Speeding up HTTPS and HTTP/3 negotiation with... DNS
In June 2019, Cloudflare's resolver team noticed a spike in DNS requests for the 65479 Resource Record due to data exposed through their new Radar service. They found these to be part of Appleās iOS14 beta release where they were testing out a new SVCB/HTTPS record type. Cloudflare rolled out support across its customer base, allowing automatic support for new protocols like this. The new proposal, currently discussed by the Internet Engineering Task Force (IETF), defines a family of DNS resource record types ("SVCB") that can be used to negotiate parameters for a variety of application protocols. The generic DNS record "SVCB" can be instantiated into records specific to different protocols. One such instance is the "HTTPS" record, which can be used not only to signal to the client that it can connect in over a secure connection (skipping the initial unsecured request), but also to advertise the different HTTP versions supported by the website.
Company
Cloudflare
Date published
Sept. 30, 2020
Author(s)
Alessandro Ghedini
Word count
2030
Language
English
Hacker News points
12