Greetings again. Some of the people in the recent thread about "dynamic discovery of secure resolvers" have expressed an interest in something that was mentioned at the DRIU BoF in Montréal: they want their browser to use a DoH server that is related to the DNS resolver that their OS is already using. I don't think DHCP can help with that problem (I could be wrong), but I do think that resolver operators should be able to tell browsers the DoH resolvers that they would want their customers to be using.
Please see the draft below. If folks like it, I can continue to work on it. Or, if you like the use case but have a better technical solution, that would be great too. I wanted to bring it to this list before taking it to the DOH WG because it really is an operational issue, not all that related to the DoH protocol. Thoughts? --Paul Hoffman A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Associating a DoH Server with a Resolver Author : Paul Hoffman Filename : draft-hoffman-resolver-associated-doh-00.txt Pages : 8 Date : 2018-08-23 Abstract: Some clients will want to know if there are one or more DoH servers associated with the DNS recursive resolver that the client is already using. This document describes a protocol for a resolver to tell a client what its associated DoH servers are. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-hoffman-resolver-associated-doh/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-hoffman-resolver-associated-doh-00 https://datatracker.ietf.org/doc/html/draft-hoffman-resolver-associated-doh-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
