Archives

11:00 < theo_RIPENCC> Hi everyone, I'm Theo from the RIPE NCC.
11:01 < theo_RIPENCC> We are trialling an online Q&A session with the speakers in today's Plenary session - go to slido.com and event code s075 #RIPE78. You can upvote the questions you would most like to get answered. When there are no more questions and still time, we will open the mics again for questions from the floor. This is part of an initiative to make interaction more inclusive (many people are not comfortable speaking in front of a big crowd, but
11:01 < theo_RIPENCC> may still have a great question!)
11:02 < theo_RIPENCC> If you want to ask a question please state your name/affiliation. Keep in mind that there is up to a 45 second delay for remote participants, so it's better to get your questions in before the question period begins.
11:02 < theo_RIPENCC>
11:02 < theo_RIPENCC> Please note that all chat transcripts will be archived and made available to the public on https://ripe78.ripe.net/
11:03 * prt-8676 considers Slido for the SWG.
11:03 < theo_RIPENCC> Matthias Wichtlhuber has begun the presentation "Next Gen Blackholing to Counter DDoS"
11:04 < brian-1213> The slido.com code is S075
11:04 < brian-1213> In case anyone missed it.
11:05 < cynthia> theo put it in here :)
11:05 < theo_RIPENCC> thanks Brian
11:05 < brian-1213> Oh, sorry Theo, I didn't scroll back far enough! But also, new people joining. :)
11:06 < cynthia> oh right, IRC doesn't have backlog, my bad
11:06 < rsc> It's IMHO sad to see that slido.com replaces a fully Open Source solution like IRC for the Q&A section.
11:09 < ripe_917> would be nice to see the slides in the stream as well
11:09 < ripe_917> thanks
11:10 < theo_RIPENCC> I will check with the ripe ncc team
11:10 < brian-1213> The slides are also all available for download at https://ripe78.ripe.net/programme/meeting-plan/plenary/ but hopefully they can intersperse them in the stream.
11:11 < brian-1213> Or the angle they have now. :)
11:15 < brian-1213> I'll say this in the room as well, but if you have any questions and you put them into Slido, please also leave your name and any attribution you feel comfortable with.
11:15 < brian-1213> Thanks.
11:29 < theo_RIPENCC> If you have a question/comment for the presenter that is not in https://www.sli.do, and you want me to read it out, please state your name/affiliation and I'll go to the mic if there is time.
11:29 < theo_RIPENCC> the code for sli.do is s075.
11:34 < theo_RIPENCC> The presentation has ended.
11:34 < theo_RIPENCC> Mattijs Jonker has begun the presentation "A First Joint Look at DoS Attacks and BGP Blackholing in the Wild".
11:39 < ripe_917> slides please
11:39 < ripe_917> thanks
11:52 < theo_RIPENCC> For the people that joined now, please use sli.do for questions, stating your name/affiliation. sli.do code: s075
11:56 < mschepers> .
12:03 < theo_RIPENCC> The presentation has ended.
12:05 < theo_RIPENCC> Koen van Hove has begun the presentation "Solving DDoS Attacks"
12:21 < ripe_466> hi
12:25 < theo_RIPENCC> The presenter has asked for questions.
12:27 < theo_RIPENCC> The presentation has ended.
12:27 < theo_RIPENCC> …and this session has now ended.
11:03 < Ulka_RIPENCC> Hi everyone, I'm Ulka from the RIPE NCC. If you have questions/comments for the presenter and want me to read it out, please state your name/affiliation and I'll go to the mic when questions are called for.
11:03 < Ulka_RIPENCC> Please note that all chat transcripts will be archived and made available to the public on https://ripe78.ripe.net/
11:13 < Ulka_RIPENCC> There is a delay of up to 45 seconds for remote participants, so it's better to get your questions in before the question period begins.
11:17 < ripe_917> RFC7706 ++ :)
11:19 < Ulka_RIPENCC> David has asked for questions.
