In November 2023 the IETF standardized the DDR protocol (RFC9462). Querying this DNS RR provides a number of methods for DNS clients to determine the encrypted configuration of a resolver (e.g., on which endpoint runs DoH?). This allows automatic switching from unencrypted to encrypted DNS connections. This might be of high interest for censorship topics.
I have seen in your probes that you have already implemented a scan of HTTPS RRs (RFC9460). DDR builds on top of this. Thus, it should be reasonably easy to implement probes for DDR as well. What do you think? Are there any plans to implement this kind of probes?
Hi guys!
In November 2023 the IETF standardized the DDR protocol (RFC9462). Querying this DNS RR provides a number of methods for DNS clients to determine the encrypted configuration of a resolver (e.g., on which endpoint runs DoH?). This allows automatic switching from unencrypted to encrypted DNS connections. This might be of high interest for censorship topics.
I have seen in your probes that you have already implemented a scan of HTTPS RRs (RFC9460). DDR builds on top of this. Thus, it should be reasonably easy to implement probes for DDR as well. What do you think? Are there any plans to implement this kind of probes?