IETF Logo Mail Archive

Re: [DNSOP] Call for Adoption: Structured Data for Filtered DNS

"Livingood, Jason" <Jason_Livingood@comcast.com> Tue, 24 January 2023 14:09 UTC

Return-Path: <Jason_Livingood@comcast.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B821FC14CE29; Tue, 24 Jan 2023 06:09:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.994
X-Spam-Level:
X-Spam-Status: No, score=-1.994 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b="C03g+iyP"; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=comcastcorp.onmicrosoft.com header.b="eFgnwezO"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eDGsfytr6Y-1; Tue, 24 Jan 2023 06:08:59 -0800 (PST)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A09AC14CEE5; Tue, 24 Jan 2023 06:08:58 -0800 (PST)
Received: from pps.filterd (m0156896.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 30OAVk6i013446; Tue, 24 Jan 2023 09:08:57 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=20190412; bh=Yl8Q77mqaeZLhcBjT0pVTGz1VflmQ03wYkaB7x+R4ew=; b=C03g+iyPAwld5kGaLvUt59wmDAnUnNP2PNQZd4PTrLmMJNz8fYooXN3ah0KT+WodEoBv biWdnZ+uk9dDPeO+mAMKIwqrXSAc/fgxyJMPbliwqATqzvhEnaiNZBZ1FKcs/a2cH+vj K8GbxnW2u0+05KYqcmlaaHxLdHNK63Htwn0lFMkq6JZmjLevu2HnWm3u7XK7k/28KnbI nMElQdbnyrGoilTOt/+YxXNBkHw+ObUir38LFXSrxpn5TfrK4YzkNvHqwV/q1GuirGoy ROK7ZtzN9TRT9NkjWnPcEPhw/7/+mxqVZgrtORIu4vM7dt2AdmfKstucHGWRcYibLql/ 1w==
Received: from nam10-bn7-obe.outbound.protection.outlook.com (mail-bn7nam10lp2101.outbound.protection.outlook.com [104.47.70.101]) by mx0b-00143702.pphosted.com (PPS) with ESMTPS id 3n8bxe2jfk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 24 Jan 2023 09:08:57 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gu5ZvazZzHbs/cnc0Di2lRT/uiAmocO2o1vp5QZht8839P5GHgA9vBVmTU+xQFtu3EQxRGrW+bKYdiCayyQkXlZDnSy504YJ2LaztT1/vfzzY4MbFzzUSg02uxjhBFqG6nVUfp2y1CjZw4qPD/nQyQqrl3kVsL6ZssYFto7xHCSMbTW3hRcsoa8HDOh8dg/wSx+C0WzzF8AShZnn//Vyt2E0gVDgkqwCGDdEon1jyzt+JBLNA+0wnq3wqSWhTv1x1lecnKpwegQ7+d1ZLkAnIsoqo1Nl3aguGNu395ldonyip2kEDcU/1n3t373hyvNiNNHP2CuagvA70qLU2yoSjA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Yl8Q77mqaeZLhcBjT0pVTGz1VflmQ03wYkaB7x+R4ew=; b=ZXQ+X/IS3+cx24oOJMkl4aMtYirLMR+NVrsmlmIJ+ZE5WtcYZahiAQE8uWZXadm/9JVXG0Pb81TSDClSfQc3Sdi5Mc4U0KSbv+B5Cilj+9qtBRDgblyLM1B5DFmz77LjzUBoxRx64904zjwUG74+DDLMKMaT1ycjoZokeGtztUGskwqdnkHK24AAdaq4w3lanqgHSnGej7NDihRqEKHRoUVbSk7OW8IwDcCF4moSOXe7NXt6c1A39vDcv3jTONDRXY2ZD3vpCdvAt9tdu0O1qMRz3y6g6O9NpF901otempNfOieU/wIh/j2RgeN+f3eWsEK4YuToH7qahhPDy0gVNg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cable.comcast.com; dmarc=pass action=none header.from=cable.comcast.com; dkim=pass header.d=cable.comcast.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Yl8Q77mqaeZLhcBjT0pVTGz1VflmQ03wYkaB7x+R4ew=; b=eFgnwezOCQVJQ76XbjEupxMU0SjjcBj54rKS9hyohr3OU4KUZm7wNr5ZlzFyanT7bhHVw12jWSGo9AR/eHWMTJCgSCynbGHDMfBxQyK35qVYwRKgQL+bxrux+1J5tCmZwS3+VxSY/zZtkNT48Z9l3HnufWXhXdC1Wvuv94TCqwY=
