A First Look at SVCB and HTTPS DNS Resource Records in the Wild

Johannes Zirngibl, Patrick Sattler, Georg Carle

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

The Internet Engineering Task Force is standardizing new DNS resource records, namely SVCB and HTTPS. Both records inform clients about endpoint and service properties such as supported application layer protocols, IP address hints or Encrypted Client Hello (ECH) information. Therefore, they allow clients to reduce required DNS queries and potential retries during connection establishment and thus help to improve the quality of experience and privacy of the client. The latter is achieved by reducing visible metadata, which is further improved with encrypted DNS and ECH. The standardization is in its final stages and companies announced support, e.g., Cloudflare and Apple. Therefore, we provide the first large-scale overview of actual record deployment by analyzing more than 400 M domains. We find 3.96kSVCB and 10.5 M HTTPS records. As of March 2023, Cloudflare hosts and serves most domains, and most records only contain Application-Layer Protocol Negotiation (ALPN) and IP address hints. Besides Cloudflare, we see adoption by a variety of authoritative name servers and hosting providers indicating increased adoption in the near future. Lastly, we can verify the correctness of records for more than 93% of domains based on three application layer scans.

Original languageEnglish
Title of host publicationProceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages470-474
Number of pages5
ISBN (Electronic)9798350327205
DOIs
StatePublished - 2023
Event8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023 - Delft, Netherlands
Duration: 3 Jul 20237 Jul 2023

Publication series

NameProceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023

Conference

Conference8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023
Country/TerritoryNetherlands
CityDelft
Period3/07/237/07/23

Keywords

  • DNS
  • HTTPS
  • Internet measurement
  • SVCB

Fingerprint

Dive into the research topics of 'A First Look at SVCB and HTTPS DNS Resource Records in the Wild'. Together they form a unique fingerprint.

Cite this