IETF Logo Mail Archive

Re: [Add] New Version Notification for draft-pauly-add-resolver-discovery-01.txt

Stephane Bortzmeyer <bortzmeyer@nic.fr> Tue, 28 July 2020 13:52 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 278FB3A0C5F for <add@ietfa.amsl.com>; Tue, 28 Jul 2020 06:52:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7-d0kez60Lca for <add@ietfa.amsl.com>; Tue, 28 Jul 2020 06:52:32 -0700 (PDT)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E3093A0C78 for <add@ietf.org>; Tue, 28 Jul 2020 06:51:56 -0700 (PDT)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 0C395280553; Tue, 28 Jul 2020 15:51:55 +0200 (CEST)
Received: by mx4.nic.fr (Postfix, from userid 500) id 049EC280631; Tue, 28 Jul 2020 15:51:55 +0200 (CEST)
Received: from relay01.prive.nic.fr (relay01.prive.nic.fr [IPv6:2001:67c:2218:15::11]) by mx4.nic.fr (Postfix) with ESMTP id F0EA8280553; Tue, 28 Jul 2020 15:51:54 +0200 (CEST)
Received: from b12.nic.fr (b12.tech.ipv6.nic.fr [IPv6:2001:67c:1348:7::86:133]) by relay01.prive.nic.fr (Postfix) with ESMTP id E4D03642C582; Tue, 28 Jul 2020 15:51:54 +0200 (CEST)
Received: by b12.nic.fr (Postfix, from userid 1000) id BD5F140170; Tue, 28 Jul 2020 15:51:54 +0200 (CEST)
Date: Tue, 28 Jul 2020 15:51:54 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Ted Lemon <mellon@fugue.com>
Cc: Paul Vixie <paul@redbarn.org>, "add@ietf.org" <add@ietf.org>, "STARK, BARBARA H" <bs7652@att.com>, Rob Sayre <sayrer@gmail.com>
Message-ID: <20200728135154.GB24673@nic.fr>
References: <159467169252.16945.8450259386577181707@ietfa.amsl.com> <3B4BDD38-4C0E-4444-A294-0E17BA5E2FA8@fugue.com> <CAChr6Sw=5JaccEnXXUFpidMh8Jh4UM7DxTHUjSdU-bnb3Rb60g@mail.gmail.com> <1978893.SkKRCvkyLV@linux-9daj> <9C027574-73FA-4D94-8BFF-32B7ECD2A71F@fugue.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <9C027574-73FA-4D94-8BFF-32B7ECD2A71F@fugue.com>
X-Operating-System: Debian GNU/Linux 10.4
X-Kernel: Linux 4.19.0-9-amd64 x86_64
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Bogosity: No, tests=bogofilter, spamicity=0.005949, version=1.2.2
X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2019.11.5.63017
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/GTnhzMFjxMTwo2YH5VtCglDJq1g>
Subject: Re: [Add] New Version Notification for draft-pauly-add-resolver-discovery-01.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 13:52:40 -0000

On Mon, Jul 27, 2020 at 07:51:04PM -0400,
 Ted Lemon <mellon@fugue.com> wrote 
 a message of 234 lines which said:

> This sounds like you are just asking for the equivalent of an HTTP
> 451 response.

And it exists, in draft-ietf-dnsop-extended-error.

4.16.  Extended DNS Error Code 15 - Blocked

   The server is unable to respond to the request because the domain is
   blacklisted due to an internal security policy imposed by the
   operator of the server resolving or forwarding the query.

4.17.  Extended DNS Error Code 16 - Censored

   The server is unable to respond to the request because the domain is
   blacklisted due to an external requirement imposed by an entity other
   than the operator of the server resolving or forwarding the query.
   Note that how the imposed policy is applied is irrelevant (in-band
   DNS filtering, court order, etc).

4.18.  Extended DNS Error Code 17 - Filtered

   The server is unable to respond to the request because the domain is
   blacklisted as requested by the client.  Functionally, this amounts
   to "you requested that we filter domains like this one."

4.19.  Extended DNS Error Code 18 - Prohibited

   An authoritative server or recursive resolver that receives a query
   from an "unauthorized" client can annotate its REFUSED message with
   this code.  Examples of "unauthorized" clients are recursive queries
   from IP addresses outside the network, blacklisted IP addresses,
   local policy, etc.

v2.23.0 | Report a Bug | By Email