draft-ietf-dnsop-extended-error-11.txt		draft-ietf-dnsop-extended-error-12.txt
	Network Working Group W. Kumari		Network Working Group W. Kumari
	Internet-Draft Google		Internet-Draft Google
	Intended status: Standards Track E. Hunt		Intended status: Standards Track E. Hunt
	Expires: April 2, 2020 ISC		Expires: April 3, 2020 ISC
	R. Arends		R. Arends
	ICANN		ICANN
	W. Hardaker		W. Hardaker
	USC/ISI		USC/ISI
	D. Lawrence		D. Lawrence
	Oracle + Dyn		Oracle + Dyn
	September 30, 2019		October 01, 2019
	Extended DNS Errors		Extended DNS Errors
	draft-ietf-dnsop-extended-error-11		draft-ietf-dnsop-extended-error-12
	Abstract		Abstract
	This document defines an extensible method to return additional		This document defines an extensible method to return additional
	information about the cause of DNS errors. Though created primarily		information about the cause of DNS errors. Though created primarily
	to extend SERVFAIL to provide additional information about the cause		to extend SERVFAIL to provide additional information about the cause
	of DNS and DNSSEC failures, the Extended DNS Errors option defined in		of DNS and DNSSEC failures, the Extended DNS Errors option defined in
	this document allows all response types to contain extended error		this document allows all response types to contain extended error
	information. Extended DNS Error information does not change the		information. Extended DNS Error information does not change the
	processing of RCODEs.		processing of RCODEs.
	skipping to change at page 1, line 43 ¶		skipping to change at page 1, line 43 ¶
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute		Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-		working documents as Internet-Drafts. The list of current Internet-
	Drafts is at http://datatracker.ietf.org/drafts/current/.		Drafts is at http://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	This Internet-Draft will expire on April 2, 2020.		This Internet-Draft will expire on April 3, 2020.
	Copyright Notice		Copyright Notice
	Copyright (c) 2019 IETF Trust and the persons identified as the		Copyright (c) 2019 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(http://trustee.ietf.org/license-info) in effect on the date of		(http://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	carefully, as they describe your rights and restrictions with respect		carefully, as they describe your rights and restrictions with respect
	to this document. Code Components extracted from this document must		to this document. Code Components extracted from this document must
	include Simplified BSD License text as described in Section 4.e of		include Simplified BSD License text as described in Section 4.e of
	the Trust Legal Provisions and are provided without warranty as		the Trust Legal Provisions and are provided without warranty as
	described in the Simplified BSD License.		described in the Simplified BSD License.
	Table of Contents		Table of Contents
	1. Introduction and background . . . . . . . . . . . . . . . . . 3		1. Introduction and background . . . . . . . . . . . . . . . . . 3
	1.1. Requirements notation . . . . . . . . . . . . . . . . . . 4		1.1. Requirements notation . . . . . . . . . . . . . . . . . . 4
	2. Extended Error EDNS0 option format . . . . . . . . . . . . . 4		2. Extended DNS Error EDNS0 option format . . . . . . . . . . . 4
	3. Defined Extended DNS Errors . . . . . . . . . . . . . . . . . 5		3. Defined Extended DNS Errors . . . . . . . . . . . . . . . . . 5
	3.1. Extended DNS Error Code 0 - Other . . . . . . . . . . . . 5		3.1. Extended DNS Error Code 0 - Other . . . . . . . . . . . . 5
	3.2. Extended DNS Error Code 1 -		3.2. Extended DNS Error Code 1 -
	Unsupported DNSKEY Algorithm . . . . . . . . . . . . . . 5		Unsupported DNSKEY Algorithm . . . . . . . . . . . . . . 5
	3.3. Extended DNS Error Code 2 - Unsupported DS		3.3. Extended DNS Error Code 2 - Unsupported DS
	Digest Type . . . . . . . . . . . . . . . . . . . . . . . 5		Digest Type . . . . . . . . . . . . . . . . . . . . . . . 5
	3.4. Extended DNS Error Code 3 - Stale Answer . . . . . . . . 5		3.4. Extended DNS Error Code 3 - Stale Answer . . . . . . . . 5
	3.5. Extended DNS Error Code 4 - Forged Answer . . . . . . . . 5		3.5. Extended DNS Error Code 4 - Forged Answer . . . . . . . . 6
