[DNSOP] Re: Artart Last Call review of draft-ietf-dnsop-structured-dns-error-12
Paul Kyzivat <pkyzivat@alum.mit.edu> Wed, 23 April 2025 15:22 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id A2AED2010E94; Wed, 23 Apr 2025 08:22:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=alum.mit.edu
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PS5OJuRaxE1M; Wed, 23 Apr 2025 08:22:42 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2055.outbound.protection.outlook.com [40.107.223.55]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id A4D412010E8F; Wed, 23 Apr 2025 08:22:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=BQu9QCdZhZfiK26M9PNcjC7BATI1hjygcayWE5hpyxge0Fqkg867/nbNCpla//8Iha5rG37esantQ0xzdMU4cSzsWrcU0b9wkiujt+r12hx+l95nv3HwrdA45wszsmNl4XP6ZpOvnaSSWgfcF5duSI7liTlgvAvmWaQy7SCOCRrnLC564odGr2Fk0Myvp9D5/5l9VgdC91+kBamBHCWGfENtPKgn/dvXRHgROAwlpFCqjc/y2HI1d78sWOudH2E8jsv4GXZKo1MosFBjx0H5dIsJDebVcXCtKJPJo4QKykyBMHDtRoHrDejwcfV/rbxbKtyNeJzk4ROmUDFX9t7SVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/femLGFY8t881Gr+4vlL8wVYtdJYIjQaaKOEZlAmqOw=; b=Xlsf5zKKFA6ivQ6Wyh+8Qw4/w2cRpw/jTIZTakUICip5xBqHhRtLktk7P6mYBZ0RfK4/OrIA4Udrko8EraH5Nq456/HzU2W2xHXJhBwXVV8wlg9KuavnwMLGC5chRRedDat8V3QogSjRtsFaJFGwd1YEIeFLWEOoE2WLsLu+wGzUzWBvC4e3t9ZF9VJqRaW64MbIQpcvbUu3j7LzOp1kzbX82kN0f2X5FncjvFrHbZ6RHdBEioA9LiNjsOLTBIiP8WleYrLtGBVLwuac9pJItqp+XZJsgFigMIrfl0KMZWYSgX15v3venLl9JFRIfQTkgRe5Uy/V4EfehGQMU6riTg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 18.7.68.33) smtp.rcpttodomain=alum.mit.edu smtp.mailfrom=alum.mit.edu; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=alum.mit.edu; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alum.mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/femLGFY8t881Gr+4vlL8wVYtdJYIjQaaKOEZlAmqOw=; b=SSlA3JVfI1du6c8Ki9S3ugnox35noyY/avW0JDeLzZX9xmTVQp1yzVgrokflzRQfuNuuFjCdKePHPD4BxA6VgN7kTD2BDAuS2gX0nlvn8Oo2X+T9xW9RD5vnjY+3z7u/qJ1h2L43zpjGpYPJtAhULnMNGJLHVcwCp0qjqm79D+M=
Received: from SJ0PR05CA0207.namprd05.prod.outlook.com (2603:10b6:a03:330::32) by SJ2PR12MB8980.namprd12.prod.outlook.com (2603:10b6:a03:542::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8678.23; Wed, 23 Apr 2025 15:22:40 +0000
Received: from CO1PEPF000042AC.namprd03.prod.outlook.com (2603:10b6:a03:330:cafe::b1) by SJ0PR05CA0207.outlook.office365.com (2603:10b6:a03:330::32) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.33 via Frontend Transport; Wed, 23 Apr 2025 15:22:40 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 18.7.68.33) smtp.mailfrom=alum.mit.edu; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=alum.mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of alum.mit.edu designates 18.7.68.33 as permitted sender) receiver=protection.outlook.com; client-ip=18.7.68.33; helo=outgoing-alum.mit.edu; pr=C
Received: from outgoing-alum.mit.edu (18.7.68.33) by CO1PEPF000042AC.mail.protection.outlook.com (10.167.243.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.12 via Frontend Transport; Wed, 23 Apr 2025 15:22:39 +0000
Received: from [192.168.1.52] (c-76-19-71-248.hsd1.ma.comcast.net [76.19.71.248]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id 53NFMbUp004404 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Wed, 23 Apr 2025 11:22:38 -0400
Message-ID: <0144c35a-53cb-47d8-9a8c-19e8ab2a0ef1@alum.mit.edu>
Date: Wed, 23 Apr 2025 11:22:37 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: tirumal reddy <kondtir@gmail.com>
References: <5a128fd4-d4bc-4d89-a693-114f135cbe4c@alum.mit.edu> <CAFpG3gdQ3jRQPEtc1i8uvz4xznVP-1pDQgJP2cGm_aZ1_j0fog@mail.gmail.com>
