Hacker News new | past | comments | ask | show | jobs | submit login

One of the interesting technical questions is how these vendors will choose to reflect the forbidden DNS entries in protocols like DoH where they have a choice. For example a reasonable thing for a DoH server to say when asked a DNS question it has been forbidden to answer truthfully, is HTTP 451 Unavailable for Legal Reasons.



That would be a layer/protocol violation. The HTTP status codes used in DoH are used to discuss the semantics of the DNS query itself, unrelated to the DNS response. For example an NXDOMAIN response is still a 200, not a 404.

Edit: for what it’s worth, Google is doing this the “right” way in the DNS protocol itself, see: https://news.ycombinator.com/item?id=40698650


> The HTTP status codes used in DoH are used to discuss the semantics of the DNS query itself.

And the the response is that the server cannot faithfully answer the DNS query due to legal reasons.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: