You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I really, really do NOT like how :authority is having its meaning
altered in the ODNS draft. This breaks HTTP semantics and this
breaks a bunch of assumptions on how CDN servers do hostname-based
service multiplexing. It would require having separate IP addresses
for DoH servers from CDN servers, for example. (Which has worse
privacy properties.) I'd propose instead that ODNS followes adds
some path elements. For example:
:method = POST
:authority = dnsproxy.example.net
:path = /dns-query?targethost=dnstarget.example.net&targetpath=/dns-query
...
makes this be normal HTTPS semantics. It also avoids problems if the
proxy and target have different DoH template URI paths which
I don't believe the current draft handles?
The text was updated successfully, but these errors were encountered:
yeah - this is my fault. I basically agree with @enygren now. I'm not sure it breaks http semantics, but we can debate that in the bar.. it does make the doh service discovery ridiculously hard and we should avoid that.
would we define a new uri template with targethost and targetpath variables?
From @enygren:
I really, really do NOT like how :authority is having its meaning
altered in the ODNS draft. This breaks HTTP semantics and this
breaks a bunch of assumptions on how CDN servers do hostname-based
service multiplexing. It would require having separate IP addresses
for DoH servers from CDN servers, for example. (Which has worse
privacy properties.) I'd propose instead that ODNS followes adds
some path elements. For example:
makes this be normal HTTPS semantics. It also avoids problems if the
proxy and target have different DoH template URI paths which
I don't believe the current draft handles?
The text was updated successfully, but these errors were encountered: