IETF Logo Mail Archive

[DNSOP] Re: AD review of draft-ietf-dnsop-structured-dns-error-19

Dan Wing <danwing@gmail.com> Fri, 08 May 2026 17:33 UTC

Return-Path: <danwing@gmail.com>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 315FEEB579D5 for <dnsop@mail2.ietf.org>; Fri, 8 May 2026 10:33:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1778261586; bh=rrLavyWikZfv22xsSG3PiLZe3V3J7ZpXxFh9m3FU4DU=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=XttiWWs0vm2WeF4SmqLXjSKDb0Ap8k2HfzD812iMF3Wy4pmpqeMjqEadBBmYmyjbw dU0k+tr6RiAOSTuEEWVIjPhmT6YVM3yvDseEBQJj2ftCbfv/bmiXrvWs2RK83VW35a srFnX53fXYaPKYUolCltmoWTcgevyN/3chMPDOKU=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3NG3G8LlgHES for <dnsop@mail2.ietf.org>; Fri, 8 May 2026 10:33:05 -0700 (PDT)
Received: from mail-dy1-x132f.google.com (mail-dy1-x132f.google.com [IPv6:2607:f8b0:4864:20::132f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id ED6C7EB579D0 for <dnsop@ietf.org>; Fri, 8 May 2026 10:33:05 -0700 (PDT)
Received: by mail-dy1-x132f.google.com with SMTP id 5a478bee46e88-2f0d3e07e30so5887522eec.0 for <dnsop@ietf.org>; Fri, 08 May 2026 10:33:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1778261579; x=1778866379; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=rrLavyWikZfv22xsSG3PiLZe3V3J7ZpXxFh9m3FU4DU=; b=XGXZWVda/vh7y/ZTPHUdsng7zkk0vJByOcNl3IJCpGqwHcM0DW835muiIpCscsCQkq H8qRh1CWNZUX6gVDAK4cNpHK1nf23Zrtwxch+cAbzTElLjOdK4IA4nJU5D4QkxhaZR47 3dX6PnoC8GTNOoC2F0JOap4pHm4wKhu7WAIqClxWaTOgdbUsycwyVd4uVFZ+P8QA9RfZ hWAcHzQPfuMO9ocfJivm92FIR94vMnTHtYhu7LwipYVYcqmOew+DUpGoI3m4dj8txApL ghcYR7aHxi43kDcltVmjTtVRYq9uIfq/PDgnpqijPm5raG2+LoCg/a7qpCGoYT6AGGnS Jaqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778261579; x=1778866379; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=rrLavyWikZfv22xsSG3PiLZe3V3J7ZpXxFh9m3FU4DU=; b=U2iOy6DBgqK2uHT0AmgPpEDPFZyg0g1CyeihXAOMcUdhf5i294QG+ZktCHCyf/ntha QtHY/ZADr9XDXrnconmc2IuG5HAA6+dRNOzry1gCzNBNM2dGwvECeLU/p1kN2BOMK7Le Uwujn9O2sEo/+TqfvZyhcRIJlIFFR9uTY+CY/lGlYEadG4WtXC+/6Oo8yaQXIHWyk7JL vXwuZpwEk2nNgZeyGsd5e/IfBi0oRCm8DnrCR8dd63WYff++tQx/PXnHgVtyk5lxBE81 wHKoTv+2ADzVDY63Gc7bVxPM+hSMVqJUQc0Ee7k7yID3ZyWc/rhxy5DAWv2PkS65zTKI JxGw==
X-Forwarded-Encrypted: i=1; AFNElJ8tWR9mzP56eHbjOEvVBpsOcZ7UjT/1NRFp6iRaw6oA0hEs2aFnxYIvaspYkd6wAYBDa3Z5+g==@ietf.org
X-Gm-Message-State: AOJu0YwWKlgNSMbAHY2qSi7dO1ddb2w6YKjBQKcvUiOJ3a5Aq8SFSLFG f7ZBjPkXvOgeE41VCU/PI1KwuUeLocyWBrtSCOR4d04DF90W1fo4tPFW
X-Gm-Gg: Acq92OHwJScp7lU/SakaKbuilfjyWDAxWeSg1bduHGh0WV2JKelHA330Jw9kT1AFAdO JTkuRy/8H+2gCnsN2zYEmwY+xXTu6rY1pTRT0SBoBR6H+nTjanmo5mZPpEPIvZs3Rszin3AIUwk j4KAzmw89jdH45lGIfke1Z0vfXWjZXrV9yh3dGILyMp2B/uLEFvcs79ChSVoaSd+SU4OtFzztlT NOrSOVhgwxJXyZZ9A9dTS9t+i7r5dtwkFpbw+trNat0R9OTc1J3f7qdf6HMBvBFjOEEvNH9J2bu yg9d1d9wvVszdodFW8bv0D1JqpwdkSUo+XebORinFEJ+ySwLQ26Ceu8GjmTUOb0A2d6V1bDRhpW cr+7MVSeGPFcLp6J3RmV2k9wrzC+e8j1b7es//0q47ZTPLKiFyebU0bwU4Vl30opf/ywHeO51BA R8BBbF5QVcGq7CROGaA1TaZmPp+6gWkydes/hhgFRFFg==
X-Received: by 2002:a05:7300:bc1a:b0:2c7:ea98:da0 with SMTP id 5a478bee46e88-2f54ac74b5fmr6097471eec.19.1778261578769; Fri, 08 May 2026 10:32:58 -0700 (PDT)
Received: from smtpclient.apple ([47.208.124.206]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2f8860ce1bfsm3196344eec.9.2026.05.08.10.32.57 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 May 2026 10:32:58 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.500.181\))
From: Dan Wing <danwing@gmail.com>
In-Reply-To: <af4a6Hm9Eaql7qS9@p5>
Date: Fri, 08 May 2026 10:32:57 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <BB39816C-A4C5-4848-81C3-DF586D98D9DB@gmail.com>
References: <PH0PR11MB49665D117EA1C0C920A1ED0FA93E2@PH0PR11MB4966.namprd11.prod.outlook.com> <CAFpG3geNkMs=_HeeirUcRX2-GXW5wEHZiYTLUj0Q_5CYVeVmWQ@mail.gmail.com> <SA2PR11MB4972BEA47D1E95384D5A82AFA93D2@SA2PR11MB4972.namprd11.prod.outlook.com> <af4QDrlZ-5hCfL_c@p5> <af4S9qW-LHOdQwQF@p5> <af4a6Hm9Eaql7qS9@p5>
To: Mukund Sivaraman <muks@mukund.org>
X-Mailer: Apple Mail (2.3864.500.181)
Message-ID-Hash: AXYL3PRYSMKKGXSNMO43REVHD25GXKK3
X-Message-ID-Hash: AXYL3PRYSMKKGXSNMO43REVHD25GXKK3
X-MailFrom: danwing@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Eric Vyncke (evyncke)" <evyncke=40cisco.com@dmarc.ietf.org>, tirumal reddy <kondtir@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>, "neil.cook@noware.co.uk" <neil.cook@noware.co.uk>, Mohamed Boucadair <mohamed.boucadair@orange.com>, Benno Overeinder <benno@nlnetlabs.nl>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: AD review of draft-ietf-dnsop-structured-dns-error-19
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JguFzu1RBLI-UVWS_jFloUx87Lo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

