On Fri, Aug 22, 2014 at 7:36 AM, Tom Thorogood <me@xxxxxxxxxxxxxxxxxx> wrote: > > >> On 21 Aug 2014, at 1:28 am, Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> wrote: >> >> It is now possible to make a complicated DNS discovery request for the >> same latency cost as traditional A record look up: >> >> Traditional query: >> example.com ? A >> >> Complex discovery >> example.com ? A >> example.com ? AAAA >> _http._tcp.example.com ? SRV >> _http._tcp.example.com ? POLICY >> _80.example.com ? TLSA > > Just to weigh in solely on your example here. I don't believe it makes complete sense to query A/AAAA records for example.com at that point. Until the SRV record has been queried you can't know what server the http protocol is handled by. Or is this a form of collateral where that query takes place to quicken legacy lookups? (Those lacking SRV records). > > Apologies if any of this is off track at all. The reason that you would do that is that it allows an SRV record to dominate the A/AAAA when it is present. So the algorithm for discovery would be * Was an SRV record returned? If so us it and expect that the A/AAAA record would be returned as an additional RR * Was a AAAA record returned? If IPv6 is available, use that. * Fallback to using the A record result. Making the discovery mechanism standard and protocol independent allows an intelligent DNS resolver or authoritative to return the result most likely to be useful because it knows what else is likely to be relevant.