mstojens / draft-tjjk-cared

1 stars 3 forks source link

TBD: what to do with EDSR destinations #4

Open moonshiner opened 4 months ago

moonshiner commented 4 months ago

Does this mean "EDNS Destinations". Trying to find EDSR elsewhere

mstojens commented 4 months ago

Ah no, I missed this TBD before submitting... oops. This refers to Encrypted DNS Server Redirection (EDSR), a draft just adopted by the ADD WG. In a nutshell, it uses SVCB records to allow servers to inform clients they would prefer they replace this connection with one to another server within the same trust boundary. We're not sure how to handle that case yet, but it's also worth tracking that anyone wanting to support both will have to handle some interesting cases.

moonshiner commented 1 month ago

In reading 9462 again and the new draft it feels like if you can not use an EDSR destination that came via DDR, and you should only use an EDSR destination that aligns with your current trust boundaries.

yes?

mstojens commented 4 weeks ago

Probably. Given the time crunch, I figure we will not try to rush wording on this and address this in a -02 instead of the -01. This issue will remain open to ensure we track this.