IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-ietf-dnsop-structured-dns-error-06.txt

"Gianpaolo Angelo Scalone, Vodafone" <Gianpaolo-Angelo.Scalone@vodafone.com> Thu, 19 October 2023 08:05 UTC

Return-Path: <Gianpaolo-Angelo.Scalone@vodafone.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9D4BC1519AD for <dnsop@ietfa.amsl.com>; Thu, 19 Oct 2023 01:05:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=vodafone.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MZlwW-egCkqF for <dnsop@ietfa.amsl.com>; Thu, 19 Oct 2023 01:05:12 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp2050.outbound.protection.outlook.com [104.47.0.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B41CC15199C for <dnsop@ietf.org>; Thu, 19 Oct 2023 01:05:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U8x4dzwiWKcFQULtAOzLED3stMh0o0miorwIF+yBXnKRK5OJGncPZp5QRun6tISZPGGklZ/FtMgSgxNobYUeRd1pBuIxgaESelDca1u7qI3QRFMUDXiSCRt6d0Y4xRR5+hBuaCFbahqQltLuU5pkZYp1+XZjNmFYW/i/H7/YlQbGKHxJdYvHsdbM7BpT8j0ejPAsrOFvKx8q+b2rNoZShF6+UYTwRPnhMJaHKKlkCW7CwX3uErqNwClMr7df08pH4FYVbY7piH5rHkyjKNilRIkVbWcqyAQhKckBY1wYItOuM4Xz3JlkQ8uCIBTfGfmqgK1t0PUbKtzvcrWxYkE5Uw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=77zca6tpVFbYT8HHQIV+V//Alpe6iF9itBo+IH7amg8=; b=MiriZXcyUF4yYkV/cBUjNuuBqslu3cazvO2guaChdTBIz0EJd5tpHCqrWKy428kzCwQDKGfguK0MZ1Q9OALm/2tj8BueRZ6aAtAUG6QXSjxnMZkk3cL1eBVRJWMlXUxr0KHcfdtOXZjSqbQLlXEl6hoxPAnWd/Sr83pP6hndInzuNPLJ/ek+dA2762ovNclDLMrGEP3hoBkrwNGwnFgY6Q+sialh0H4L9YxnIoMnKQ3i/tO6eai+8IAxXdmV+kI6C09kDWGUJxNckgM/7MU9LvhiphXzU/iyJxmVLnYO6PYeW9CL42avI7CYm/JXFhoz6YzvnH4s5zerzViX9tsPTQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=vodafone.com; dmarc=pass action=none header.from=vodafone.com; dkim=pass header.d=vodafone.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vodafone.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=77zca6tpVFbYT8HHQIV+V//Alpe6iF9itBo+IH7amg8=; b=jfR8kmRJukC2ipnFwfLi/TQuLz5/KWTTgmCJX6XItOj0JFIrWVFMvsBULAHZrT1aMVaJvvXIVjaBp7NGT4Eq1lHuE9VSI1Rw4KTr/D7Z6kjQ31FeG6QSWUHh+isHC1qg9hb+42NNyQA+ymzEPPspNCE+And8/j9/d9Xt9rkla4kvKvIFC8ch8/oavtmGYoUafv/rFW4khCID6MLYMwifTrAxzNb0Ril+Nz27TeGFB8FbqR3ag+b1NB6teJdQcHESSmO1JwQ8TmYzpzf8+pEqq1ctUB68TRoRbbM8hvOioJUOdEgSWHWZ4x7yY2WkYs7FcVB8UMi3ikR1saXPf22ZUg==
Received: from DB9PR05MB8473.eurprd05.prod.outlook.com (2603:10a6:10:29c::24) by PAXPR05MB9244.eurprd05.prod.outlook.com (2603:10a6:102:2bf::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.23; Thu, 19 Oct 2023 08:05:02 +0000
Received: from DB9PR05MB8473.eurprd05.prod.outlook.com ([fe80::56f8:d2f9:521c:d742]) by DB9PR05MB8473.eurprd05.prod.outlook.com ([fe80::56f8:d2f9:521c:d742%5]) with mapi id 15.20.6907.022; Thu, 19 Oct 2023 08:05:02 +0000
From: "Gianpaolo Angelo Scalone, Vodafone" <Gianpaolo-Angelo.Scalone@vodafone.com>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: Re: [DNSOP] I-D Action: draft-ietf-dnsop-structured-dns-error-06.txt
Thread-Index: AdoCYmLSasQU8t4VRxenoCSDsnZy+A==
Date: Thu, 19 Oct 2023 08:05:02 +0000
Message-ID: <DB9PR05MB847313955E9EE5F63F53FDB3A3D4A@DB9PR05MB8473.eurprd05.prod.outlook.com>
Accept-Language: it-IT, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Enabled=true; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_SetDate=2023-10-19T08:05:01Z; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Method=Standard; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_Name=0359f705-2ba0-454b-9cfc-6ce5bcaac040; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_SiteId=68283f3b-8487-4c86-adb3-a5228f18b893; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_ActionId=ca77dc28-af2d-47ff-887d-301843e6bd27; MSIP_Label_0359f705-2ba0-454b-9cfc-6ce5bcaac040_ContentBits=2
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=vodafone.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DB9PR05MB8473:EE_|PAXPR05MB9244:EE_
x-ms-office365-filtering-correlation-id: f30c9377-c80e-4e27-ae5a-08dbd07a18e4
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vKbnUoNL3wfDth3+QtVwSG1CTrzpPd4aFtTRSBxg3CrOE3jitc3yKhUhNeJVAFibOsRafDwlgltaQxJl2GL9Vcg3ecVzcXYTAizW2DTzxc2jEo/EG9CKnduRv3lzK8+r4wEgQHaf7zErISpc2Goi5oK8h74jc5RBY/Wgsnz/jo86N0sPmq5j37puO/ByEaLisZddEzw7R/qHzqVWCHPea2PlUA9RI6b+haigs0N+fZrq0+EbHbToa/3uwmfDKOAs/XeBE+O6WA1VfMHXfCylmX42U5rvEGb9buyGkGJBLcrDNvnQnqfJXynTD4x6vnQ8pOiTGjNNSSmDRGuh3PFLfhXgNlehichg4w4Sqnn6icNMfJg3yDeITyerdJvinBUjYulScuqQA7bFmcLel+hzbiW7eN0nloUf/glceUjBERWWl655bAQuL6hbc4Cat5ucz9BtsDf4S8oU5MnRuORbCe32G9YE5BM9ZpBd44/lr+Seqqy5MrNRK6OTM7Rny/u+xwDk/O/T709HhkcsYZkrDdirUMtIxeheKGfcfwhd6qF7TwiLCUahh/MfOKHVe2wVy1lgIc0yLGt3Cbys2yLLIVIs6TCooF7bOtKpADBTraedQbTFFQSVAxzcsdICbm7O
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR05MB8473.eurprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376002)(136003)(396003)(346002)(39860400002)(366004)(230922051799003)(64100799003)(451199024)(186009)(1800799009)(478600001)(4744005)(2906002)(9686003)(86362001)(7696005)(6506007)(64756008)(71200400001)(76116006)(66556008)(33656002)(66446008)(66476007)(83380400001)(122000001)(82960400001)(38070700005)(66946007)(6916009)(66574015)(316002)(26005)(38100700002)(41300700001)(8936002)(55016003)(52536014)(5660300002)(8676002)(9326002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /uEWzD4QFKvJsnUJ0x4Et/lWLtCdowyTrJOVo6m077ak4cbAN5Cyt9yuAV2R8KttWuJEwkgyBdT5UvTgkwD06IHAyUC7Ez+ZmDyN+TwItKAtSrJXgGKg1rD5vM1IoN1Ci8o7SdjpUB/unwdlMJEGo//xbdN+p9KFC7vfcGhotqW0pO0FMXsQzz2RA2K/vWvRTdBDyJm6E4U5HSelUSiIIa+xhtszY2r4F1s8F7dUCo51emg9GRlFajRwzKzD3iAEsNJIS1hxYCdNlE3Ps0yfHOTDK851/sup4YXuVt/rX1taTZ+3Gu4CeRvsQDABgc6pUm8/vjUNKOQNmJRz8UDfgSRyhWb3SAH/xPUr0IjRuKxAyo2htXsRqDJ8isHpMHQxlFxC5bl3sjBDAwg9TQyyOusWd6Abm8w86T5EA32ph+p93mOqxPOhbNv9LzSpF402L