Technical Summary
DNS error reporting is a lightweight reporting mechanism that
provides the operator of an authoritative server with reports on DNS
resource records that fail to resolve or validate. A domain owner or
DNS hosting organization can use these reports to improve domain
hosting. The reports are based on extended DNS errors as described
in RFC 8914.
When a domain name fails to resolve or validate due to a
misconfiguration or an attack, the operator of the authoritative
server may be unaware of this. To mitigate this lack of feedback,
this document describes a method for a validating recursive resolver
to automatically signal an error to a monitoring agent specified by
the authoritative server.
Working Group Summary
The WG worked together to address any and all issues. While the document had
already undergone thorough review by both the WG and implementers, as indicated
below, the WGLC period was extended by two weeks to include additional input
from the WG before advancing the document to the IESG. All feedback has been
further discussed on the mailing list and, if relevant, incorporated into the
document.
Document Quality
In an early phase, proof-of-concept implementations of the I-D were realised
during IETF Hackathons and interop tests were carried out. There are several
implementations that have been in use for some time now.
Personnel
Benno Overeinder is DS!
Warren "Ace" Kumari is RAD!!!!!