On Thu, Mar 19, 2026 at 12:28:21PM +0900, Lars Eggert wrote:
> Hi,
>
> On Mar 19, 2026, at 12:06, Mukund Sivaraman <[email protected]> wrote:
> > On Thu, Mar 19, 2026 at 12:00:15PM +0900, Lars Eggert wrote:
> >> unable, no. Unwilling, yes. There are simply too many risks associated
> >> with showing arbitrary content here, especially in a security-related
> >> context.
> >
> > Whether it is RFC 8194 or this draft's structured format, the content is
> > generated by the NS in the response's EDNS option. Do you mean the part
> > about using transport security? That is not the stated goal of the
> > draft.
>
> no, I'm reacting to the "display freely formatted text messages" bit.
I don't follow. Without considering transport security, what risk is
present from processing and displaying a freely formatted text message
generated by an NS for its clients (with additional hyperlinks added)
that cannot exist in every other webpage on the internet that is
displayed to users? A browser can escape or reject junk in EXTRA-TEXT.
Mukund
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