6OvZfwZCSwKje4PM3tH9xk556kbeuCaWVRuZCn7YW9/otKHCJhOSMl87pydfysaz5haLOyhjhDLZwya+eJtARTotwSy4lJYieEFOGvqm+H6CPu3RyHWRH+js2bfUUBQWgCpiTf9lSCN4nBszpgoWtT+FZewgwo0IWSMDUiFAVYS50dbdt91Cju8yntAms9YcMw2IRQSndGWqVylNZuDSUluc0cRWNJGKdJH3iOr/oiLAWUyS5FzhKBUTKg69wOO0Lw1EBFestfgnBNkKOZlnyLdTSSLm9jOWxqwWCD+LpYjhaDDt1nMzYxAxmZJHAvCiKGntKXyTrwxVeZCYcImiQf/Dm0rwuYmkWarNP4Ir02CAQ6G0U7zWpMHgef9jpcpFxo+LvChuYpDFbYiiXdv7JLI0XxFHU39Ha5V5iM5n+yIjRQX8Hrvi2MY5JwI4Q7KJwiW/MXQCV//xthdUhHjZHkl+RqCzeGAYAL3DM5+DoZP7dvbTgmyu6EDdKA51dzulBJ0jcVgqWo6ldqh3VLiEz+T+jNbptva7C370gGtEuObtBPvw/HUPvaSc4MTfCX7j3oV5LuCK9TG19IHQhPHm2QnDdVoKoOEPlU8AZmhtazv7juDW30MSvUkWFAotNUXpKzJdiN2FZ2H8FQQde2QOBjQAO8v7q9ITL+6KzlfrRc6N+Y+jVKidhA+kD6uCLeeoxddSKUqRXNYKjXngRUomjmR57uGfkY+mDicm2tkzg5pYiY0ob9749c+/YjPkZd9NLS54e6t3URxZe/xr0NeFhYq7DxwwE/0fSWz/jaDEwYp73PTt9TA06L+2+A47ukUzDa4YN+nD+FAxa1qYg6veDYcQ66J0v8nwd3Pqo5bpWHD1WQHGBghhgAODqC/2sXZ6arHe+K9QL2s7X9Am3nxqeumXNF8U8s1cv+XS7PH8aPPurCABFEtlmYf2bdhBsfYIaMy8jWh69FzaBX+BauSFhrfHU7r0bbbMdS6Eik77zDln3igi7stLFewK/W/B5K25i9V6ZRqi2B3q/y1YQh9vhHo/bS3hJKs5J3NoTKdRAEtXkyIngKmyapxs9oPSTfClmRpjKf5VVFNKDSELOZjuPmcdJH2k/fQywl5HbGzMUZJc+03VEGTuLZQ5gVPrt5oeKQTkjc1C+NxCnpjH2GWm0aii2t2+djkRxJUpWcdQPo=
Content-Type: multipart/alternative; boundary="_000_DB9PR05MB847313955E9EE5F63F53FDB3A3D4ADB9PR05MB8473eurp_"
MIME-Version: 1.0
X-OriginatorOrg: vodafone.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB9PR05MB8473.eurprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f30c9377-c80e-4e27-ae5a-08dbd07a18e4
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Oct 2023 08:05:02.4756 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 68283f3b-8487-4c86-adb3-a5228f18b893
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OHgkKEJFIqHdmH+R6kRjgQkEbODqixM+MNuH19AHGyJ51RF0gqKeZ8BWHrL4NVQgH27yGbz+T6zR024alLfIxYBOfYRt4ERtoFfXqgP/a1JtbLUQMDYAMkLbFDKxqUls
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR05MB9244
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/1K1J-Sm_99cj-VcJuzCcNHWDLN0>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-structured-dns-error-06.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Oct 2023 08:05:17 -0000

Hi,
I think that we have now 2 good potential compromises:

  1.  A browser interstitial page explaining that the following page is generated by the service that blocked the actual page, with a button indicating "proceed to the blocking page" and another "dismiss"
  2.  A graphical representation of the blocking page, rendered as image with no clickable links, with a button indicating "proceed to the blocking page" and another "dismiss"


This would be understandable by customers and provide a good user experience and security.
In addition we could start thinking about a reputation mechanism.

Kind regards

Gianpaolo


C2 General

v2.23.0 | Report a Bug | By Email