You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current behavior
Once this PR lands, Unbound will support a list of standard SvcParamKeys in a SVCB / HTTPS record. If an answer contains an unknown SvcParamKey (e.g. dohpath) it will replaced by key65535, as that is what the RFC says to use for "Invalid key".
;ANSWER
resolver.arpa. 300 IN SVCB 1 . alpn="h2" key65535="/dns-query?{dns}"
Describe the desired feature
Unbound will recognize dohpath as a valid SvcParamKey in SVCB records. When a client queries for a SVCB record that contains a dohpath, this should be present in the answer:
;ANSWER
resolver.arpa. 300 IN SVCB 1 . alpn="h2" dohpath="/dns-query?{dns}"
Potential use-case
Unbound instances will be able to support Discovery of Desginated Resolvers, which defines a mechanism for DNS clients to discover encrypted DNS services (e.g. DoH, DoT, DoQ) provided by their dns53 resolver.
Current Blockers
The SVCB PR is still a draft. I am not sure what the timelines are for getting this ready for review / merged
An IANA number needs to be allocated for the new dohpath SvcParamKey, which to my knowledge, has not happened yet
The text was updated successfully, but these errors were encountered:
This a request to implement/support the Service Binding Mapping for DNS Servers RFC, which defines a new
SvcParamKey
(i.e.dohpath
) for use in SVCB records. This would be an extension of the current work to add SVCB support to Unbound.Current behavior
Once this PR lands, Unbound will support a list of standard
SvcParamKey
s in a SVCB / HTTPS record. If an answer contains an unknown SvcParamKey (e.g.dohpath
) it will replaced bykey65535
, as that is what the RFC says to use for "Invalid key".Describe the desired feature
Unbound will recognize
dohpath
as a valid SvcParamKey in SVCB records. When a client queries for a SVCB record that contains adohpath
, this should be present in the answer:Potential use-case
Current Blockers
dohpath
SvcParamKey, which to my knowledge, has not happened yetThe text was updated successfully, but these errors were encountered: