> On 2. 1. 2024, at 10:38, Jakob Bohm via bind-users <bind-users@lists.isc.org> > wrote: > > Funny, given that HTTP/2 (the spec) had a CVE against it last October, > while HTTP/0.9 and HTTP/1.x did not.
I’ve said that a single modern HTTP/2 implementation (backed by maintained library) is much better than having two different implementations of HTTP protocol that need to cooperate on a single port. You came with vulnerability in the HTTP/2 specification. So, what’s your point? Or you were just trying to be “funny”? > Having the DoH server as a standalone process talking to DNS/TCP would > be a solid implementation given the constant flow of changes made to > HTTP(S) by the Big 5. Sure, but most people don’t want to integrate different programs to talk to each other and having an all-in-one solution works for most people. For the rest, there’s always something like dnsdist that can actually talk DoH on external side and Do53 on the internal side. From a maintainers perspective, I would love to have a minimal DNS implementation with as few features, because that’s easier to maintain. But we are not building BIND 9 for just our own needs, we are building it for the users regardless what I personally think about DoH/2, DoH/3 or DoQ and whatever the Big Tech comes next to shave a nanosecond from the latency and pushes onto the open source developers who are limited on resources and maintain software that has long history… Ondrej -- Ondřej Surý — ISC (He/Him) My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users