Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • BIND BIND
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 597
    • Issues 597
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 98
    • Merge requests 98
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source ProjectsISC Open Source Projects
  • BINDBIND
  • Merge requests
  • !5493

Resolve #2854: DoH: Assign HTTP responses freshness lifetime according to the smallest TTL found in the Answer section

  • Review changes

  • Download
  • Email patches
  • Plain diff
Merged Artem Boldariev requested to merge 2854-cache-control-max-age into main Oct 13, 2021
  • Overview 10
  • Commits 4
  • Pipelines 26
  • Changes 12

This merge request makes BIND assign HTTP responses freshness lifetime according to the smallest TTL found in the Answer section by setting the max-age value in the Cache-Control header when appropriate. The recommendations regarding this are given in the section 5.1 of the specification, in particular:

In particular, DoH servers SHOULD assign an explicit HTTP freshness lifetime (see Section 4.2 of [RFC7234]) so that the DoH client is more likely to use fresh DNS data. This requirement is due to HTTP caches being able to assign their own heuristic freshness (such as that described in Section 4.2.2 of [RFC7234]), which would take control of the cache contents out of the hands of the DoH server.

The assigned freshness lifetime of a DoH HTTP response MUST be less than or equal to the smallest TTL in the Answer section of the DNS response. A freshness lifetime equal to the smallest TTL in the Answer section is RECOMMENDED. For example, if a HTTP response carries three RRsets with TTLs of 30, 600, and 300, the HTTP freshness lifetime should be 30 seconds (which could be specified as "Cache-Control: max-age=30"). This requirement helps prevent expired RRsets in messages in an HTTP cache from unintentionally being served.

For example:

doh_max_age_h

That is the only part of the specification which has been unimplemented.

Closes #2854 (closed)

Edited Nov 05, 2021 by Artem Boldariev
Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: 2854-cache-control-max-age