Add support for DNS RRs, like HTTPS and SVCB

[GamePad64]

So, this is a new standard draft for DNS records, that is meant to be used in browsers. It is just like SRV, but a bit more advanced.

[Schweinepriester]

Got a link to the spec draft or something? :)

[Schweinepriester]

I mean I found https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/08/. But only those two, type HTTPS as well as SVCB, or more?

https://en.wikipedia.org/wiki/List_of_DNS_record_types has them as well.

Also https://blog.cloudflare.com/speeding-up-https-and-http-3-negotiation-with-dns/ has some background, it appears.

[GamePad64]

Oh, sorry for having to look for spec by yourself. Yes, only these two record types are in the works now. HTTPSSVC is just an older alias for HTTPS record.

FF tracking bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1634793 Chromium tracking bug: Implemented and Archived

[GamePad64]

Also, shipped in Chrome 96: https://www.chromestatus.com/feature/5485544526053376 And in FF 92: https://www.mozilla.org/en-US/firefox/92.0/releasenotes/

[PaperStrike]

HTTPS-RR consists of many parts, browsers implement them one by one, it may require lots of works sorting them out.

Chromium never seems to have a tracker for fully implementing HTTPS-RR, in addition to #1052476 (archived for some reason) and #1206455 (HTTP->HTTPS redirect), there are also #1264933 (ECH support) and #1417033 (AliasMode support and ServiceMode target support).

The last one was just opened a day ago, but I personally think it's the most wanted feature.

[jschauma]

FYI, the draft is now an RFC https://www.rfc-editor.org/rfc/rfc9460.html

I did some research on the adoption of the HTTPS record: https://www.netmeister.org/blog/https-rrs.html

Relevant findings here: Safari seems to support it fully; Firefox supports it fully iff using DoH; Chrome currently only supports the 'ech' field.

Having these records and support for all fields tracked in caiuse.com would be very useful indeed!

[otbutz]

Firefox supports it fully if using DoH

Also for system DNS since Firefox 129: https://www.mozilla.org/en-US/firefox/129.0/releasenotes/

[jschauma]

Not on macOS, though. (The release notes say that, but of course I did just waste a few minutes wondering wtf it wasn't working. ;- )

[0x192]

@jschauma

Did you enable network.dns.native_https_query in about:config? On Linux, I had to do this.

[chrysn]

Showing this as a differentiated feature ("Full SVCB", "SVCB only for XY") is important, because as jschauma pointed out, support is heterogenous, and people looking up just "SVCB support" might be confused when later Chrome users can't connect for lack of port support.