Content-Language: en-US
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
In-Reply-To: <CAFpG3gdQ3jRQPEtc1i8uvz4xznVP-1pDQgJP2cGm_aZ1_j0fog@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CO1PEPF000042AC:EE_|SJ2PR12MB8980:EE_
X-MS-Office365-Filtering-Correlation-Id: c0163a81-7cc9-488f-e054-08dd827aafa7
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|41320700013|36860700013|1800799024|82310400026|376014|13003099007;
X-Microsoft-Antispam-Message-Info: /1BdnCeFOx8PhfsOumU30TztCLHnAqOOWHpqEV/9d61H8aect0gRjdHXQ2VS8ABI+e7dfGEEF8K44qiCRa4e1OXbKq0Ik+diSy+Bw/oab77xg9xK2Zh79ifnblsyHScVl7aomfICRRluMMsQgb5mU9W556uO81oi9IEzUgbgcQbJQkIr3Qfpu6/FWWDj1GLm1k+mf4b2jXwRMlnOESOlScOHPubH+ycslFTzgx753VBi0Gu45HZF1bMdlDZ/YxLzs42A/gZrmbIelTdfJLb5uiIamIBGQeYPjXBmhgxKAZcL/MfQFDa6rrTqzUDF45PW8tiOHrZW4Pvdncx4oWBb6mIjTWPxgtZPpBHm3vkYLaXdZM0iJ+yAAPh+U4uGElrTjcqURQx3E82BOjhgOhiJKYWn+nfhxPJK7ZbTJ0wiFxzoaCV2CbpjRuHQfiF1ZLIvQEgi6jd3NASJtEnBmrsd9mW3cYkE+mQCJ8v6eGONP/AWzXMpTiyg+OiY3B64JHMm+MlS0vvPpWDBFd3hkvEecLCX3VQFJQsPq7Jd05zlvOwU9XtkQmgOFDvqrKl+OzQmln+hoderAcjCwsvNzzNHw1AlXr1S1tPwimQG3lQ+5GKp6y1i1aH0t7nz4IEI/1b0c8A4UbM+jyNhOlFOifIZ/OG6mv49ZT0jU0q5Lk3HpQEu+AOyErKLM7PMcnZDxkTB+UvLeoeZBhf+0CUiWEdItOUDKD3zGDnaSHksPJQZxDKtveDnIHrktT5/DGvaSYCLggFGU8+SxCvnqkr0dPAdcCAyzuDoWH/aX/Nks5Z0n0bCRLjjSEB5MV1+tUXG5CRrlJD87VEOv9yWRkhpb4hfrMdT4XK/ep0na8kcgRO19xXrSKn0sR4Dzr3UrxBlWCTve9enXNv/5L/MHFM+AoVgXtJWNk6ut+9Tb21kpqlnMuPi85PDJWoD766FXiQCBxQs+tm1uYyysNygr/hesKH5HwtrOJ7s1FlX23Nf0m5IZOvx6UhCGUIUg4eg8tQw1a2U7NeaEEcrFz1nkRwdiNUoNwHSAGgQ67yAZ75wc3WJI+yUG+0SPiv79gcH0+AgFZadHniLWMqc0K1X3l9RALISe38Ql0OsinTgQCzPIGk0uNahdytvGE3NSC74vwjISfdpaDyBcbHKInmN6iuyRBwxAddQi+0HBgyRFXFrpdVu0QrGAB0ARfTIh6i36+mlLUu1LOWNZkMu6AL/Ic5BOFiSfLxAb4BhYECuCmBmqGTcX1jyF51+9ptLjrmnul5Zi076NRqf/+bhSce/F1IYhOZ6YwM72FsaK+Y+0D5/EOmIZV2Dmz1bHBvNfcUseap8ALXKq030kQ2drlV0vMM8eLAXCMbzole7ztY1rBf7nnqHbMsCSARu2QGpowwRccE/6lUgFMSB2yGAZ3ZuPOVwK7J2ykmM/dX6Z0bKEEj5Y/pvhtkUT0E1TpVqQbr/WkNtxPvFsLUYzL6uYD1qV1+w4YbaTcw1sONyNE2HhL7la4swl+TJiBgSnUwifTRJgKwK5dg0ZVsBO+5nYndMixOyvQ8oCA==
X-Forefront-Antispam-Report: CIP:18.7.68.33;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:outgoing-alum.mit.edu;PTR:outgoing-alum.mit.edu;CAT:NONE;SFS:(13230040)(41320700013)(36860700013)(1800799024)(82310400026)(376014)(13003099007);DIR:OUT;SFP:1101;
X-OriginatorOrg: alum.mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2025 15:22:39.7520 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c0163a81-7cc9-488f-e054-08dd827aafa7
X-MS-Exchange-CrossTenant-Id: 3326b102-c043-408b-a990-b89e477d582f
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3326b102-c043-408b-a990-b89e477d582f;Ip=[18.7.68.33];Helo=[outgoing-alum.mit.edu]
X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042AC.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8980
Message-ID-Hash: U7QS7JCWUO7WQFTBVKALJTB2C5YNMOR2
X-Message-ID-Hash: U7QS7JCWUO7WQFTBVKALJTB2C5YNMOR2
X-MailFrom: pkyzivat@alum.mit.edu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: art@ietf.org, draft-ietf-dnsop-structured-dns-error.all@ietf.org, last-call@ietf.org, dnsop@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: Artart Last Call review of draft-ietf-dnsop-structured-dns-error-12
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ns9h07qFJk2f9bCsXYsS7wXCkmk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
