Discovery of Designated Resolvers
RFC 9462, “Discovery of Designated Resolvers”, is a Proposed Standard document published in November 2023 by T. Pauly, E. Kinnear, C. A. Wood, P. McManus, T. Jensen. The canonical text is published by the RFC Editor.
Abstract
This document defines Discovery of Designated Resolvers (DDR), a set of mechanisms for DNS clients to use DNS records to discover a resolver's encrypted DNS configuration. An Encrypted DNS Resolver discovered in this manner is referred to as a "Designated Resolver". These mechanisms can be used to move from unencrypted DNS to encrypted DNS when only the IP address of a resolver is known. These mechanisms are designed to be limited to cases where Unencrypted DNS Resolvers and their Designated Resolvers are operated by the same entity or cooperating entities. It can also be used to discover support for encrypted DNS protocols when the name of an Encrypted DNS Resolver is known.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9462 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9461 Service Binding Mapping for DNS Servers
- RFC 9463 DHCP and Router Advertisement Options for the Discovery of Network- designated Resolvers
- RFC 9460 Service Binding and Parameter Specification via the DNS
- RFC 9464 Internet Key Exchange Protocol Version 2 Configuration for Encrypted DNS
- RFC 9459 CBOR Object Signing and Encryption : AES-CTR and AES-CBC
- RFC 9465 PIM Null-Register Packing
- RFC 9466 PIM Assert Message Packing
- RFC 9457 Problem Details for HTTP APIs