[DNSOP] Structured Data update (draft-wing-dnsop-structured-dns-error-page-03)
Dan Wing <danwing@gmail.com> Thu, 28 April 2022 14:15 UTC
Return-Path: <danwing@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88C67C15E6C9 for <dnsop@ietfa.amsl.com>; Thu, 28 Apr 2022 07:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ECzS-fCsd7jf for <dnsop@ietfa.amsl.com>; Thu, 28 Apr 2022 07:15:08 -0700 (PDT)
Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86D74C1595E5 for <dnsop@ietf.org>; Thu, 28 Apr 2022 07:15:08 -0700 (PDT)
Received: by mail-pl1-x62b.google.com with SMTP id k4so4464948plk.7 for <dnsop@ietf.org>; Thu, 28 Apr 2022 07:15:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=VzWlzCrMpZubVfGHWS3Z3rxxQtKsgVvVBZyyCtfUgoc=; b=TnyDcgb8ocM/pxKwd/2xFGYr/zTlIH0Fy9Zen0/8DGzhy44/1o4Ses0LnICzkgdobR W/Ii1bSh8MMTWKESRmAwcV2BdbK/TQhEgj69ZFva65+DelFb6EbgaxKLSeIwBoIM+JaN siZ8dk4YflgtCKMk0iATIoAhyoLISns8NdSwwhu04MiqKCMkQ8HbBMqNyu9rHW7gKUmI 96fHjfp5+1SyhYr3JvLuqYFzeIrpOoSLztmDZFpgayF2Xec0vJz96B/moDkLB7dmR4fn 8Zao4OhMWdkfY53ozdjMzvaMg+HZnyTwU5HuWthE24xLvNqG40PRiUccLvjyRzrDV+D4 RSlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=VzWlzCrMpZubVfGHWS3Z3rxxQtKsgVvVBZyyCtfUgoc=; b=Fj8e7ATxzUx4VQHrRp+GsqzP8Hk0AA5RWFRL1XGKXsARGPQ5k5vMIJoqZX8q9L+/gY zh2X4orJcvmKDCUjbgd1DMHVcQZTMOu8VHIZKhrt0t8M+HW2vnBvqdyiQchTKL5MW5MG 9wIasGA8YDDaEfmiYjUgxGFkW6ICiHNcSq6xeOAe0Z4bhv+MWrXlh2OjnttJ1XbEVfBp SRoakKTYwJSbExZJjDWgrhfzH0bFTjTXVvjxVtWc4thywvbUk/1Ksyzm/6QmoZANlmR1 yKqvyjbDhnwK3ULy+0NbQoI1Q68TaKLxleUYDwM/EsAw1y3L3/rwxFPmecz51w7ozQbU tDxA==
X-Gm-Message-State: AOAM532nSLotbCSbDlUbCeLkalhqJlxLCspddPCjn0j/z0yJnXXb3vf9 q1FvVjEwAH6OD6Kt4ioKNLJwZCJADIE=
X-Google-Smtp-Source: ABdhPJz0IVl6zDwgMTJ5GPXN/GxVGXMtZCAA1ebNO5OxecZanz/MBTHFTFae/QGAwxN9OjV3Lpt+GQ==
X-Received: by 2002:a17:902:ec83:b0:15d:4a5e:3abb with SMTP id x3-20020a170902ec8300b0015d4a5e3abbmr10123021plg.157.1651155307047; Thu, 28 Apr 2022 07:15:07 -0700 (PDT)
Received: from smtpclient.apple ([2600:100e:b13e:8ddc:289e:70ba:d4e4:8042]) by smtp.gmail.com with ESMTPSA id o3-20020a63f143000000b003c14af5062asm2866458pgk.66.2022.04.28.07.15.05 for <dnsop@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 28 Apr 2022 07:15:06 -0700 (PDT)
From: Dan Wing <danwing@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Message-Id: <A541B18D-1603-4290-A87A-1A058F46B7EA@gmail.com>
Date: Thu, 28 Apr 2022 07:15:04 -0700
To: DNSOP WG <dnsop@ietf.org>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/osrO1-N-gvGJGAb5BLi9rJ2OsJ4>
Subject: [DNSOP] Structured Data update (draft-wing-dnsop-structured-dns-error-page-03)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2022 14:15:09 -0000
We updated dnsop-structured-dns-error-page: * Require using RESINFO [I-D.reddy-add-resolver-info] in client processing and added discussion of attack mitigation of using RESINFO. * Removed validation of URI domain suffix, which we can't do for some URLs (e.g., tel:), is difficult/impossible for others when 3rd party is handling level one support (e.g., sips:). Instead rely on RESINFO telling us if EDE is supported by the DNS server and, if so, expect it to properly support EDE rather than blindly forward an unknown DNS option. * Removed 'partial URI' text and this version incorporates other feedback we have received to date as it has matured. Datatracker, https://datatracker.ietf.org/doc/draft-wing-dnsop-structured-dns-error-page/03/ Feedback welcome, especially on these changes which we expect resolve issues raised with earlier versions of the document. -d