Discovery of Oblivious Services via Service Binding Records

Introduction Oblivious HTTP allows clients to encrypt messages exchanged with an Oblivious Target Resource (target). The messages are encapsulated in encrypted messages to an Oblivious Gateway Resource (gateway), which offers Oblivious HTTP access to the target. The gateway is accessed via an Oblivious Relay Resource (relay), which proxies the encapsulated messages to hide the identity of the client. Overall, this architecture is designed in such a way that the relay cannot inspect the contents of messages, and the gateway and target cannot learn the client's identity from a single transaction. Since Oblivious HTTP deployments typically involve very specific coordination between clients, relays, and gateways, the key configuration is often shared in a bespoke fashion. However, some deployments involve clients discovering targets and their associated gateways more dynamically. For example, a network might operate a DNS resolver that provides more optimized or more relevant DNS answers and is accessible using Oblivious HTTP, and might want to advertise support for Oblivious HTTP via mechanisms like Discovery of Designated Resolvers and Discovery of Network-designated Resolvers . Clients can access these gateways through trusted relays. This document defines a way to use DNS resource records (RRs) to advertise that an HTTP service supports Oblivious HTTP. This advertisement is a parameter that can be included in Service Binding (SVCB) and HTTPS DNS RRs (). The presence of this parameter indicates that a service can act as a target and has a gateway that can provide access to the target. The client learns the URI to use for the gateway using a well-known URI suffix , "ohttp-gateway", which is accessed on the target (). This means that for deployments that support this kind of discovery, the Gateway and Target Resources need to be located on the same host. This document also defines a way to fetch a gateway's key configuration from the gateway (). This mechanism does not aid in the discovery of relays; relay configuration is out of scope for this document. Models in which this discovery mechanism is applicable are described in .

Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Applicability There are multiple models in which the discovery mechanism defined in this document can be used. These include:

Upgrading regular (non-proxied) HTTP to Oblivious HTTP. In this model, the client intends to communicate with a specific target service and prefers to use Oblivious HTTP if it is available. The target service has a gateway that it offers to allow access using Oblivious HTTP. Once the client learns about the gateway, it "upgrades" its requests from non-proxied HTTP to Oblivious HTTP to access the target service.
Discovering alternative Oblivious HTTP services. In this model, the client has a default target service that it uses. For example, this may be a public DNS resolver that is accessible over Oblivious HTTP. The client is willing to use alternative target services if they are discovered, which may provide more optimized or more relevant responses.

In both of these deployment models, the client is configured with a relay that it trusts for Oblivious HTTP transactions. This relay needs to provide either (1) generic access to gateways or (2) a service to clients to allow them to check which gateways are accessible.

The "ohttp" SvcParamKey The "ohttp" SvcParamKey is used to indicate that a service described in a SVCB RR can be accessed as a target using an associated gateway. The service that is queried by the client hosts one or more Target Resources. In order to access the service's Target Resources using Oblivious HTTP, the client needs to send encapsulated messages to the Gateway Resource and the gateway's key configuration (both of which can be retrieved using the method described in ). Both the presentation and wire-format values for the "ohttp" parameter MUST be empty. Services can include the "ohttp" parameter in the mandatory parameter list if the service is only accessible using Oblivious HTTP. Marking the "ohttp" parameter as mandatory will cause clients that do not understand the parameter to ignore that SVCB RR. Including the "ohttp" parameter without marking it mandatory advertises a service that is optionally available using Oblivious HTTP. Note also that multiple SVCB RRs can be provided to indicate separate configurations. The media type to use for encapsulated requests made to a target service depends on the scheme of the SVCB RR. This document defines the interpretation for the "https" scheme and the "dns" scheme . Other schemes that want to use this parameter MUST define the interpretation and meaning of the configuration.

