There is an intriguing mention of “Server Push” in the specification of DNS over HTTPS (DoH) (RFC 8484). The RFC is somewhat vague in the description of server push, apart from noting a caveat that “extra care must be taken to ensure that the pushed URI is one that the client would have directed the same query to if the client had initiated the request (in addition to the other security checks normally needed for server push).”

It’s a somewhat elliptical reference to an intriguing possibility that a HTTPS server could deliver one or more DNS HTTP objects that contain both query and answer sections without the client ever making the DNS request/query to the server in the first place. It seems like an approach that is totally alien to the DNS as we know it, so it might be useful to ask: How did we get to this point where this resolverless form of DNS name resolution makes some sense? And, to whom does it make sense?
“Classic” DNS

- 阅读剩余部分 -

Let’s take a second to look back some 50 years to the world of 1972, and the technology and telecommunications environment at that time. The world of 1972 was one populated by a relatively small collection of massive (and eye-wateringly expensive) mainframe computers that were tended by a set of computer operators working around the clock and directed by specialised programmers, trained in the obscure symbol set used by the job control systems on these computers. In the average household of that time, the most complex item of consumer technology was the television set. And it was an analogue device. Our clocks still ran on clockwork. Yet, changes were underway. The enthralling technology achievements of manned space flight had captured not only the imagination of an entire generation but given us a glimpse into the power and utility of technology. Collectively we became obsessed with technology.

- 阅读剩余部分 -










- 阅读剩余部分 -

Free Web Hosting