	3.6. Extended DNS Error Code 5 - DNSSEC Indeterminate . . . . 6		3.6. Extended DNS Error Code 5 - DNSSEC Indeterminate . . . . 6
	3.7. Extended DNS Error Code 6 - DNSSEC Bogus . . . . . . . . 6		3.7. Extended DNS Error Code 6 - DNSSEC Bogus . . . . . . . . 6
	3.8. Extended DNS Error Code 7 - Signature Expired . . . . . . 6		3.8. Extended DNS Error Code 7 - Signature Expired . . . . . . 6
	3.9. Extended DNS Error Code 8 - Signature Not Yet Valid . . . 6		3.9. Extended DNS Error Code 8 - Signature Not Yet Valid . . . 6
	3.10. Extended DNS Error Code 9 - DNSKEY Missing . . . . . . . 6		3.10. Extended DNS Error Code 9 - DNSKEY Missing . . . . . . . 6
	3.11. Extended DNS Error Code 10 - RRSIGs Missing . . . . . . . 6		3.11. Extended DNS Error Code 10 - RRSIGs Missing . . . . . . . 6
	3.12. Extended DNS Error Code 11 - No Zone Key Bit Set . . . . 6		3.12. Extended DNS Error Code 11 - No Zone Key Bit Set . . . . 6
	3.13. Extended DNS Error Code 12 - NSEC Missing . . . . . . . . 6		3.13. Extended DNS Error Code 12 - NSEC Missing . . . . . . . . 6
	3.14. Extended DNS Error Code 13 - Cached Error . . . . . . . . 7		3.14. Extended DNS Error Code 13 - Cached Error . . . . . . . . 7
	3.15. Extended DNS Error Code 14 - Not Ready . . . . . . . . . 7		3.15. Extended DNS Error Code 14 - Not Ready . . . . . . . . . 7
	skipping to change at page 4, line 7 ¶		skipping to change at page 4, line 7 ¶
	This document does not allow or prohibit any particular extended		This document does not allow or prohibit any particular extended
	error codes and information to be matched with any particular RCODEs.		error codes and information to be matched with any particular RCODEs.
	Some combinations of extended error codes and RCODEs may seem		Some combinations of extended error codes and RCODEs may seem
	nonsensical (such as resolver-specific extended error codes in		nonsensical (such as resolver-specific extended error codes in
	responses from authoritative servers), so systems interpreting the		responses from authoritative servers), so systems interpreting the
	extended error codes MUST NOT assume that a combination will make		extended error codes MUST NOT assume that a combination will make
	sense. Receivers MUST be able to accept EDE codes and EXTRA-TEXT in		sense. Receivers MUST be able to accept EDE codes and EXTRA-TEXT in
	all messages, including those with a NOERROR RCODE. Applications		all messages, including those with a NOERROR RCODE. Applications
	MUST continue to follow requirements from applicable specs on how to		MUST continue to follow requirements from applicable specs on how to
	process RCODEs no matter what EDE values is also received		process RCODEs no matter what EDE values is also received. Senders
			MAY include more than one EDE option and receivers MUST be able to
			accept (but not necessarily process or act on) multiple EDE options
			in a DNS message.
	1.1. Requirements notation		1.1. Requirements notation
	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",		The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
	"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this		"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
	document are to be interpreted as described in [RFC2119].		document are to be interpreted as described in [RFC2119].
	2. Extended Error EDNS0 option format		2. Extended DNS Error EDNS0 option format
	This draft uses an EDNS0 ([RFC2671]) option to include Extended DNS		This draft uses an EDNS0 ([RFC2671]) option to include Extended DNS
	Error (EDE) information in DNS messages. The option is structured as		Error (EDE) information in DNS messages. The option is structured as
	follows:		follows:
	1 1 1 1 1 1		1 1 1 1 1 1
	0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5		0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
	+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+		+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
	0: | OPTION-CODE |		0: | OPTION-CODE |
	+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+		+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
End of changes. 8 change blocks.
	8 lines changed or deleted		11 lines changed or added
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/