Tiru, You have mostly addressed my concerns. I've included a few followup questions below. On 4/23/25 1:42 AM, tirumal reddy wrote: > 1) NIT: Section 4 - c: (contact) > > This allows sips but not sip URIs. Sips is not widely used. > Please consider allowing sip URLs. > > Allowing "sip" URI introduces security issues, "sips" offers encrypted > transport for SIP messages. I'm aware of that. Yet, AFAIK sips URIs are rarely used in sip implementations. (They were added to get through the security review for RFC3261.) I think there would often be trouble invoking a sips URI. Also, why isn't there similar concern for the security of mailto? But if you think you can't get through a security review with sip then so be it. > 3) ISSUE: Section 8 - Extended DNS Error Code > > The phrasing here, for both the section title and the content, is odd > and confusing. For clarity and consistency with section 7, I suggest a > title of "New Extended DNS Error Code Definition". > > And then the body could start with: "This document defines the > following > new IANA-registered Extended DNS Error Code." The existing text will > then require some tweaking to align with this rephrasing. > > And then to avoid confusion, perhaps change the title of section > 11.4 to > "New Extended DNS Error Code Registration". > > No, the section title and its body is consistent with the sections in > RFC 8914 defining Extended DNS Error Codes, please see > https://datatracker.ietf.org/doc/html/rfc8914#section-4 > <https://datatracker.ietf.org/doc/html/rfc8914#section-4> OK, I see why you want to phrase these this way. But it doesn't read the same way here as in rfc8914. This is because rfc8914 has comparable definitions as subsections of section 4 titled "Defined Extended DNS Errors", which gives context. You could create a similar structure to provide the context. E.g., 8. New Extended DNS Errors This document defines an addition to the EDE codes defined in [RFC8914]. 8.1 Extended DNS Error Code TBA1 - Blocked by Upstream DNS Server ... I realize it looks a little odd to have a section with only one subsection, but it does make the document easier to follow. > 6) ISSUE: Section 11.2 - New Registry for Contact URI Scheme > > Could you please add some text describing the role and responsibilities > of the Change Controller? What sort of changes are allowed? More than > additions? > > IETF review is required to update the registry, see > https://datatracker.ietf.org/doc/html/rfc8126#section-4.8 > <https://datatracker.ietf.org/doc/html/rfc8126#section-4.8>, change > controller is IETF. I think you are missing my point. I'm looking for a more in-depth definition of the role of "Change Controller". I checked, and this term is currently not used in Domain Name System (DNS) Parameters. I just realized that your definitions of new IANA registries fail to specify Registration Procedures, which is required. I think you can achieve what you want by specifying that the Registration Procedure is "IETF Review", "Standards Action", or "IESG Approval". Then you can omit all mention of Change Controller. > 7) ISSUE: Section 11.3 - New Registry for DNS SubError Code... > Also, again, could you please add some text describing the role and > responsibilities of the Change Controller? What sort of changes are > allowed? More than additions? See above. Thanks, Paul
- [DNSOP] Artart Last Call review of draft-ietf-dns… Paul Kyzivat
- [DNSOP] Re: Artart Last Call review of draft-ietf… tirumal reddy
- [DNSOP] Re: Artart Last Call review of draft-ietf… Paul Kyzivat
- [DNSOP] Re: [art] Artart Last Call review of draf… Brian Rosen