Received: from MN2PR11MB3709.namprd11.prod.outlook.com (2603:10b6:208:f3::22) by PH7PR11MB6353.namprd11.prod.outlook.com (2603:10b6:510:1ff::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.33; Tue, 24 Jan 2023 14:08:53 +0000
Received: from MN2PR11MB3709.namprd11.prod.outlook.com ([fe80::31ac:1509:5271:a924]) by MN2PR11MB3709.namprd11.prod.outlook.com ([fe80::31ac:1509:5271:a924%7]) with mapi id 15.20.6002.033; Tue, 24 Jan 2023 14:08:53 +0000
From: "Livingood, Jason" <Jason_Livingood@comcast.com>
To: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
CC: dnsop-chairs <dnsop-chairs@ietf.org>
Thread-Topic: [DNSOP] Call for Adoption: Structured Data for Filtered DNS
Thread-Index: AQHZLqE9o/M+BEmD302OaT9am5Kg/66tSbOA
Date: Tue, 24 Jan 2023 14:08:53 +0000
Message-ID: <A656C74B-0DD2-4513-9DF3-C072D1B68636@cable.comcast.com>
References: <CADyWQ+Fh2d2MwWCFo6dtkPNQfTCE3d5FXvSGrD8S+t7xgRuqtQ@mail.gmail.com>
In-Reply-To: <CADyWQ+Fh2d2MwWCFo6dtkPNQfTCE3d5FXvSGrD8S+t7xgRuqtQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.69.23011802
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR11MB3709:EE_|PH7PR11MB6353:EE_
x-ms-office365-filtering-correlation-id: 1c6f95dd-e106-4ae7-5b02-08dafe1486a7
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: xmQY6Iz0jn3U/C05vGq9lfnH8Ab/gCzwDo7RGGgYHSoOAB9TxxYypDV+KdbIwm866csuT8XkUGqSg/dlLn7S+RydmjO62HtWsVANgN/8etulV5u8i6Tyh4bCwHCp2bgICs/QxFhiJF4er+kAZjjG1/LYm2nUNFkEwG5quUqDPhclr5hv2uR4fzO0jlcaWxm9hOgJacosehbuyEoX+ZiIjpjP6vrPX9s6v0ir9R5Nq3nxpH3HPclu35t5xJKf1Y4kMfoDWHJZFo0lKBaSiUsp9F9KFFju5nfJe7aQx0llU7O7jtjlAzL3g42aK1I9J4EFSKzP+hkJGXp9/ys82Pe53kmSy34ZP4kCXGZH7CD+n8w9f0kaqNoYdzyqWylkPtpyCVMQFf6QrwQoZxoQ+kSmOkdEZ+0WsZBz9ubHqnd4Gcnh07SKrz0mGqdpBVMd0jlf60W53o2qPwCbzTOo52l9/Y4c0p733XedBV+DrXY+Bn35v0qeeKzkuw7hIOLjkW4hVq74U8brUIA0D94LFHNyfbjnVUmE8RfHnmUj4wVJZFnWYOZ+Gx6svTC2NS2ebmbL24r4+Sky9cbSfiMXOWNU2cN+iqxl7o5O+xRynwD3GnksdtmtwLXZL5n9slMOlwGlXXmbtaM9ZAgLx/H7s6MaNyshZ6r1cSLcwvKp/3A9YTi1G1tsf04mnASs01v7sbwTvcE3AqDDOI10MUm3e97zETJveKu+Jx9vLYXl6D3jpgILeLtudW69WUlgf3Xex3po
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB3709.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(396003)(136003)(366004)(376002)(346002)(39860400002)(451199015)(2906002)(166002)(38100700002)(82960400001)(122000001)(38070700005)(66899015)(33656002)(2616005)(110136005)(6512007)(71200400001)(316002)(186003)(86362001)(66946007)(76116006)(66446008)(4326008)(21615005)(66556008)(5660300002)(8676002)(64756008)(66476007)(478600001)(966005)(6486002)(53546011)(6506007)(8936002)(41300700001)(83380400001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 