Hi,
Thank you for your response and explanations.
I still disagree with the characterization of NXDOMAIN as a resolution error.
That's like characterizing a red street light as a driving error.
I seems worthwhile to assess the prevalence of NXDOMAIN outcomes, but I believe
it's better to do this by asking how frequency what kinds of resolution
*outcomes* are observed, and one outcome would be NXDOMAIN, another would be
errors (timeouts, SERVFAIL, ...).
At the very least, a definition of "resolution errors" would have to be given
before asking the questions.
If the study remains as is, my expectation is that insights will be biased
and/or limited, and you should expect them to be strongly criticized. Thanks
for inviting again to participate, but I don't feel comfortable with it at this
point.
Best,
Peter
On 8/16/24 15:54, 苗发生 wrote:
-----原始邮件-----
发件人: "Peter Thomassen" <pe...@desec.io>
发送时间:2024-08-15 18:37:58 (星期四)
收件人: "Ralf Weber" <d...@fl1ger.de>, "Xiang Li" <idealeer...@gmail.com>
抄送: dns-operations@lists.dns-oarc.net, mf...@mails.tsinghua.edu.cn,
lixi...@nankai.edu.cn
主题: Re: [dns-operations] Survey of How to Solving DNS Errors
Hi.
On 8/15/24 11:25, Ralf Weber wrote:
I’m not sure what data you want to get out of that research, but IMHO it is
upfront missing a definition of what a resolution error is.
Question 4 ("What types of DNS resolution errors have you encountered most
frequently?") has NXDOMAIN as one option, which implies that NXDOMAIN counts as a
resolution error.
But of course, it's not a resolution error, but a valid outcome of a successful
resolution.
Before reaching this question, I had selected "rarely" for question 3 ("How often
does your organization encounter DNS resolution errors?").
With the knowledge from question 4, the only valid answer for question 3 however seems
"daily", or even "all the time" (which is not an answer option).
Including NXDOMAIN as a resolution error will lead to biased results. For example, many people may
select seeing this "daily", which may lead to a publication saying that "DNS
resolution errors happen all the time", which is vastly inaccurate.
So, unfortunately, I aborted the survey at this point, as it is not
well-defined, and I did not want to increase sample size in this case.
Best,
Peter
--
https://desec.io/
You are right. NXDomain is the result of a successful resolution query,
indicating that the domain name does not exist. However, within our framework,
we consider the absence of a corresponding IP address as a domain resolution
error. Therefore, we classify NXDomain as a resolution error. Moreover, in many
existing studies, NXDomain and other RCODE error codes are also categorized as
resolution errors. Our goal is to detect all domain resolution errors and
analyze the root causes and potential security threats behind these errors.
NXDomain indicates that a domain does not exist, but the reasons for its
nonexistence remain unknown—be it domain revocation, the domain never having
been registered, etc. If possible, we would still appreciate it if you could
fill out the questionnaire and include your thoughts and understanding in it.
Thank you.
--
Like our community service? 💛
Please consider donating at
https://desec.io/
deSEC e.V.
Kyffhäuserstr. 5
10781 Berlin
Germany
Vorstandsvorsitz: Nils Wisiol
Registergericht: AG Berlin (Charlottenburg) VR 37525
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
