You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To find the DoH Servers associated with a resolver, an application
sends that resolver a query for "resolver-associated-doh.arpa" in
class IN with the RRtype of TXT [RFC1035] (that is, the query is
resolver-associated-doh.arpa/IN/TXT).
As described in Section 6, the zone resolver-associated-doh.arpa is
not actually delegated and never will be. The resolver acts as if it
is delegated, and adds its own TXT records to the answer. The
resolver replies with its associated DoH servers as URI templates in
the TXT RRset in the Answer section. The resolver can generate this
reply with special code to capture queries for "resolver-associated-
doh.arpa"; if the resolver can be configured to also be authoritative
for some zones, it can use that configuration to actually be
authoritative for "resolver-associated-doh.arpa".
A resolver that understands this protocol MUST send a TXT RRset in
the Answer section. Each TXT record contains one URI template. If a
resolver that understands this protocol has no associated DoH
servers, the TXT RRset contains exactly one record that has an empty
string as the RDATA; that is, the RDLENGTH in that record is 1, and
the RDATA contains just the byte 0x00.
The client uses the TXT records in the response to the resolver-
associated-doh.arpa/IN/TXT query as a list of the URI templates of
the DoH servers associated with the resolver. Note that TXT records
can contain multiple "character-strings" [RFC1035]; for this
protocol, all characters-strings in a TXT record are concatenated to
form a single URI template.
The URI templates of the DoH servers associated with a resolver might
be hosted on the resolver itself, or a resolver hosted by the same
operator, or even hosted somewhere else. The latter could be used by
resolver operators who don't want to host DoH servers but trust
another operator to do so.
The text was updated successfully, but these errors were encountered:
Allow DoH-capable clients to discover an upstream DoH service used by the Dohnut proxy/stub resolver.
Associating a DoH Server with a Resolver
2.1. DoH Servers by TXT
To find the DoH Servers associated with a resolver, an application
sends that resolver a query for "resolver-associated-doh.arpa" in
class IN with the RRtype of TXT [RFC1035] (that is, the query is
resolver-associated-doh.arpa/IN/TXT).
As described in Section 6, the zone resolver-associated-doh.arpa is
not actually delegated and never will be. The resolver acts as if it
is delegated, and adds its own TXT records to the answer. The
resolver replies with its associated DoH servers as URI templates in
the TXT RRset in the Answer section. The resolver can generate this
reply with special code to capture queries for "resolver-associated-
doh.arpa"; if the resolver can be configured to also be authoritative
for some zones, it can use that configuration to actually be
authoritative for "resolver-associated-doh.arpa".
A resolver that understands this protocol MUST send a TXT RRset in
the Answer section. Each TXT record contains one URI template. If a
resolver that understands this protocol has no associated DoH
servers, the TXT RRset contains exactly one record that has an empty
string as the RDATA; that is, the RDLENGTH in that record is 1, and
the RDATA contains just the byte 0x00.
The client uses the TXT records in the response to the resolver-
associated-doh.arpa/IN/TXT query as a list of the URI templates of
the DoH servers associated with the resolver. Note that TXT records
can contain multiple "character-strings" [RFC1035]; for this
protocol, all characters-strings in a TXT record are concatenated to
form a single URI template.
The URI templates of the DoH servers associated with a resolver might
be hosted on the resolver itself, or a resolver hosted by the same
operator, or even hosted somewhere else. The latter could be used by
resolver operators who don't want to host DoH servers but trust
another operator to do so.
The text was updated successfully, but these errors were encountered: