Re: [DNSOP] Implementations of extended error?

Wes Hardaker <wjhns1@hardakers.net> Tue, 05 February 2019 18:59 UTC

Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 665C5124BAA for <dnsop@ietfa.amsl.com>; Tue, 5 Feb 2019 10:59:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CfZHVUoFuVvk for <dnsop@ietfa.amsl.com>; Tue, 5 Feb 2019 10:59:43 -0800 (PST)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.192.181]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 792C012008F for <dnsop@ietf.org>; Tue, 5 Feb 2019 10:59:43 -0800 (PST)
Received: from localhost (unknown [10.0.0.3]) by mail.hardakers.net (Postfix) with ESMTPA id 8EEE4225F2; Tue, 5 Feb 2019 09:03:07 -0800 (PST)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Shane Kerr <shane@time-travellers.org>
Cc: Wes Hardaker <wjhns1@hardakers.net>, dnsop@ietf.org
References: <ybl5zu3qurr.fsf@w7.hardakers.net> <ECA3ECFA-852B-47EE-8162-7ADD6D8EF288@time-travellers.org> <yblzhrfp5mi.fsf@w7.hardakers.net> <e0ab4fc9-447e-19aa-2d52-0855b5febed1@time-travellers.org>
Date: Tue, 05 Feb 2019 09:03:07 -0800
In-Reply-To: <e0ab4fc9-447e-19aa-2d52-0855b5febed1@time-travellers.org> (Shane Kerr's message of "Mon, 4 Feb 2019 11:51:03 +0100")
Message-ID: <yblpns61838.fsf@w7.hardakers.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/UHjx3OXANGVctR8dFlRsAAbnwJU>
Subject: Re: [DNSOP] Implementations of extended error?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Feb 2019 18:59:46 -0000

Shane Kerr <shane@time-travellers.org> writes:

> My own thinking is that extended error is much more important on the
> resolver side than on the authoritative side, so that's what I was
> asking about.

That's fair; it's a generic mechanism but authoritative servers have less
reason to return most of the codes (though I cloud see Prohibited and
Blocked being useful for authoratatives).

(And actually, I just read the "Lame" description in the draft, and it's
actually broken.  It should talk about what to do for both.  I've now fixed
that and will push a new version)

> There was some discussion that it might be tricky to get correct
> information out of the bowels of a resolver that wasn't designed with
> this sort of reporting in mind.

Yeah, I suspect there are some code bases that this simply won't work with EDE
without a major rearchitecture.  If they're currently returning a
single error code from the depths of a stack trace, they won't be able
to easily return either a double-code or potentially modify their
codes to be more descriptive.  Then we get to "error text" as well and
it gets worse.

> Here's what I took away (people can and should correct me where I am wrong):

Thanks for the summary!  Sounds like it was a good discussion.

-- 
Wes Hardaker
USC/ISI