[DNSOP] Re: AD review of draft-ietf-dnsop-structured-dns-error-19
Mukund Sivaraman <muks@mukund.org> Fri, 08 May 2026 17:54 UTC
Return-Path: <muks@mukund.org>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 5F4EFEB5C69D for <dnsop@mail2.ietf.org>; Fri, 8 May 2026 10:54:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1778262897; bh=FF3q0iNzlEsQgEvatCQ9kLa0Jzik6ZglZJDga5cSRm4=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=mfKhPj+ypexhBy2zMpNSHlxYwQvKdZmiTDBuINsASVWqPy4wWhu1KygDq04+V4PCV hLn34fXNwhyAOs2UBgtZ/oSpow4P3DoWO5m7ORmH/DFx+cOxLEk0mCjfYZbVpubhZS zXgIRqaiOksyumx7vdt1VmAsezYtjQQfgA3nKhVs=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=mukund.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rSJ7kHDT0mon for <dnsop@mail2.ietf.org>; Fri, 8 May 2026 10:54:53 -0700 (PDT)
Received: from mx.mukund.org (mx.mukund.org [IPv6:2a01:4f8:13a:28c1:1::d8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 52E93EB5C68B for <dnsop@ietf.org>; Fri, 8 May 2026 10:54:53 -0700 (PDT)
Date: Sat, 09 May 2026 01:54:49 +0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mukund.org; s=mail; t=1778262892; bh=FF3q0iNzlEsQgEvatCQ9kLa0Jzik6ZglZJDga5cSRm4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Eut02BPOHv5LNcKcJy4PaOM6+htWmfknaJAWpR+bA/VDodSUJbRWVqj38MxecmBQo tGdTkGr9QwYVUFlwLncimdZePBgz/LSzbk8s2ZirirtDfdFReHOYNwqUemnLWp+7bQ mXXVSc4otetbSYVFg9ctGXqmDE9gqL14CzmwGdMU+Ptp6f04bQFL0r4k7CJDaBwjAq 1cZoWKjzMXwPQ3iWUFUr2G/m/UP3ualKSnlkoDAP9N3/SxkTWiva0E8DLBK4PINlyi oCDHuziUaaJHPIs9cr4CAhI8J8XBItZPM7DcfATf4HM048zC5Y2SgM6kij9BRww2pk +HWyH0WLk1KRQ==
From: Mukund Sivaraman <muks@mukund.org>
To: Dan Wing <danwing@gmail.com>
Message-ID: <af4jafJzqhMgqM-_@p5>
References: <PH0PR11MB49665D117EA1C0C920A1ED0FA93E2@PH0PR11MB4966.namprd11.prod.outlook.com> <CAFpG3geNkMs=_HeeirUcRX2-GXW5wEHZiYTLUj0Q_5CYVeVmWQ@mail.gmail.com> <SA2PR11MB4972BEA47D1E95384D5A82AFA93D2@SA2PR11MB4972.namprd11.prod.outlook.com> <af4QDrlZ-5hCfL_c@p5> <af4S9qW-LHOdQwQF@p5> <af4a6Hm9Eaql7qS9@p5> <BB39816C-A4C5-4848-81C3-DF586D98D9DB@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="RkLEj8+p0zf3z9bC"
Content-Disposition: inline
In-Reply-To: <BB39816C-A4C5-4848-81C3-DF586D98D9DB@gmail.com>
Message-ID-Hash: IWKUJFUOPQE2BCK6O4Y52NSCNZU3FF4I
X-Message-ID-Hash: IWKUJFUOPQE2BCK6O4Y52NSCNZU3FF4I
X-MailFrom: muks@mukund.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Eric Vyncke (evyncke)" <evyncke=40cisco.com@dmarc.ietf.org>, tirumal reddy <kondtir@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>, "neil.cook@noware.co.uk" <neil.cook@noware.co.uk>, Mohamed Boucadair <mohamed.boucadair@orange.com>, Benno Overeinder <benno@nlnetlabs.nl>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: AD review of draft-ietf-dnsop-structured-dns-error-19
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/NuVx8L2uNDyZmdphngQAmIgUaxw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
On Fri, May 08, 2026 at 10:32:57AM -0700, Dan Wing wrote: > On May 8, 2026, at 10:18 AM, Mukund Sivaraman <muks@mukund.org> wrote: > > On Sat, May 09, 2026 at 12:44:38AM +0800, Mukund Sivaraman wrote: > >> On Sat, May 09, 2026 at 12:32:14AM +0800, Mukund Sivaraman wrote: > >>> A DNS message is not the appropriate place for this kind of > >>> localization. Space is at a premium (64kB is all there is for the whole > >>> message). India has 22 official languages for example, and it would be > >>> absurd to have as many translations encoded in an EDNS option. > >>> > >>> The objective should be that the language used in the justification text > >>> and organization name is indicated, which it appears the draft provides > >>> for. > >> > >> Having said this, I realise that the structured-dns-errors draft only > >> returns the JSON for empty answers (where filtering/blocking/censoring) > >> has occurred. So there ought to be space in the 64kB in these cases. > >> > >> However, this localization still seems like it doesn't belong a DNS > >> response. > > > > Perhaps a client can indicate its locale in an EDNS option in the query, > > and the server responds with a single localized set of fields matching > > what the client requested, or if that is not available, whatever > > language the server has. > > This would add another fingerprinting vector (undesirable) and could be used to influence filtering (probably undesirable?). You make a good point about fingerprinting. But analogously every HTTP request sent by a popular web browser such as Firefox (which sends the Accept-Language header) has a similar indicator. From a DNS PoV, coming from consideration for small message sizes, sending every translation available in the catalog seems excessive. If a DNS client indicates what language it wants, it can receive localized data in that language; otherwise it can receives whatever language the server sends. Mukund
- [DNSOP] AD review of draft-ietf-dnsop-structured-… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… tirumal reddy
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mukund Sivaraman
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mukund Sivaraman
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mukund Sivaraman
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Dan Wing
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mukund Sivaraman
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: [Ext] Re: AD review of draft-ietf-dns… Paul Hoffman
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mark Nottingham
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mukund Sivaraman
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Mark Nottingham
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… tirumal reddy
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Lars Eggert
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Lars Eggert
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… tirumal reddy
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Lars Eggert
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… tirumal reddy
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)
- [DNSOP] Re: AD review of draft-ietf-dnsop-structu… Eric Vyncke (evyncke)