11:21 < ripe_917> Do root server operators hope that RFC7706(bis) reduces the load on them? (Nick, independent)
11:21 < Ulka_RIPENCC> Thanks I'll get in the queue
11:24 < dualkei> https://www.as112.net/
11:24 < ripe_917> What is your opinion on RFC7706 for non-root zones (like .se publishes the entire zone)?
11:25 < Ulka_RIPENCC> Could you state your name and organisation please?
11:25 < ripe_917> (Nick, independent)
11:26 < Ulka_RIPENCC> Thanks
11:27 < Ulka_RIPENCC> The presentation has ended.
11:28 < Ulka_RIPENCC> Roland van Rijswijk, NLnet Labs, has begun the presentation " OpenINTEL"
11:29 < Ulka_RIPENCC> If you have questions/comments for the presenter and want me to read it out, please state your name and affiliation and I'll go to the mic when questions are called for.
11:29 < Ulka_RIPENCC> Please note that all chat transcripts will be archived and made available to the public on https://ripe78.ripe.net/
11:39 < lieter> Why do people keep saying that "using keys for a long time is dangerous"?
11:39 < Habbie> yes
11:39 < Habbie> they should stop doing that
11:39 < lieter> (no need to ask the speker, just an observation)
11:46 < Ulka_RIPENCC> There is up to a delay of up to 45 seconds for remote participants, so it's better to get your questions in before the question period begins.
11:49 < lieter> if only DKIM used its own record and not overloading TXT ;)
11:51 < Ulka_RIPENCC> Roland has asked for questions.
11:53 < ripe_917> Where do you get your data from? (I assume from big resolver operators like the one SIDN and TLD operators?) What do you store? Do you store the source IP address of the DNS client? (Nick, independent)
11:53 < cynthia> Ulka_RIPENCC: I would just like to add that it is somewhat easy to get gTLD data from ICANN CZDS
11:53 < cynthia> as a comment
11:53 < Ulka_RIPENCC> thanks
11:54 < simonvik> .nu, .se is also open https://zonedata.iis.se
11:54 < cynthia> simonvik: thank you, that is useful :)
11:54 < Ulka_RIPENCC> @cynthia could you share your affiliation please?
11:55 < cynthia> Cynthia Maja Revström, personal capacity
11:55 < ripe_917> Do you expect that encrypted DNS (DoT/DoH) will reduce the visibility you have into DNS traffic? (if you use passive DNS) (Nick, Independent)
11:55 < Ulka_RIPENCC> thanks @cynthia
12:02 < Ulka_RIPENCC> Geoff Huston, APNIC, has begun the presentation "That KSK Roll”
12:03 < Ulka_RIPENCC> If you have questions/comments for the presenter and want me to read it out, please state your name and affiliation and I'll go to the mic when questions are called for. Keep in mind that there is up to a 45 second delay for remote participants, so it's better to get your questions in before the question period begins.
12:04 < SigIO> lieter: well... if they are very short keys... that doesn't help
12:05 < lieter> SigIO: yes, but this was not what I meant :). Using a key for a long time does not decrease it's security based on the number of signatures made with it
12:09 < SigIO> true
12:18 < Ulka_RIPENCC> There is up to a delay of up to 45 seconds for remote participants, so it's better to get your questions in before the question period begins. Please note that all chat transcripts will be archived and made available to the public on https://ripe78.ripe.net/
12:24 < ripe_917> Geoff, I want to say thank you for pushing DANE towards the HTTPS use-case (Nick, independent)
12:24 < Ulka_RIPENCC> Would you like me to read out your comment?
12:25 < Ulka_RIPENCC> Geoff has asked for questions.
12:25 < willem> DNSSEC trust anchor can be bootstrapped with RFC7958
12:26 < willem> though you need the ICANN CA for that...
12:26 < Ulka_RIPENCC> @willem do you want me to read that comment out?
12:26 < ripe_917> @ulka: not needed (Nick)
12:26 < willem> nah
12:27 < Ulka_RIPENCC> Ok thank you for letting me know
12:33 < Ulka_RIPENCC> The session has ended.
12:33 < Ulka_RIPENCC> Thank you for joining us remotely