On Oct 16, 2025, at 12:57, Petr Špaček <[email protected]> wrote: > > Hello fellow resolver developers. > > Current BIND 9 resolver implements many implementation-specific limits, and > other serious resolvers have these too, as evidenced by > draft-fujiwara-dnsop-dns-upper-limit-values. > > How would people here feel about EDE code for signaling that particular query > ended up as SERVFAIL because some limit was exceeded? > > Personally I think one code for all limits would be enough. It would be a > signal for whoever is debugging - system operates normally, but either you or > the auth side are doing something weird, and they should inspect logs. I have > no intention of disclosing specific numeric values in the EDE response. > > WDYT?
Yes, please! No need to have a different code for each limit, because some resolvers might limit only if $a>12 and $b<5, for example. That's what the extra text is for. --Paul Hoffman _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
