Thanks to everyone who provided input into the draft text for ECS with SVCB on Github. The current proposed text is:
> The EDNS Client Subnet option (ECS, [RFC7871]) allows recursive resolvers to request IP addresses that are suitable for a particular client IP range. SVCB records may contain IP addresses (in ipv*hint SvcParams), or direct users to a subnet-specific TargetName, so recursive resolvers SHOULD include the same ECS option in SVCB queries as in A/AAAA queries. > > According to Section 7.3.1 of [RFC7871], "Any records from [the Additional section] MUST NOT be tied to a network". Accordingly, resolvers SHOULD treat any records in the Additional section as having SOURCE PREFIX-LENGTH zero and SCOPE PREFIX-LENGTH as specified in the ECS option, and MAY cache them on this basis. Authoritative servers MUST omit such records if they are not suitable for use by any stub resolvers that set SOURCE PREFIX-LENGTH to zero. This will cause the resolver to perform a followup query that can receive properly tailored ECS. (This is similar to the usage of CNAME with ECS discussed in [RFC7871] Section 7.2.1.) > > Authoritative servers that omit Additional records can avoid the added latency of a followup query by following the advice in Section 10.2. If anyone would like changes to this text, please let me know. On Wed, Mar 24, 2021 at 5:19 PM Ben Schwartz <bem...@google.com> wrote: > In the course of WGLC for SVCB, a few people have highlighted nontrivial > interactions between SVCB and EDNS Client Subnet (ECS). To clear this up, > the authors are considering [1] adding a section explaining how SVCB and > ECS should interact, for entities that are trying to do both. > > Please review if you have an interest in these topics. > > Thanks, > Ben Schwartz > > [1] > https://github.com/MikeBishop/dns-alt-svc/pull/308/files?short_path=3500257#diff-3500257c8185942fb80e67b6128f73e7807ad42cdbeee3caf923c376e899235f >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
