On Tue, 6 May 2025 at 16:39, Peter Thomassen <pe...@desec.io> wrote: > > > On 5/6/25 12:48, tirumal reddy wrote: > > On Mon, 5 May 2025 at 21:56, Paul Wouters <p...@nohats.ca <mailto: > p...@nohats.ca>> wrote: > > First of all, the contact details are completely untrusted (eg when > > obtaining a DNS via DHCP) or superfluous (eg when the user configured > [...] > > Note that an attacker being able to give you an email address to use > > is very dangerous - it will facilitate endusers to receive malicious > > email responses from an attacker. > [...] > > I believe this document is actually harmful to endusers, with no > > meaningful gains for IT teams. If I was a browser vendor, I would > > only allow displaying i18n text for EDE enums. > > > > > > please elaborate how it is harmful to end-users. > > There are multiple examples of that in Paul's previous message [1], one of > which you quoted above. > > The other non-quoted examples can be found in that message [1] by Ctrl+F > "Use a globally trusted ID", "desensitized", "incidents number can be > customized for tracking", etc. > > I'm pointing to these because they have not been answered, so perhaps were > overlooked. > an I have only responded to the comments pertaining to draft-ietf-dnsop-structured-dns-error (which is going through IETF LC), not to draft-nottingham-public-resolver-errors (it is a new draft). Could you please clarify which comment you believe I missed for draft-ietf-dnsop-structured-dns-error ?
-Tiru > > [1]: > https://mailarchive.ietf.org/arch/msg/dnsop/nSQrWxfeoEvD6_Fd8U7HpXvbbH4/ > > Best, > Peter > (hats off) > > -- > https://desec.io/ >
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
