Unable to Query DoH with `tls none` and Plain HTTP
tale
d.lawrence at salesforce.com
Tue Jan 2 20:35:59 UTC 2024
On Tue, Jan 2, 2024 at 4:38 AM Jakob Bohm via bind-users
<bind-users at lists.isc.org> wrote:
> Having the DoH server as a standalone process talking to DNS/TCP would
> be a solid implementation given the constant flow of changes made to
> HTTP(S) by the Big 5.
Perhaps, but for reference here is the relevant section of the DoH spec:
https://datatracker.ietf.org/doc/html/rfc8484#section-5.2
HTTP/2 [RFC7540] is the minimum RECOMMENDED version of HTTP for use
with DoH.
The messages in classic UDP-based DNS [RFC1035] are inherently
unordered and have low overhead. A competitive HTTP transport needs
to support reordering, parallelism, priority, and header compression
to achieve similar performance. Those features were introduced to
HTTP in HTTP/2 [RFC7540]. Earlier versions of HTTP are capable of
conveying the semantic requirements of DoH but may result in very
poor performance.
That ISC has chosen to follow the minimum HTTP version as recommended
by the RFC is solid ground on which to be standing.
--
tale
More information about the bind-users
mailing list