3cgWXxOqCoJMHTpSVk/WgbpG0aU16+xCQDmEw2YOc0ycivfn9j76L6/SB+4tvoOzp3aToLA3vhq+KHfT7GSv+4mOZ7QNM8rGpC8OJtZhbNYB1D9ZJ7IWY4loTRP2cU5S2TiaIEtRnDYKEKwf3fmjjRlQNxMchCP8OY5rHMZ/5XgC0m3+vJCStsnErxB/qtdFEjb0t3JPt1gpNINCxMj2dpLi2W3lX2TerDC0qCf/7KcgzstmLyXMNe0Ahe6AePJDrXgHsdDc6SFXxF0YyE3G0ulcXO2bTBho7s7oQh6kfaEvjLgbZialU06fEhf2VRQGif95DfTN5P1mz8kIxZ3JvXylSol8PTbWUMRz+TyfnVzpJtMDxPA8x2G7WJVFEPHxDDE0VuYIRy7K8vuEu2Q8TkYlPXXu6IlzsssVzdijLjG+5p80UfTZcB4bZD/MVnLyedxAfa49nx7I+uu8LQlbur2YTSebM6PKRYHni/FBSgigVzE5yNC7UEagy+MzTTnqLNK7K0kSjvO1qufVE8s+0U6scRJCQTBWhgMONjZu9owRUAz0DEerg5lgACm5sv/vY3y9g/hWnsPP2f75RLE5yYAJF5E3RNAv1Flz7EAdBeC3CWka0S3WtxuDY9QAx+qVFF5SbrUTlD/TxR2DTRR0gbqKi1ehfTdbOE4BRGe4QqgPnAGp/Og4PUhMtbOzviLADa+H833biglmc3Gqjl0OEBwLiPBxmKDOQ4Ue9IsgEe9jLlutQB2XgowYHc7WTgUlzwtgB7g0KPUdSFG3Atdxa0z7kIKPdtqZ0YznIVetD+AQEw5JSmbzhzLF0uwzYe8aPPUSjEnowSyeaT8ZLdzOkfxuUEnxZNQkH0MMhJEdNzpR5tuURvjr/YwiTZLTXAcb8WBhr24TyXJDQO+++EXzOX37EW0vV7h93q625h6eYuLNpOYipUtoqO7o9C/zoIY+GXnPLuseLfJwmo6IubTebonWcErbkCWqFtKj4U4mk2AHMDEgpvtFKMUxomUgJ+xVszp9MjRI1iiRzdxJ6AG4SrmEazvhbD+NexmWJ5gtcMsYJ/2wMVPvOyHMQDcTgewZKrOkYCY7c8VGxDMiZtePPyup3HY9nnnCt0UpFFMB3kZp9XKf/CBhFdvVqWQ7oupV++S/PUIk2xSGK4YpGEmT36pgmPtTWXjlpWUGpfoWt7S6lNgllhluR1cD/S1RaTX0xcI0sJi83LqrwnpMTEUZ8itoCnwKw87Z7C2nVdB3mQbt/qty7QkSmPKYlXkm52g4Xkf/KOfy1PXbGaeJ0K8NjBhYI76EOHhNaJnHJjdZWB1HaDE01Q32WwL5qsnaVgUc63qVD+AITcSPi6jSFgmHdi+5aGhrIIL3hBJvHJrBGbVDusCMQRgv24sRcqnbNErFqcbfkuPZt81z36mILja/iEQmrDpPChkTTvdaXDFWvQ6zoGLp+kWTDtxzt1rs7ciwR2j2LcKkkSOnjgRzc3mhKLOcLkRaLpMskZQO37XTATaFbDys7rS4Ln40qrm+WkDzq3mzk5nCYs7nvEFiSarxLM8BHP83o02qGghAOXiopfGEo5cbBrB0OLZEQq+tn0GlYzTWeMplNMAA6WVIGRTeVk+6nagQo2AS2FcpSOyb2dJZKk4D1rl6+ZZDnvhfs35uAMa4DuD+seTeJNI4ymavFO35GRn+HmS0/u3wu2Mnbvk=
Content-Type: multipart/alternative; boundary="_000_A656C74B0DD245139DF3C072D1B68636cablecomcastcom_"
MIME-Version: 1.0
X-OriginatorOrg: cable.comcast.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB3709.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1c6f95dd-e106-4ae7-5b02-08dafe1486a7
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2023 14:08:53.8106 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cZ4gLjr4V8rmL11vOERu8cqHT00nrEXI+FUs5o9L10rUBoGwDWmnP2GQUVzLHBKz9mbtUF04PL3vynDSDH6NDtPGkOgA4XQlVLi009QvYto=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB6353
X-Proofpoint-ORIG-GUID: cQwsU90rbSnWiHSD7nrfJrpvMU1hVcU7
X-Proofpoint-GUID: cQwsU90rbSnWiHSD7nrfJrpvMU1hVcU7
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1 definitions=2023-01-23_12,2023-01-24_01,2022-06-22_01
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/F8ptesmbkaoM0CrB9uYtHFeJM9A>
Subject: Re: [DNSOP] Call for Adoption: Structured Data for Filtered DNS
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2023 14:09:03 -0000

