Hi all, This revision https://tools.ietf.org/html/draft-reddy-dnsop-error-page-03 addresses several comments from the WG during the presentation at IETF-108.
Major updates are listed below: 1. Error page URI EDNS0 option to return an URI Template which when accessed provides the reason the DNS query was filtered. 2. The Error Page URI Template is protected with a signature for data origin authentication. 3. Mandatory rules (e.g., DoH and strict privacy profile in DoT) to process the Error page URI EDNS0 option. 4. Updates to security consideration section to discuss threats and mechanisms to address them. Further comments and suggestions are welcome. Cheers, -Tiru ---------- Forwarded message --------- From: <[email protected]> Date: Tue, 25 Aug 2020 at 12:55 Subject: New Version Notification for draft-reddy-dnsop-error-page-03.txt To: Neil Cook <[email protected]>, Dan Wing <[email protected]>, Tirumaleswar Reddy.K <[email protected]>, Mohamed Boucadair < [email protected]> A new version of I-D, draft-reddy-dnsop-error-page-03.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-reddy-dnsop-error-page Revision: 03 Title: DNS Access Denied Error page Document date: 2020-08-24 Group: Individual Submission Pages: 16 URL: https://www.ietf.org/internet-drafts/draft-reddy-dnsop-error-page-03.txt Status: https://datatracker.ietf.org/doc/draft-reddy-dnsop-error-page/ Htmlized: https://tools.ietf.org/html/draft-reddy-dnsop-error-page-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-reddy-dnsop-error-page Diff: https://www.ietf.org/rfcdiff?url2=draft-reddy-dnsop-error-page-03 Abstract: When a DNS server filters a query the response conveys no detailed explanation of why the query was blocked, leading to end-user confusion. This document defines a method to return an URI that explains the reason the DNS query was filtered. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
