[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] GSoC'18: DNS over HTTPS.
|
From: |
Daniel Stenberg |
|
Subject: |
Re: [Bug-wget] GSoC'18: DNS over HTTPS. |
|
Date: |
Wed, 21 Mar 2018 23:26:07 +0100 (CET) |
|
User-agent: |
Alpine 2.20 (DEB 67 2015-01-07) |
On Wed, 21 Mar 2018, Aniketh Gireesh wrote:
I was interested in a project inside Wget2 called DNS-over-HTTPS and I have
prepared a proposal for the same[1].
Fun!
Here's some quick minor feedback from me on the proposal and the project. Over
all it seems like a sensible approach. I've implemented DNS-over-HTTPS for
Firefox and my feedback here is only as an individual with an interest to help
out.
- When specifying a DOH resolver to wget, it should rather be a full URI.
Just a host name or an IP address will not be enough. DOH is performed
against URIs. The same host can run many different servers, DOH and others.
- Since this is HTTPS and you won't find many servers with certs for IPs out
there, you can be sure you'll need to use host names in the URI so that
the cert checks work out.
- Since you'll then need to resolve a host name to reach the resolver, you
need to solve the bootstrap: you either need a configured IP for the host or
you need to use the native resolver first to find the IP to the DOH
resolver!
- "Send them in parallel if possible (not sure how DoH specifies this)" - You
don't really send them in parallel since you use a single connection, but
since you'll use http2 they will just be two small requests sent next to
each other on the connection.
Good luck!
--
/ daniel.haxx.se