Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-error and combinations of EDEs and RCODEs
Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 12 September 2019 18:10 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5C2F12086A for <dnsop@ietfa.amsl.com>; Thu, 12 Sep 2019 11:10:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q5_QANm4noQ3 for <dnsop@ietfa.amsl.com>; Thu, 12 Sep 2019 11:10:04 -0700 (PDT)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A03E12087D for <dnsop@ietf.org>; Thu, 12 Sep 2019 11:10:04 -0700 (PDT)
Received: from [10.200.2.180] (sdzac10-108-1-nat.nje.twosigma.com [8.2.105.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by straasha.imrryr.org (Postfix) with ESMTPSA id AD9DC2A5CA5 for <dnsop@ietf.org>; Thu, 12 Sep 2019 14:10:03 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
X-Priority: 3
In-Reply-To: <1878161734.14716.1568306548325@appsuite-gw1.open-xchange.com>
Date: Thu, 12 Sep 2019 14:10:02 -0400
Reply-To: dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <0C5DC6B2-E9C5-46A6-B0BA-12830A405DD2@dukhovni.org>
References: <EA557043-34D1-43EA-B750-4A17CFC6BE50@icann.org> <ybl36h4aj8x.fsf@w7.hardakers.net> <AFE92D06-8418-4451-A827-D5656C83B796@icann.org> <yblzhjbeova.fsf@w7.hardakers.net> <067589D2-8E7E-47FA-867C-72E266A55D6D@icann.org> <CADyWQ+EB-eotvTdYwNv5Oo4=-mibdgEgpkQ3yh37orAwp-AgWg@mail.gmail.com> <ybly2yubfnp.fsf@w7.hardakers.net> <21136294-FDFD-4A99-9529-E79C45E79535@icann.org> <yblzhja9kz3.fsf@w7.hardakers.net> <3AC375B1-D858-4577-AEBE-4BB7CD40C241@icann.org> <1878161734.14716.1568306548325@appsuite-gw1.open-xchange.com>
To: dnsop@ietf.org
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rbkGvMH-vG-P5GHUx06-LRWYRgM>
Subject: Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-error and combinations of EDEs and RCODEs
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2019 18:10:11 -0000
> On Sep 12, 2019, at 12:42 PM, Vittorio Bertola <vittorio.bertola@open-xchange.com> wrote: > > But isn't the foremost motivation of this document to allow the client to tell between SERVFAIL due to DNSSEC validation failure and SERVFAIL due to resolver issues, and try another resolver in the latter case but not in the former? That's the crux of the matter and, in short, *no*, that's not (or should not be) the motivation. SERVFAIL means, and will continue to mean, I can't help you, better luck next time (or elsewhere). The new EDEs are *diagnostic* detail to aid in troubleshoots, but do not override RCODEs. They are not a more fine-grained RCODE one might "act on". If we want more fine-grained *actionable* codes, there's plenty of room for more values in the 12-bit EDNS RCODE. [ I chatted off-list with Wes, the above appears to match his take, with a bit luck also rough WG consensus... ] -- Viktor.
- [DNSOP] Comments on draft-ietf-dnsop-extended-err… Paul Hoffman
- Re: [DNSOP] Comments on draft-ietf-dnsop-extended… Wes Hardaker
- [DNSOP] draft-ietf-dnsop-extended-error and combi… Paul Hoffman
- Re: [DNSOP] draft-ietf-dnsop-extended-error and c… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Tim Wicinski
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Evan Hunt
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Vittorio Bertola
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Viktor Dukhovni
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Ray Bellis
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Paul Hoffman
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Viktor Dukhovni
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Tony Finch
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Vladimír Čunát
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Eric Orth
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Wes Hardaker
- Re: [DNSOP] [Ext] Re: draft-ietf-dnsop-extended-e… Tony Finch