Use in HTTPS Service RRs For the "https" scheme, which uses the HTTPS RR type instead of SVCB, the presence of the "ohttp" parameter means that the target being described is an Oblivious HTTP service that is accessible using the default "message/bhttp" media type . For example, an HTTPS service RR for svc.example.com that supports Oblivious HTTP could look like this: A similar RR for a service that only supports Oblivious HTTP could look like this:

Use in DNS Server SVCB RRs For the "dns" scheme, as defined in , the presence of the "ohttp" parameter means that the DNS server being described has a DNS-over-HTTPS (DoH) service that can be accessed using Oblivious HTTP. Requests to the resolver are sent to the gateway using binary HTTP with the default "message/bhttp" media type , containing inner requests that use the "application/dns-message" media type . If the "ohttp" parameter is included in a DNS server SVCB RR, the "alpn" parameter MUST include at least one HTTP value (such as "h2" or "h3"). In order for DoH-capable recursive resolvers to function as Oblivious HTTP targets, their associated gateways need to be accessible via a client-trusted relay. DoH recursive resolvers used with the discovery mechanisms described in this section can be either publicly accessible or specific to a network. In general, only publicly accessible DoH recursive resolvers will work as Oblivious HTTP targets, unless there is a coordinated deployment with a relay to access the network-specific DoH recursive resolvers.

Use with DDR Clients can discover that a DoH recursive resolver supports Oblivious HTTP using DDR, by either querying _dns.resolver.arpa to a locally configured resolver or querying using the name of a resolver . For example, a DoH service advertised over DDR can be annotated as supporting resolution via Oblivious HTTP using the following RR: Clients still need to perform verification of oblivious DoH servers -- specifically, the TLS certificate checks described in . Since the Gateway and Target Resources for discovered oblivious services need to be on the same host, this means that the client needs to verify that the certificate presented by the gateway passes the required checks. These checks can be performed when looking up the configuration on the gateway as described in and can be done either directly or via the relay or another proxy to avoid exposing client IP addresses. Opportunistic Discovery , where only the IP address is validated, SHOULD NOT be used in general with Oblivious HTTP, since this mode primarily exists to support resolvers that use private or local IP addresses, which will usually not be accessible when using a relay. If a configuration occurs where the resolver is accessible but cannot use certificate-based validation, the client MUST ensure that the relay only accesses the gateway and target using the unencrypted resolver's original IP address. For the case of DoH recursive resolvers, clients also need to ensure that they are not being targeted with unique DoH paths that would reveal their identity. See for more discussion.

Use with DNR The SvcParamKey defined in this document also can be used with Discovery of Network-designated Resolvers . In this case, the oblivious configuration and path parameters can be included in DHCP and Router Advertisement messages. While DNR does not require the same kind of verification as DDR, clients that learn about DoH recursive resolvers still need to ensure that they are not being targeted with unique DoH paths that would reveal their identity. See for more discussion.

Gateway Location Once a client has discovered that a service supports Oblivious HTTP via the "ohttp" parameter in a SVCB or HTTPS RR, it needs to be able to send requests via a relay to the correct gateway location. This document defines a well-known resource , "/.well-known/ohttp-gateway", which is an Oblivious Gateway Resource available on the same host as the Target Resource. Some servers might not want to operate the gateway on a well-known URI. In such cases, these servers can use 3xx (Redirection) responses () to direct clients and relays to the correct location of the gateway. Such redirects would apply to both (1) requests made to fetch key configurations (as defined in ) and (2) encapsulated requests made via a relay. If a client receives a redirect when fetching the key configuration from the well-known Gateway Resource, it MUST NOT communicate the redirected gateway URI to the relay as the location of the gateway to use. Doing so would allow the gateway to target clients by encoding unique or client-identifying values in the redirected URI. Instead, relays being used with dynamically discovered gateways MUST use the well-known Gateway Resource and follow any redirects independently of redirects that clients received. The relay can remember such redirects across oblivious requests for all clients in order to avoid added latency.

