Re: [DNSOP] Comments on draft-ietf-dnsop-extended-error-08
Wes Hardaker <wjhns1@hardakers.net> Tue, 10 September 2019 04:05 UTC
Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7252312010E for <dnsop@ietfa.amsl.com>; Mon, 9 Sep 2019 21:05:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DaFB46AM5txC for <dnsop@ietfa.amsl.com>; Mon, 9 Sep 2019 21:05:35 -0700 (PDT)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.192.181]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7EC41200F5 for <dnsop@ietf.org>; Mon, 9 Sep 2019 21:05:35 -0700 (PDT)
Received: from localhost (unknown [10.0.0.3]) by mail.hardakers.net (Postfix) with ESMTPA id 7295B27A2B; Mon, 9 Sep 2019 21:05:34 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: IETF DNSOP WG <dnsop@ietf.org>
References: <EA557043-34D1-43EA-B750-4A17CFC6BE50@icann.org>
Date: Mon, 09 Sep 2019 21:05:34 -0700
In-Reply-To: <EA557043-34D1-43EA-B750-4A17CFC6BE50@icann.org> (Paul Hoffman's message of "Wed, 21 Aug 2019 00:12:35 +0000")
Message-ID: <ybl36h4aj8x.fsf@w7.hardakers.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/mbQG09qEmS-8hVoHb4vp9-ZCQwg>
Subject: Re: [DNSOP] Comments on draft-ietf-dnsop-extended-error-08
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2019 04:05:38 -0000
Paul Hoffman <paul.hoffman@icann.org> writes: Hi Paul, Thanks for the comments and good suggestions. Responses below inside my todo list of action: 12 Paul Hoffman =============== Greetings again. The changes here generally help the document, but they also highlight some of the deficiencies. A few comments on the current draft: 12.1 NOCHANGE what error codes? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - The spec does not say anything about the kinds of responses where it is allowed to send particular extended error codes. For example, if a response has an RCODE of NOERROR, what does it mean for it to also have a EDE? Or if the RCODE is FORMERR, can it have an EDE that relates to DNSSEC validation failure? The exact semantics for the receiver need to be specified. + The EDE was specifically meant to be an "addition" to an existing reply of *any* RCODE, including NOERROR codes. There is no restriction about when you might include one. Similarly, it makes no sense for some codes to be returned for some RCODES, but any good receiver shouldn't segfault either. I don't think we can specify all potential combinations in any meaningful way. 12.2 DONE extend vs annotate ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - In the introduction, it says: This document specifies a mechanism to extend (or annotate) DNS errors to provide additional information about the cause of the error. "extend" and "annotate" have very different meanings. This is the crux of the use of the mechanism, so it needs to be clearer. + response: I've removed (or annotate) (though it didn't bother me) 12.3 DONE ... ~~~~~~~~~~~~~ - In the introduction, it says: These extended error codes are specially useful when received by resolvers, to return to stub resolvers or to downstream resolvers. Authoritative servers MAY parse and use them, but most error codes would make no sense for them. Authoritative servers may need to generate extended error codes though. This is confusing because many authoritative servers also send queries when they are doing AXFR and so on. Instead, I propose: These extended error codes described in this document can be used by any system that sends DNS queries. Different codes are useful in different circumstances, and thus different systems (stub resolvers, recursive resolvers, and authoritative resolvers) might receive and use them. + Response: thanks for the text. Adopted! 12.4 DONE stop repeating yourself ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Sections 3.1 and 3.2 repeat the information at the end of Section 2, and thus should be eliminated. Instead, leave Section 2 as is, and simply include the the first paragraph of Section 3, and then eliminate Section 3 altogether. + Good point; thanks. It was a bit more work than that to combine them, but I've done so. 12.5 DONE flippant language ~~~~~~~~~~~~~~~~~~~~~~~~~~~ - There are many places where the document uses flippant language that could confuse readers who don't understand English idioms. Although they are somewhat humorous, these could lead to confusion and should be removed. + Response: I've removed the ones I found, and may remove more after a final pass if I missed any in a skim. -- Wes Hardaker USC/ISI
- [DNSOP] Comments on draft-ietf-dnsop-extended-err… Paul Hoffman
- Re: [DNSOP] Comments on draft-ietf-dnsop-extended… Wes Hardaker
- [DNSOP] draft-ietf-dnsop-extended-error and combi… Paul Hoffman
- Re: [DNSOP] draft-ietf-dnsop-extended-error and c… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Tim Wicinski
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Evan Hunt
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Vittorio Bertola
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Viktor Dukhovni
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Ray Bellis
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Viktor Dukhovni
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Tony Finch
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Vladimír Čunát
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Eric Orth
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Tony Finch