{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T14:01:35Z","timestamp":1780495295596,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100006374","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-2154962,CNS-2319421"],"award-info":[{"award-number":["CNS-2154962,CNS-2319421"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,11,4]]},"DOI":"10.1145\/3646547.3688410","type":"proceedings-article","created":{"date-parts":[[2024,11,1]],"date-time":"2024-11-01T09:40:26Z","timestamp":1730454026000},"page":"423-440","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Exploring the Ecosystem of DNS HTTPS Resource Records: An End-to-End Perspective"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7846-2649","authenticated-orcid":false,"given":"Hongying","family":"Dong","sequence":"first","affiliation":[{"name":"University of Virginia, Charlottesville, Virginia, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-3938-8838","authenticated-orcid":false,"given":"Yizhe","family":"Zhang","sequence":"additional","affiliation":[{"name":"University of Virginia, Charlottesville, Virginia, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0361-6532","authenticated-orcid":false,"given":"Hyeonmin","family":"Lee","sequence":"additional","affiliation":[{"name":"University of Virginia, Charlottesville, Virginia, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3822-9399","authenticated-orcid":false,"given":"Shumon","family":"Huque","sequence":"additional","affiliation":[{"name":"Salesforce, McLean, Virginia, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6650-4373","authenticated-orcid":false,"given":"Yixin","family":"Sun","sequence":"additional","affiliation":[{"name":"University of Virginia, Charlottesville, Virginia, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,11,4]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363192"},{"key":"e_1_3_2_1_2_1","volume-title":"https:\/\/community.akamai.com\/customers\/s\/article\/NetworkOperatorCommunityNewSVCBHTTPSResourceRecordsinthewild20201128135350?language=en_US (accessed","author":"Resource New","year":"2024","unstructured":"Akamai. 2020. New SVCB & HTTPS Resource Records in the wild. https:\/\/community.akamai.com\/customers\/s\/article\/NetworkOperatorCommunityNewSVCBHTTPSResourceRecordsinthewild20201128135350?language=en_US (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC1912"},{"key":"e_1_3_2_1_4_1","volume-title":"https:\/\/blog.cloudflare.com\/http3-usage-one-year-on (accessed","author":"Belson David","year":"2024","unstructured":"David Belson and Lucas Pardue. [n.,d.]. Examining HTTP\/3 usage one year on. https:\/\/blog.cloudflare.com\/http3-usage-one-year-on (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3559360"},{"key":"e_1_3_2_1_6_1","volume-title":"BIND9 v9.16.21 Release notes. https:\/\/bind9.readthedocs.io\/en\/v9_16_21\/notes.html#new-features (accessed","year":"2024","unstructured":"BIND9. 2021. BIND9 v9.16.21 Release notes. https:\/\/bind9.readthedocs.io\/en\/v9_16_21\/notes.html#new-features (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_7_1","volume-title":"https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1623126 (accessed","author":"Implement","year":"2024","unstructured":"Bugzilla. 2020. Implement HTTPSSVC. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1623126 (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_8_1","volume-title":"Allow resolving HTTPS RR with native DNS. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1852752 (accessed","year":"2024","unstructured":"Bugzilla. 2023. Allow resolving HTTPS RR with native DNS. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1852752 (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_9_1","volume-title":"9th USENIX Workshop on Free and Open Communications on the Internet (FOCI 19)","author":"Chai Zimo","year":"2019","unstructured":"Zimo Chai, Amirhossein Ghafari, and Amir Houmansadr. 2019. On the Importance of Encrypted-SNI (ESNI) to Censorship Circumvention. In 9th USENIX Workshop on Free and Open Communications on the Internet (FOCI 19)."},{"key":"e_1_3_2_1_10_1","volume-title":"Feature: TLS Encrypted Client Hello (ECH). https:\/\/chromestatus.com\/feature\/6196703843581952 (accessed","author":"Status Chrome Platform","year":"2020","unstructured":"Chrome Platform Status. 2020. Feature: TLS Encrypted Client Hello (ECH). https:\/\/chromestatus.com\/feature\/6196703843581952 (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_11_1","volume-title":"Feature: HTTP->HTTPS redirect for HTTPS DNS records. https:\/\/chromestatus.com\/feature\/5485544526053376 (accessed","author":"Status Chrome Platform","year":"2021","unstructured":"Chrome Platform Status. 2021. Feature: HTTP->HTTPS redirect for HTTPS DNS records. https:\/\/chromestatus.com\/feature\/5485544526053376 (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_12_1","volume-title":"The Chromium Projects. https:\/\/www.chromium.org\/chromium-projects\/ (accessed","year":"2024","unstructured":"Chromium. 