I support adoption.


I also suggest the authors take a look at two long-ago-expired I-Ds that are related to this subject:
https://www.ietf.org/archive/id/draft-livingood-dns-malwareprotect-02.html
https://www.ietf.org/archive/id/draft-livingood-dns-redirect-03.html

Lastly, to the contents of the current draft, I offer the authors the following:

  *   Section 10: Initial sub-errors. There is too little difference between the various options (e.g., phishing & spam). I suggest instead using more clearly differentiated reasons, such as:
0: Reserved
1: Security Policy
2: Privacy Policy (e.g., ad-blocking)
3: Content Policy (e.g., age-limited content)
4: Network Operator Policy
5: Government Policy
  *   Should any implementer make available a public recursive interface of some type (whether DNS or a web page – does not matter) to allow 3rd party auth domains to check whether their FQDN is filtered? Or just certain types of implementers (e.g., ISPs)?
  *   Is there a mechanism for auth domains to determine why their FQDN was filtered and to request a review? For example, similar to email bulk senders and spam, can they determine what list is responsible for the filter and work with that provider to remediate their practices and get the FQDN re-classified and unfiltered?


Thanks
Jason

From: DNSOP <dnsop-bounces@ietf.org> on behalf of Tim Wicinski <tjw.ietf@gmail.com>
Date: Sunday, January 22, 2023 at 15:36
To: dnsop <dnsop@ietf.org>
Cc: dnsop-chairs <dnsop-chairs@ietf.org>
Subject: [DNSOP] Call for Adoption: Structured Data for Filtered DNS


All

The chairs have received feedback for DNSOP to adopt this document, and I've
wrestled with this document.    We have received feedback when presented
to adopt this work.  We've also had some conversations with folks who
offer DNS services to enterprises they have had some customer interest.
I will say personally that I am sure I can find some individuals at my
current employer who would get very interested in this also.
So the best thing to do is - see what the Working Group says.

If you work for someone who is interested in this, please let us know.
If you work for someone who has customers interested in this, please let us know.
If you plan on implementing this (or not!), please let us know.

If you feel less comfortable speaking publicly, please reach out to the chairs.


This starts a Call for Adoption for draft-wing-dnsop-structured-dns-error-page

The draft is available here:
https://datatracker.ietf.org/doc/draft-wing-dnsop-structured-dns-error-page/<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-wing-dnsop-structured-dns-error-page/__;!!CQl3mcHX2A!HKmlmIrovTfkWYeTeuUoE4mf8b4Ps2sX2AYSpFVPs4SNQF0CBU31kJKYYaKf51ZZ0xASDce2ybx1dKMOQM-_RcS-Ug$>
Please review this draft to see if you think it is suitable for adoption
by DNSOP, and send any comments to the list, clearly stating your view.

Please also indicate if you are willing to contribute text, review, etc.

This call for adoption ends: February 5th, 2023

Thanks,
tim wicinski
For DNSOP co-chairs

v2.23.0 | Report a Bug | By Email