Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature request] query + show HTTPS DNS record (RFC 9460) #2482

Open
drwetter opened this issue Mar 24, 2024 · 4 comments
Open

[Feature request] query + show HTTPS DNS record (RFC 9460) #2482

drwetter opened this issue Mar 24, 2024 · 4 comments

Comments

@drwetter
Copy link
Owner

drwetter commented Mar 24, 2024
edited
Loading

Which version are you referring to
3.2+

Please check this repo whether this is a known feature request
no

Describe your feature request (if it's a technical feature)
https://www.rfc-editor.org/rfc/rfc9460.txt

If your feature request otherwise is related to a usage problem, please describe it
no

Describe the solution you'd like
At least provide a robust "binary" query of HTTPS record like has/has not . Port and IP addresses can come later
@drwetter
Copy link
Owner Author

FYI: testssl.sh and dev.testssl.sh has such records. Takes a while to propagate though.

@drwetter
Copy link
Owner Author

implemnation should be similar to get_caa_records()but s/type257/type65/

@Seirdy
Copy link

Seirdy commented Mar 24, 2024

This would also be necessary for validating Encrypted Client Hello. Currently supported by many CDNs and the H2O server.

@drwetter
Copy link
Owner Author

See WIP #2484 .

The place where to put the output is unclear yet. It's appears (and is executed) for every IP

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drwetter @Seirdy