Closed Bug 1755902 Opened 2 years ago Closed 2 years ago

Support Port Prefixed QNAMEs

Categories

(Core :: Networking, enhancement, P3)

enhancement

Tracking

()

RESOLVED FIXED
100 Branch
Tracking Status
firefox100 --- fixed

People

(Reporter: djackson, Assigned: kershaw)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Attachments

(2 files)

The HTTPS RR uses Port Prefix Naming (Section 2.3), with one
modification: if the scheme is "https" and the port is 443, then the
client's original QNAME is equal to the origin hostname, without any
prefix labels.
...
Note that none of these forms alter the HTTPS origin or authority.
For example, clients MUST continue to validate TLS certificate
hostnames based on the origin host.

https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-00#section-7.1

When querying the SVCB RR, an origin is translated into a QNAME by
prepending the hostname with a label indicating the scheme, prefixed
with an underscore, resulting in a domain name like
"_examplescheme.api.example.com.".

Protocol mapping documents MAY specify additional underscore-prefixed
labels to be prepended. For schemes that specify a port
(Section 3.2.3 of [URI]), one reasonable possibility is to prepend
the indicated port number (or the default if no port number is
specified).

https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-00#section-2.3

As I read it, https://example.com:8080 would become a QNAME of _8080._https.example.com when looking for HTTPS resource records.

Severity: S4 → N/A
Whiteboard: [necko-triaged]
Assignee: nobody → kershaw
Status: NEW → ASSIGNED
Pushed by kjang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5f73835f055f
P1: Rename nsIDNSResolverInfo to nsIDNSAdditionalInfo and add port, r=necko-reviewers,dragana
https://hg.mozilla.org/integration/autoland/rev/bdbda5a1f1a8
P2: Support port-prefixed query for HTTPS RR, r=necko-reviewers,dragana
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 100 Branch
Depends on: 1765590
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: