On Fri, 12 Nov 2021 at 20:55, Ben Schwartz <bemasc= 40google....@dmarc.ietf.org> wrote:
> > > On Wed, Nov 10, 2021 at 11:18 AM Petr Špaček <pspa...@isc.org> wrote: > ... > >> 2. If the new option was present in query, then DNS responder sends back >> Extended DNS Errors option (EDE, RFC 8914) with INFO-TEXT field >> formatted according to structured JSON specified in this draft. >> > > I like this idea a lot. In fact, I don't even think we need a new > option. It's not as if INFO-TEXT is already widely used. We can just > declare something like "if the INFO-TEXT is JSON, here's what it means". > > This also allows us to remove the "access denied" emphasis, and broaden > our focus to explaining all kinds of resolution failures. > Sounds good to me, it requires an update to RFC8914 to add JSON in EXTRA-TEXT. > > I also agree that requiring an HTTP URL seems out of place here. > The HTTP URL is for the end-user to report mis-classified DNS filtering of a domain. > I would prefer an "ID" string of unspecified contents, so that operators > can use UUIDs, domain names holding TXT records, URIs, or whatever > mechanism they want to identify failure types. > Yes, ID string is useful and the content can be opaque to the client. UUID or URIs are useful for the DNS operator to identify the reason for failure. I don't get the use of TXT records. -Tiru _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop