On 2 Apr 2024, at 21:47, Stephen Farrell via curl-library wrote: > - the handling of HTTPS RRs is relatively basic for > now, but improving on that would likely be better as > a separate PR anyway
After discussion with Stephen, I began to look at what we thought should be the next improvement to handling these RRs. This was dealing with HTTPS RRsets according to the *Priority* field of the RDATA, rather than in whatever order they occurred in the DNS response. The special case of *AliasMode* (*Priority=0*) HTTPS RRs seemed like a good place to start, and https://github.com/niallor/curl/tree/DOH-follow-alias has working code for chasing a (limited) chain of AliasMode RRs. Next steps, in no particular order, will probably include: - testing and debugging against some alias chains that Stephen is planning to set up on the *defo.ie* webserver, - making use of the *ipv4hint* and *ipv6hint* service parameters in case no *A* or *AAAA* records are available, - placing additional *A* and *AAAA* queries to resolve addresses for the Target host, - adding support for ordered RRsets, - exploring re-use for additional DNS queries of the DOH TLS sessions as an alternative to the current single-session-per-query model, - exploring filtering of the HTTPS RRsets according to whether the advertised set of service parameters matched the capabilities available, - (probably in the longer term) adding HTTPS RR support to other "DNS backends" in libcurl. As I can't make it to the **curl up** meeting this weekend, I hope that people will follow up by email. I wish all the participants a productive and enjoyable couple of days. Best regards, Niall O'Reilly
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
