Subject

• I'd like to contribute to the project (code, documentation, website, advocacy, integration, ...)

Description

DNS-over-QUIC is coming and I guess it makes sense to add its support to DNS stamps.

The spec is basically the same as for DNS-over-TLS, but we need a new protocol ID. I suggest 0x04.

Draft spec:

DNS-over-QUIC stamps

Format:

"sdns://" || base64url(0x04 || props || LP(addr) || VLP(hash1, hash2, ...hashn) ||
                       LP(hostname) ||
                       [ || vlen(bootstrap_ip) || bootstrap_ip ])

addr is the IP address of the server. It can be an empty string, or just a port number.
In that case, the host name will be resolved to an IP address using another resolver.
IPv6 strings must be included in square brackets: [fe80::6d6d:f72c:3ad:60b8]. Scopes are permitted.

hashi is the SHA256 digest of one of the TBS certificate found in the validation chain,
typically the certificate used to sign the resolver's certificate. Multiple hashes can
be provided for seamless rotations.

hostname is the server host name which will also be used as a SNI name.

bootstrap_ipi is the IP address of a recommended resolver accessible over standard DNS
in order to resolve hostname. This is optional, and clients can ignore this information.