Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-error and combinations of EDEs and RCODEs

Paul Hoffman <paul.hoffman@icann.org> Fri, 13 September 2019 13:38 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A6B712004F for <dnsop@ietfa.amsl.com>; Fri, 13 Sep 2019 06:38:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id huBcrhuytB6G for <dnsop@ietfa.amsl.com>; Fri, 13 Sep 2019 06:38:09 -0700 (PDT)
Received: from ppa4.dc.icann.org (ppa4.dc.icann.org [192.0.46.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1035120047 for <dnsop@ietf.org>; Fri, 13 Sep 2019 06:38:09 -0700 (PDT)
Received: from PFE112-CA-2.pexch112.icann.org (out.west.pexch112.icann.org [64.78.40.10]) by ppa4.dc.icann.org (8.16.0.27/8.16.0.27) with ESMTPS id x8DDc4tl020767 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 13 Sep 2019 13:38:04 GMT
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 13 Sep 2019 06:38:02 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1473.005; Fri, 13 Sep 2019 06:38:02 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Ray Bellis <ray@bellis.me.uk>
CC: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-error and combinations of EDEs and RCODEs
Thread-Index: AQHVaDwUuh9GfPuORUWdlCz1lUtrfqcnGYbzgACZ74D//8dTgIABHaAAgAAemACAABh4AIABHuiAgAAnbgA=
Date: Fri, 13 Sep 2019 13:38:02 +0000
Message-ID: <F7A157E6-9773-4B6F-90C8-761D1B3CFC00@icann.org>
References: <EA557043-34D1-43EA-B750-4A17CFC6BE50@icann.org> <ybl36h4aj8x.fsf@w7.hardakers.net> <AFE92D06-8418-4451-A827-D5656C83B796@icann.org> <yblzhjbeova.fsf@w7.hardakers.net> <067589D2-8E7E-47FA-867C-72E266A55D6D@icann.org> <CADyWQ+EB-eotvTdYwNv5Oo4=-mibdgEgpkQ3yh37orAwp-AgWg@mail.gmail.com> <ybly2yubfnp.fsf@w7.hardakers.net> <21136294-FDFD-4A99-9529-E79C45E79535@icann.org> <yblzhja9kz3.fsf@w7.hardakers.net> <3AC375B1-D858-4577-AEBE-4BB7CD40C241@icann.org> <1878161734.14716.1568306548325@appsuite-gw1.open-xchange.com> <0C5DC6B2-E9C5-46A6-B0BA-12830A405DD2@dukhovni.org> <775d97e3-65b0-832a-6118-a3c64d872539@bellis.me.uk>
In-Reply-To: <775d97e3-65b0-832a-6118-a3c64d872539@bellis.me.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: text/plain; charset="us-ascii"
Content-ID: <5C66539CE06C8E4FAAB550AD3047FD6C@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-09-13_06:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/O6K7pXuuCM_AoS8gU3lVElKERfw>
Subject: Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-error and combinations of EDEs and RCODEs
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Sep 2019 13:38:11 -0000

On Sep 13, 2019, at 4:16 AM, Ray Bellis <ray@bellis.me.uk> wrote:
> On 12/09/2019 19:10, Viktor Dukhovni wrote:
> 
>> That's the crux of the matter and, in short, *no*, that's not (or should
>> not be) the motivation.
>> SERVFAIL means,  and will continue to mean, I can't help you, better luck next
>> time (or elsewhere).
>> The new EDEs are *diagnostic* detail to aid in troubleshoots, but do not
>> override RCODEs.  They are not a more fine-grained RCODE one might "act on".
>> If we want more fine-grained *actionable* codes, there's plenty of room for
>> more values in the 12-bit EDNS RCODE.
>> [ I chatted off-list with Wes, the above appears to match his take, with a bit
>>   luck also rough WG consensus... ]
> 
> The very first two sentences of the draft are (to my reading) at odds with that:
> 
> "There are many reasons that a DNS query may fail, some of them
> transient, some permanent; some can be resolved by querying another
> server, some are likely best handled by stopping resolution.
> Unfortunately, the error signals that a DNS server can return are
> very limited, and are not very expressive."

Fully agree. That's why I'm pressing for clarification by addition of determinative text, not just removal of confusing text.

--Paul Hoffman