The HTTPS record, for proper HTTP/3 support

It’s nothing that no one else has written about,
but no one seems to say it briefly.

HTTP/1 and HTTP/2 all operate over TCP.

When you connect to an https:// URL:

1. Your client tries talking TLS to TCP port 443.
   It says “hi! I want to talk to chrismorgan.info” (TLS ClientHello with SNI).
2. The server says “I can do that, see my certificate!
   I support h2 and http/1.1” (TLS ServerHello with ALPN).
3. Your client says, “great, I’ll take h2” and begins to talk HTTP/2.
4. In its first response, the server says “oh BTW I also support h3 over there” (HTTP alt-svc field).
5. Your client says, “good to know, maybe next time, but for now I’m already invested here”.

The HTTPS Resource Record (DNS record type) is a way for servers to announce ahead of time that they support HTTP/3.

HTTP/3 operates over UDP/QUIC, which (simplifying) makes it better than HTTP/1 and HTTP/2. But lots of servers don’t know about it, and attempting to connect to it complicates matters. (For the IPv4/IPv6 split, there’s a technique called Happy Eyeballs to try both. But for TCP/UDP, I gather you can’t really do the same thing.)

HTTP/3 is better than HTTP/1.0, HTTP/1.1 and HTTP/2.

You loaded this document over HTTP/2.0.

Alas, I guess your client doesn’t support HTTP/3,
or at least doesn’t pay attention to HTTPS records.
Disappointing.

1. Use an HTTP server that supports HTTP/3.
   I’m using Caddy.

   This will let people connect over HTTP/3 (UDP), but they’ll almost certainly connect over HTTP/2 (TLS) first, and only switch to HTTP/3 for subsequent connections.

2. Add an DNS record of type HTTPS, containing this:

   1 . alpn="h3,h2" ipv4hint=140.245.224.237 ipv6hint=2603:c024:8007:f800:0:af:708f:1fb3

   SvcPriority TargetName SvcParams (SvcPriority 0 = alias mode, all other values service mode, so write 1.) If you want to define an alias, like CNAME: `0 lawnmower.chrismorgan.info.` would make chrismorgan.info look up lawnmower.chrismorgan.info.