operators, you should address either jdev@ (to get
> the implementors involved) or operators@ (to get the deployment up). I'd
> have no argument *at all* with you doing so.
>
Thanks for the pointer - I'll also follow up on jdev on operators lists.

Could it talking about different things?

I want to understand the problems preventing wider DNSSEC deployment. Then
once there is a good understanding of "the missing puzzle pieces", help
interested parties work together (inside or outside the XSF) fill in the
missing pieces.

I don't care if this is inside the XSF or outside. With or without funding.
I do care if it's 2015 and we're no closer to a solution.

S.
-- 
Simon Tennant | buddycloud.com | +49 17 8545 0880 | office hours:
goo.gl/tQgxP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/members/attachments/20140118/3fa0fead/attachment.html>


More information about the Members mailing list