--- Begin Message ---
Hi,
On 9 Sep 2025, at 16:33, Viktor Dukhovni <[email protected]> wrote:
> On Tue, Sep 09, 2025 at 12:26:44PM +0200, Florian Weimer via dns-operations
> wrote:
>
>> From: Florian Weimer <[email protected]>
>> Date: Tue, 09 Sep 2025 12:26:44 +0200
>> Subject: HTTPS record support
>> To: [email protected]
>>
>> I've got an RFE to add HTTPS/SVCB support to glibc's getaddrinfo
>> implementation.
>
> Why? It seems an unnatural layer violation. The IP addressses of a DNS
> name are NOT provided by its HTTPS or SVCB records.
I assume you are saying that "The IP addresses" with a capital The are more
general than anything that might be published in the bindings for a particular
service, which seems fair.
We have seen lots of HTTP clients connecting to the addresses provided in HTTPS
records' ipv4hint and ipv6hint SvcParamKeys, even when they are different from
the addresses that would be obtained using QNAME=A or AAAA. (Ordinarily these
addresses would all be the same, but there was a situation a while back when
they were different, so we noticed.) RFC9460 allows this, even if it advises
otherwise with SHOULDs.
Joe
--- End Message ---
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
