CURRENT_MEETING_REPORT_ Reported by James Galvin/TIS Minutes of the DNS Security Working Group (DNSSEC) The DNS Security Working Group met on Wednesday morning for a two and a half hour meeting. Masataka Ohta had previously submitted an alternative to the Donald Eastlake and Charlie Kaufman proposal. The majority of this meeting was dedicated to discussing the differences between the two proposals. The meeting began with Jim Galvin presenting a very brief summary of his implementation experience with the Eastlake/Kaufman proposal. No cryptography was implemented; in the interests of simplicity and expediency, values were XORd instead. Also, only the direct resource records were prototyped. Two results were reported: it is possible to implement the proposal and the proposal includes more options than are needed. Jim observed that one of the principal motivations for many of the options in the Eastlake/Kaufman proposal was the perception that the 512 byte limit for DNS messages was too small. However, he asserted that this limit was in fact not an issue, for two reasons that would be explained later. As a result, he had a proposal for how to proceed but preferred to yield the floor to Kaufman and Ohta for a discussion of their lists of issues. The remainder of the meeting was dedicated to Kaufman and Ohta each presenting a list of questions and comments about each others' proposals. There was a great deal of vigorous and animated discussion about the issues. Careful time management allowed a complete presentation of all the issues, with some discussion for each, although no conclusions were reached. Since both Ohta and Kaufman agreed to distribute their lists to the electronic mailing lists for continued discussion and resolution, the details are not presented here. The meeting closed with Jim proposing that Eastlake/Kaufman reduce their proposal to include only the hashed resource record, for two reasons. First, there is the assertion that the 512 byte limit would be sufficient about 80-90% of the time. However, even without this assertion, Version 2 of DNS will shortly be proposed that will increase the message size limit. TIS will implement the proposed DNS security enhancements with this new version of DNS. Jim will follow-up with Eastlake and Kaufman about reducing their proposal, identified as Eastlake/Kaufman-lite. Since consensus was not possible within the time frame allotted for the working group meeting, further discussion of the relative merits of each proposal will continue on the mailing list. The chair agreed to propose criteria that could be used to evaluate the two proposals --- Eastlake/Kaufman-lite and Ohta --- to aid the working group in selecting one to submit to the standards track. Consensus and a single proposal will be obtained on the mailing list prior to the next IETF; this group expects to meet in San Jose.