The intent of the structured error mechanism is not to promote or endorse censorship, but to provide transparency where filtering already exists — for instance, due to security policy requirements. Without such signaling, users typically receive a generic NXDOMAIN response or are directed to forged IP addresses, which obscures the nature of the denial or leads to accessing a "spoof" block page. A structured error gives the user (or network administrator) a chance to understand and possibly challenge the reason, rather than masking it entirely.
Furthermore, the structured error mechanism does not perform or define the blocking itself; it merely allows the reason for blocking to be communicated. That said, transparency can help detect and correct cases of overblocking. Additionally, the draft does not define any free-form fields intended for the end user. Please see Section 4 of the draft <https://www.ietf.org/archive/id/draft-ietf-dnsop-structured-dns-error-14.html#section-4> for more details. -Tiru On Wed, 30 Apr 2025 at 19:12, vasilis <[email protected]> wrote: > Hi, > > I would like to raise several concerns regarding the draft > "draft-ietf-dnsop-structured-dns-error-14" related to censorship and its > implications: > > A. Censorship Justification: The proposed mechanism for structured error > messages may inadvertently justify censorship by allowing DNS operators to > specify reasons for filtering, potentially legitimizing arbitrary > practices. > > B. Ambiguity in Justifications: Free-form text fields for justifications > could > lead to vague or misleading messages, obscuring the true nature of > censorship > and leaving users uninformed. > > C. Impact on User Trust: Normalizing structured error messages may > desensitize > users to censorship, reducing public scrutiny and pressure on ISPs and > governments. > > D. Overblocking Risks: The draft does not adequately address overblocking, > where > legitimate content may be filtered alongside harmful content, leading to > excessive censorship. > > E. Lack of Accountability: The draft lacks clear accountability mechanisms > for > DNS operators, risking arbitrary filtering decisions without recourse for > affected users. > > F. International Implications: Different countries' censorship laws could > conflict, leading to a fragmented internet experience and complicating > cross-border access to information. > > While the draft aims to enhance transparency, it raises significant > concerns > about censorship and its effects on user trust and accountability. > > > Thank you for your attention to these important issues. I look forward to > the > community's feedback. >
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
