Clarification...
Closed this issue · 1 comments
If the Equivalent Encrypted Resolver has a different IP address than the Unencrypted Resolver and the TLS certificate does not cover the Unencrypted Resolver address, the client MUST NOT use the discovered Encrypted Resolver. Additionally, the client SHOULD suppress any further queries for Equivalent Encrypted Resolvers using this Unencrypted Resolver for the length of time indicated by the SVCB record's Time to Live (TTL).
It would be good to explicitly clarify what attack vector this approach is defending against.
This is described in the security considerations already:
An attacker might try to direct Encrypted
DNS traffic to itself by causing the client to think that a
discovered Equivalent Encrypted Resolver uses a different IP address
from the Unencrypted Resolver. Such an Encrypted Resolver might have
a valid certificate, but be operated by an attacker that is trying to
observe or modify user queries without the knowledge of the client or
network.