> On May 27, 2026, at 03:09, Lars Eggert <[email protected]> wrote: > > Hi, > >> On May 26, 2026, at 20:00, Mukund Sivaraman <[email protected]> wrote: >> It is a textual message for users to consume and for clients to display >> to users. Web browsers may have strict policies on what they display in >> some contexts, but that doesn't mean that DNS should not distribute this >> textual information. > > IMO there is zero chance browsers will show this text to users in *any* > context. What other clients do you envision to be different?
And it’s not because they are just stubborn. Any free flow text that an attacker can populate will be abused by attackers for malicious messages. I already have to support some non-technical people inundated with “your phone is infected, click here” messages. Free form fields are dangerous. If this is not an “enduser” free form field, but a debugging thing, language tags seem overkill and are rarely used by implementations to customize the error message for specific languages That llms say to use nslookup, a tool that has been obsoleted longer than the age of half the people on this list is perhaps an indication that these are not strong arguments to use for implementation decisions at the protocol level. Paul _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