On May 8, 2026, at 10:18 AM, Mukund Sivaraman <muks@mukund.org> wrote:
> On Sat, May 09, 2026 at 12:44:38AM +0800, Mukund Sivaraman wrote:
>> On Sat, May 09, 2026 at 12:32:14AM +0800, Mukund Sivaraman wrote:
>>> A DNS message is not the appropriate place for this kind of
>>> localization. Space is at a premium (64kB is all there is for the whole
>>> message). India has 22 official languages for example, and it would be
>>> absurd to have as many translations encoded in an EDNS option.
>>> 
>>> The objective should be that the language used in the justification text
>>> and organization name is indicated, which it appears the draft provides
>>> for.
>> 
>> Having said this, I realise that the structured-dns-errors draft only
>> returns the JSON for empty answers (where filtering/blocking/censoring)
>> has occurred. So there ought to be space in the 64kB in these cases.
>> 
>> However, this localization still seems like it doesn't belong a DNS
>> response.
> 
> Perhaps a client can indicate its locale in an EDNS option in the query,
> and the server responds with a single localized set of fields matching
> what the client requested, or if that is not available, whatever
> language the server has.

This would add another fingerprinting vector (undesirable) and could be used to influence filtering (probably undesirable?).

-d

v2.46.0 | Report a Bug | By Email | System Status