Mark Andrews <ma...@isc.org> wrote:

> As for browser support Safari added HTTPS record support years ago (~2020).
> 
> Mozilla finally removed the restriction of only looking up HTTPS records via 
> DoH in release 129.0.
> 
> Chrome added support in 2021.

Well, "support" here means different things, though.
In my experimentation, I've found that some browsers
only support some features of the HTTPS records.

See e.g.:

https://issues.chromium.org/issues/40937306
https://bugzilla.mozilla.org/show_bug.cgi?id=1869075

AFAIU, Chrome is primarily (only? at this time?)
interested in using HTTPS records for ECH, which last
I checked (about 6 months ago or so), Safari at least
didn't support.

Honoring of alpn, port, and the behavior of handling
chains in alias mode, or how to behave if an alias
doesn't have A/AAAA records etc. all is also still
very much hit or miss, I've found.

> Searching for information about which browsers support it is problematic 
> because DNS and HTTPS are used together for different things.

Yeah.  Having SVCB/HTTPS support in caniuse.com would
be useful:

https://github.com/Fyrd/caniuse/issues/6091

-Jan
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to