cname for apex record
Jan Schaumann
jschauma at netmeister.org
Wed Dec 25 19:10:13 UTC 2024
Mark Andrews <marka at isc.org> wrote:
> As for browser support Safari added HTTPS record support years ago (~2020).
>
> Mozilla finally removed the restriction of only looking up HTTPS records via DoH in release 129.0.
>
> Chrome added support in 2021.
Well, "support" here means different things, though.
In my experimentation, I've found that some browsers
only support some features of the HTTPS records.
See e.g.:
https://issues.chromium.org/issues/40937306
https://bugzilla.mozilla.org/show_bug.cgi?id=1869075
AFAIU, Chrome is primarily (only? at this time?)
interested in using HTTPS records for ECH, which last
I checked (about 6 months ago or so), Safari at least
didn't support.
Honoring of alpn, port, and the behavior of handling
chains in alias mode, or how to behave if an alias
doesn't have A/AAAA records etc. all is also still
very much hit or miss, I've found.
> Searching for information about which browsers support it is problematic because DNS and HTTPS are used together for different things.
Yeah. Having SVCB/HTTPS support in caniuse.com would
be useful:
https://github.com/Fyrd/caniuse/issues/6091
-Jan
More information about the bind-users
mailing list