Hi all,
On 9/6/25 17:06, Peter Thomassen wrote:
Section 4.2.1
At the end of this section, add (upon suggestion of Oli Schacher (cc)):
NEW
For example, when receiving a NOTIFY(CDS) message for example.com with
agent domain errors.ns1.example.net, and the requested DS update is
found to break thedelegation, then the following report query may be
made (preferably over TCP):
```[monospace]
qname: _er.59.example.com.6._er.errors.ns1.example.net.
qtype: TXT
```
To convey additional textual information, the report query itself MAY
include an Extended DNS Error EDNS0 Option[RFC8914] with an EXTRA-TEXT
field, and with the INFO-CODE field set to the EDE code included in the
report query qname (in this example, 6: DNSSEC Bogus).
Apologies - I just realized that the last 4 lines are not permissible, as the
option to provide EXTRA-TEXT is not allowed in DNS queries (apparently also not
report queries), but also responses.
So, please go ahead with this change as follows:
NEW
For example, when receiving a NOTIFY(CDS) message for example.com with
agent domain errors.ns1.example.net, and the requested DS update is
found to break thedelegation, then the following report query may be
made (preferably over TCP):
```[monospace]
qname: _er.59.example.com.6._er.errors.ns1.example.net.
qtype: TXT
```
Thanks.
Best,
Peter
--
auth48archive mailing list -- [email protected]
To unsubscribe send an email to [email protected]
