Can I use HTTPS RRs?

Alright fellow craftspeople, let's talk about a seemingly small detail that can have a big impact on how we serve our applications securely: HTTPS and DNS Resource Records (RRs). Ever found yourself wondering if you can just slap an HTTPS certificate onto your DNS records? This article dives into the nitty-gritty of that question, exploring the current landscape and what's technically feasible. It's a reminder that while we often focus on the application layer, the foundational elements like DNS play a crucial role in delivering secure, reliable experiences for our users. Think of it as ensuring your workshop's foundation is as solid as your meticulously crafted code.

The core takeaway here isn't a simple "yes" or "no," but rather a nuanced exploration of how DNS records themselves can be leveraged for security, particularly with DNS-over-HTTPS (DoH). The author unpacks the concept, showing how DNS queries, which are typically unencrypted, can be sent over HTTPS. This is where the practical value lies – understanding the mechanisms that can bolster privacy and security at the network level. While you won't be directly "using HTTPS RRs" in the way you might think of a typical SSL certificate, the article sheds light on the advancements and ongoing discussions around making DNS communication more robust and secure, which is invaluable knowledge for any developer aiming for best practices in their projects.

📰 Original article: https://www.netmeister.org/blog/https-caniuse.html

This content has been curated and summarized for Code Crafts readers.