Re: [DNSOP] Testing SVCB/HTTPS records
On Wed, Jan 19, 2022 at 10:08:48AM +, Stephen Farrell wrote a message of 231 lines which said: > I made a test setup for my TLS/ECH work. [1] Happy to > take PRs or tweak if it's useful to others. It seems it does not address the same thing. I was thinking of testing *actual* published SVCB/HTTPS records, for instance to detect a case where the HTTPS record says alpn="h3" but the HTTP server does not actually speaks HTTP/3. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Testing SVCB/HTTPS records
Hi Stephane, On 19/01/2022 08:36, Stephane Bortzmeyer wrote: Does anyone know a service/software to check the consistency between SVCB/HTTPS DNS records and the Web site? Such as testing the various alpn, the various IP addresses hints, the aliases, etc. (It seems ssllabs.com don't do it yet.) I suspect that many people will put wrong SVCB/HTTPS records... I made a test setup for my TLS/ECH work. [1] Happy to take PRs or tweak if it's useful to others. Cheers, S. [1] https://github.com/sftcd/echdnsfuzz ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop OpenPGP_0x5AB2FAF17B172BEA.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
[DNSOP] Testing SVCB/HTTPS records
Does anyone know a service/software to check the consistency between SVCB/HTTPS DNS records and the Web site? Such as testing the various alpn, the various IP addresses hints, the aliases, etc. (It seems ssllabs.com don't do it yet.) I suspect that many people will put wrong SVCB/HTTPS records... ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop