[Opendnssec-develop] interaction between the Signer and KASP

Thu Jan 8 12:25:43 UTC 2009

On 8 Jan 2009, at 11:31, Jelte Jansen wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> John Dickinson wrote:
>>>> As for a meeting, I am skiing 17th - 25th but available all
>>>> the rest of the month.
>>>
>>> Perhaps we could have one in next week (not Monday, I have a full  
>>> day
>>> meeting) on Jabber?
>>
>> I think a conference call would be better if someone can provide the
>> technology but jabber is fine as well. We can use a room on my jabber
>> server if necessary. Here is a doodle if that helps get this arranged
>> http://www.doodle.com/2fpcx8smn4p8kiaa
>>
>
> +1
>
> or actually, both a call and a jabber room would be best i think
>
> i can set up a conference call for sip and pots, i'll post some  
> details
> so you can try it out if you want.
>
> I prefer wednesday, and while i'm at it i think a specific agenda  
> would
> be a good idea ;)

OK - here is a start - please add anything missing.

Agenda

Nominate someone to take minutes - I suggest the last person to fill  
in the doodle :)

With reference to the document I distributed

1. Agree what the components are
1a. Discuss any known contradictions on the wiki
1b. How do the components interface with each other in both the  
prototype and final systems
1c. Discuss technology to be used for each component
1d. Do we know the requirements for each component?
1e. Answer the question Matthijs asked in his email (see below)

2. Agree who is developing each component

3. Discussion of the commitment needed for each component and  
available from each party.

4. Brief update on the state of each component where possible

5. Discuss and agree plan to move forward
5a. Discuss timeline for whole project
5b. Decide on milestones for each component
5c. What about testing?

6. Decide on date of next meeting

7. Agree actions
7a. Who writes minutes
7b. Who is writing any documentation still needed
7c. Who updates the wiki based on this meeting
7d. Other...

List of questions from Matthijs
1. From the opendnssec.org website, I assume that the Signer has to
determine the inception and expiration times on signatures. It can
determine this from the refresh interval. (Ok, not a real question:))

2. What's the difference between zone resigning interval and signature
refresh interval? Imho, they are the same, but described differently.

3. What is the priority of changing security parameters? For example, it
could be that the signature validity period has changed. Does this need
to be applied to all signatures directly, or are they applied to
upcoming generated signatures only?

4. What is meant with signature jitter and clockskew? Does this affect
the zone content? If so, in what way?