5 Čen
2019
5 Čen
'19
11:11
On 01. 06. 19 14:33, Christoph wrote:
Vladimír Čunát:
Hello,
that's very interesting! Thank you for reaching out.
Let's continue discussion on IETF DoH WG mailing list, this has impact
far beyond Knot Resolver implementation.
Petr Špaček @ CZ.NIC
On 5/2/19 10:56 PM, Christoph wrote:
We've a better understanding about why kresd has a lower fraction of
answers with the HTTP 200 OK response code when compared with other DoH
server implementations.
Unlike other implementations kresd apparently enforces
that no other / additional HTTP parameters are present in the request
that are not defined in RFC8484.
So while kresd refuses with 400 others still provide 200 with the answer
to the query.
RFC8484 does not say anything about how DoH servers should handle that
condition.
To increase the interoperability it would be great if you could
add an option that allows the operator to decide how strict he would
like his service to be:
a) current behavior
b) just parsethe relevant fields and ignore additional HTTP parameters
in DoH requests
What do you think? [...] we analyzed failure rates by looking at
HTTP response codes [...]
I'd suggest looking at the requests causing the 4xx responses, as these
code are meant for incorrect requests. It's even possible that kresd is
more strict about these.