Warren, Vladimir, and DNSOP, As the IETF Last Call has just completed now, let me chime in again on this topic.
Warren, you are 100% correct about the a.cc "counter-example", this also means that "short domain names" should be removed from `as short as possible: short domain names, concise text in the values for the "j" and "o" names, and minified JSON` because then the modified sentence can have a "MUST" 😉 Regards -éric From: Warren Kumari <[email protected]> Date: Monday, 15 June 2026 at 22:09 To: VladimÃr ÄŒunát <[email protected]> Cc: [email protected] WG <[email protected]> Subject: [DNSOP] Re: Conclusion and request for action after AD review of draft-ietf-dnsop-structured-dns-error-20 On Mon, Jun 15, 2026 at 5:02 AM, VladimÃr ÄŒunát <[email protected]<mailto:[email protected]>> wrote: On 09/06/2026 10.10, Eric Vyncke (evyncke) wrote: Per [1], why not a MUST (my preference but up to you) or providing the required guidance for the "SHOULD" in: To avoid exceeding the maximum EDNS0 size [RFC9715] the generated JSON values *SHOULD* be as short as possible: [...] In my eyes, "as short as possible" and the following text have a fairly fuzzy meaning, except the JSON-minifcation part, so I'm not sure if MUST vs. SHOULD makes a practical difference when formulated this way. I agree with Vladimir here. The context is: " To avoid exceeding the maximum EDNS0 size [RFC9715] the generated JSON values SHOULD be as short as possible: short domain names, concise text in the values for the "j" and "o" names, and minified JSON (that is, without spaces or line breaks between JSON elements). Otherwise, there is a risk that the response will get fragmented." Making this MUST would mean that the domain name has to be something like a.cc<http://a.cc/>, the reason would be something like "because" and the org would have to rename itself from "Acme Security" to X. I personally still think that shoving any sort of JSON into an EDE or EDNS0 answer, and expecting it to be shown to a human is a bad idea, but if we've decided to do that, we might as well make it useable, and so SHOULD seems fine to me. But, obviously, I don't have to defend this in front of the IESG, and so if Eric still thinks it needs to be a MUST to pass, he's probably right… W Also note that the server producing this structured error does know limitations on the overall size of that particular DNS message. (if it's going over plain UDP, they've already "negotiated" the limit size) Though it might be impractical/complicated to make such a decision dynamically. _______________________________________________ DNSOP mailing list -- [email protected]<mailto:[email protected]> To unsubscribe send an email to [email protected]<mailto:[email protected]>
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
