Mastodawn

N-gated Hacker News Sep 14, 2025

🚨 BREAKING: #RFC9460 claims to revolutionize the #DNS landscape with #SVCB and #HTTPS records, but spoiler alert—it's just another jargon-filled proposal destined to collect digital dust. 🌐📜 Meanwhile, DNS admins everywhere are thrilled to have more acronyms to ignore. 🙄✨
https://datatracker.ietf.org/doc/html/rfc9460 #DigitalDust #DNSAdmins #HackerNews #ngated

RFC 9460: Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records)

This document specifies the "SVCB" ("Service Binding") and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration), and are extensible to support future uses (such as keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP (see RFC 9110, "HTTP Semantics"). By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy.

IETF Datatracker

Hacker News Sep 14, 2025

RFC9460: SVCB and HTTPS DNS Records

https://datatracker.ietf.org/doc/html/rfc9460

#HackerNews #RFC9460 #SVCB #HTTPS #DNS #Records #IETF #TechNews #Networking

RFC 9460: Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records)

This document specifies the "SVCB" ("Service Binding") and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration), and are extensible to support future uses (such as keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP (see RFC 9110, "HTTP Semantics"). By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy.

IETF Datatracker

Fabio Alessandro "Fale" Locati Aug 18, 2025

Today I discovered the RFC 9460 and therefore the SVCB and HTTPS resource records. Very interesting and useful innovation :)

https://www.rfc-editor.org/rfc/rfc9460

#RFC9460 #RFC #DNS #SVCB #HTTPS

RFC 9460: Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records)

This document specifies the "SVCB" ("Service Binding") and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration), and are extensible to support future uses (such as keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP (see RFC 9110, "HTTP Semantics"). By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy.

OpenStreetMap Ops Team Feb 25, 2025

We now publish DNS HTTPS IP hint records for all #OpenStreetMap web services per #RFC9460 Why? Small incremental improvement to performance and privacy. Our DNS handles over 2,000 requests per second. DNS HTTPS query is our 2nd most common query. #DNScontrol #SVCB 🚀 🤓

Jan Schaumann Nov 14, 2023

Oh, and lastly, this whole Mastodon thread as a much more convenient blog post 😜:

https://www.netmeister.org/blog/https-rrs.html

#dns #svcb #https #rfc9460 ✌️

Use of HTTPS Resource Records

An analysis of over 225 million domain names to determine the current use of the new HTTPS DNS Resource Records.

Jan Schaumann Nov 14, 2023

Hey, so #RFC9460 HTTPS/SVCB records are neat, right?

They...
- speed up your time-to-first-packet (by basically stuffing the Alt-Svc HTTP header / ALPN TLS extension into the #DNS);
- let you do redirection on the zone apex without using CNAMEs;
- allow for simple DNS load distribution and failover;
- obviate HSTS and the cumbersone preloading process;
- enable stronger privacy protections via Encrypted Client Hello aka #ECH

Erik Nygren

Nov 7, 2023

Woohoo! #IETF #RFC9460 has been published: "Service Binding and Parameter Specification via the #DNS (#SVCB and #HTTPS Resource Records)". https://www.rfc-editor.org/rfc/rfc9460.html

Thank you to everyone has supported and contributed to this over the past almost nine years since the initial seeds were planted during discussions at a TLS 1.3 interim meeting.

SVCB has potential to have substantial impact across a wide range of Internet protocols. I'm thrilled to see how many drafts are already building on it.

RFC 9460: Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records)

This document specifies the "SVCB" ("Service Binding") and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration), and are extensible to support future uses (such as keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP (see RFC 9110, "HTTP Semantics"). By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy.