Re: Managing application data fetched from DNS (eg for ESNI)

On Mon, 30 Sep 2019, Niall O'Reilly wrote:

>> And the TXT one is just in the draft that will soon go away, right?
>
> IIUC, it's in service in Cloudflare's pilot implementation, so I think "will
> soon go away" is true only for a value of "soon" which depends (a) on the
> IETF process reaching a stage where IANA assign an official ESNI code point
> instead of TYPE65439, and (b) Cloudflare complete a migration process.
>
> Draft 3 (binary blob with signature 0xFF02) seems more likely to me to go
> away soon, as I'm not aware of any deployment at scale.
>
> This all may depend on how the IETF process for SVCB and HTTPSSVC converge.

... and also what the other "big players" do. Firefox has an ESNI
implementation that I figure they like having in sync with for example
Cloudflare. I figure there's a risk the first version will remain lingering
around for a while until there seems to be a consensus on the new draft's
method *and* some efforts done to upgrade Cloudflare, Firefox and the likes.

So yeah, maybe continue with the TXT format supported for now but with the
knowledge that we can probably rip that code out again at a later point.

(It seems Chrome has not yet implemented ESNI:
https://bugs.chromium.org/p/chromium/issues/detail?id=908132)

-- 
  / daniel.haxx.se | Get the best commercial curl support there is - from me
                   | Private help, bug fixes, support, ports, new features
                   | https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html