Key Configuration Fetching Clients also need to know the key configuration of a gateway before encapsulating and sending requests to the relay. If a client fetches the key configuration directly from the gateway, it will expose identifiers like a client IP address to the gateway. The privacy and security implications of fetching the key configuration are discussed more in . Clients can use an HTTP proxy to hide their IP addresses when fetching key configurations. Clients can also perform consistency checks to validate that they are not receiving unique key configurations, as discussed in . In order to fetch the key configuration of a gateway discovered in the manner described in , the client issues a GET request (either through a proxy or directly) to the URI of the gateway specifying the "application/ohttp-keys" media type in the Accept header. For example, if the client knows an Oblivious Gateway URI, https://svc.example.com/.well-known/ohttp-gateway, it could fetch the key configuration with the following request: Gateways that coordinate with targets that advertise Oblivious HTTP support SHOULD support GET requests for their key configuration in this manner, unless there is another out-of-band configuration model that is usable by clients. Gateways respond with their key configuration in the response body, with a content type of "application/ohttp-keys".

Security and Privacy Considerations Attackers on a network can remove SVCB information from cleartext DNS answers that are not protected by DNSSEC . This can effectively downgrade clients. However, since SVCB indications for Oblivious HTTP support are just hints, a client can mitigate this by always checking for a gateway configuration () on the well-known gateway location (). Using encrypted DNS along with DNSSEC can also provide such a mitigation. When clients fetch a gateway's configuration (), they can expose their identity in the form of an IP address if they do not connect via a proxy or some other IP-hiding mechanism. In some circumstances, this might not be a privacy concern, since revealing that a particular client IP address is preparing to use an Oblivious HTTP service can be expected. However, if a client is otherwise trying to hide its IP address or location (and not merely decouple its specific requests from its IP address), or if revealing its IP address facilitates key targeting attacks (if a gateway service uses IP addresses to associate specific configurations with specific clients), a proxy or similar mechanism can be used to fetch the gateway's configuration. When discovering designated oblivious DoH recursive resolvers using this mechanism, clients need to ensure that the designation is trusted in lieu of being able to directly check the contents of the gateway server's TLS certificate. See for more discussion, as well as Section "Security Considerations" of .

Key Targeting Attacks As discussed in , client requests using Oblivious HTTP can only be linked by recognizing the key configuration. In order to prevent unwanted linkability and tracking, clients using any key configuration discovery mechanism need to be concerned with attacks that target a specific user or population with a unique key configuration. There are several approaches clients can use to mitigate key targeting attacks. provides an overview of the options for ensuring that the key configurations are consistent between different clients. Clients SHOULD employ some technique to mitigate key targeting attacks, such as the option of confirming the key with a shared proxy as described in . If a client detects that a gateway is using per-client targeted key configuration, the client can stop using the gateway and, potentially, report the targeting attack so that other clients can avoid using this gateway in the future.

dohpath Targeting Attacks For oblivious DoH servers, an attacker could use unique "dohpath" values to target or identify specific clients. This attack is very similar to the generic OHTTP key targeting attack described above. A client can avoid these targeting attacks by only allowing a single "dohpath" value, such as the commonly used "/dns-query{?dns}" or another pre-known value. If the client allows arbitrary "dohpath" values, it SHOULD mitigate targeting attacks with a consistency check, such as using one of the mechanisms described in to validate the "dohpath" value with another source. Clients might choose to only employ a consistency check on a percentage of discovery events, depending on the capacity of consistency check options and their deployment threat model.

IANA Considerations

SVCB Service Parameter This document adds the following entry to the "Service Parameter Keys (SvcParamKeys)" registry . This parameter is defined in .

Number	Name	Meaning	Change Controller	Reference
8	ohttp	Denotes that a service operates an Oblivious HTTP target	IETF	RFC 9540,

Well-Known URI IANA has added one entry in the "Well-Known URIs" registry .

URI Suffix:: ohttp-gateway
Change Controller:: IETF
Reference:: RFC 9540
Status:: permanent
Related Information:: N/A