2024. The Chromium Projects. https:\/\/www.chromium.org\/chromium-projects\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_13_1","volume-title":"End-to-End View of the DNSSEC Ecosystem. In 26th USENIX Security Symposium (USENIX Security 17)","author":"Chung Taejoong","year":"2017","unstructured":"Taejoong Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M Maggs, Alan Mislove, and Christo Wilson. 2017. A Longitudinal, End-to-End View of the DNSSEC Ecosystem. In 26th USENIX Security Symposium (USENIX Security 17). 1307--1322."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131365.3131373"},{"key":"e_1_3_2_1_15_1","unstructured":"Cloudflare Community. 2023. Early Hints and Encrypted Client Hello (ECH) are currently disabled globally. https:\/\/community.cloudflare.com\/t\/early-hints-and-encrypted-client-hello-ech-are-currently-disabled-globally\/567730 (accessed Aug 26 2024)."},{"key":"e_1_3_2_1_16_1","volume-title":"Proxy status. https:\/\/developers.cloudflare.com\/dns\/manage-dns-records\/reference\/proxied-dns-records\/ (accessed","author":"Docs Cloudflare","year":"2024","unstructured":"Cloudflare Docs. 2024. Proxy status. https:\/\/developers.cloudflare.com\/dns\/manage-dns-records\/reference\/proxied-dns-records\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_17_1","volume-title":"Browser Market Share Report for 2023 Q3. https:\/\/radar.cloudflare.com\/reports\/browser-market-share-2023-q3 (accessed","author":"Radar Cloudflare","year":"2024","unstructured":"Cloudflare Radar. 2023. Browser Market Share Report for 2023 Q3. https:\/\/radar.cloudflare.com\/reports\/browser-market-share-2023-q3 (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_18_1","volume-title":"ECH-draft-13c branch. https:\/\/github.com\/sftcd\/nginx\/tree\/ECH-experimental (accessed","author":"Nginx O.","year":"2024","unstructured":"DEfO. 2024. Nginx, ECH-draft-13c branch. https:\/\/github.com\/sftcd\/nginx\/tree\/ECH-experimental (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_19_1","volume-title":"ECH-draft-13c branch. https:\/\/github.com\/sftcd\/openssl\/tree\/ECH-draft-13c (accessed","author":"O.","year":"2024","unstructured":"DEfO. 2024. OpenSSL, ECH-draft-13c branch. https:\/\/github.com\/sftcd\/openssl\/tree\/ECH-draft-13c (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"David Dittrich Erin Kenneally et al. 2012. The Menlo Report: Ethical principles guiding information and communication technology research. Technical Report. US Department of Homeland Security.","DOI":"10.2139\/ssrn.2445102"},{"key":"e_1_3_2_1_21_1","volume-title":"Upgrading the Cloudflare China Network: better performance and security through product innovation and partnership. https:\/\/blog.cloudflare.com\/upgrading-the-cloudflare-china-network (accessed","author":"Donahue Patrick R.","year":"2024","unstructured":"Patrick R. Donahue. 2021. Upgrading the Cloudflare China Network: better performance and security through product innovation and partnership. https:\/\/blog.cloudflare.com\/upgrading-the-cloudflare-china-network (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_22_1","volume-title":"Speeding up HTTPS and HTTP\/3 negotiation with... DNS. https:\/\/blog.cloudflare.com\/speeding-up-https-and-http-3-negotiation-with-dns (accessed","author":"Ghedini Alessandro","year":"2024","unstructured":"Alessandro Ghedini. 2020. Speeding up HTTPS and HTTP\/3 negotiation with... DNS. https:\/\/blog.cloudflare.com\/speeding-up-https-and-http-3-negotiation-with-dns (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","unstructured":"Arnt Gulbrandsen and Dr. Levon Esibov. 2000. A DNS RR for specifying the location of services (DNS SRV). RFC 2782. https:\/\/doi.org\/10.17487\/RFC2782","DOI":"10.17487\/RFC2782"},{"key":"e_1_3_2_1_24_1","volume-title":"https:\/\/www.dnspython.org\/ (accessed","author":"Halley Bob","year":"2024","unstructured":"Bob Halley. 2020. DNSPython. https:\/\/www.dnspython.org\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_25_1","volume-title":"Retrieve and Parse WHOIS Data for IPv4 and IPv6 Addresses. https:\/\/pypi.org\/project\/ipwhois\/ (accessed","author":"Hane Philip","year":"2024","unstructured":"Philip Hane. 2015. Ipwhois. Retrieve and Parse WHOIS Data for IPv4 and IPv6 Addresses. https:\/\/pypi.org\/project\/ipwhois\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","unstructured":"Jeff Hodges Collin Jackson and Adam Barth. 2012. HTTP Strict Transport Security (HSTS). RFC 6797. https:\/\/doi.org\/10.17487\/RFC6797","DOI":"10.17487\/RFC6797"},{"key":"e_1_3_2_1_27_1","volume-title":"classic, complete name server software. https:\/\/www.isc.org\/bind\/ (accessed","author":"ISC.","year":"2024","unstructured":"ISC. 2024. BIND9, Versatile, classic, complete name server software. https:\/\/www.isc.org\/bind\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_28_1","volume-title":"Knot DNS Version 3.1.0. https:\/\/www.knot-dns.cz\/2021-08-02-version-310.html (accessed","author":"Knot DNS.","year":"2024","unstructured":"Knot DNS. 2021. Knot DNS Version 3.1.0. https:\/\/www.knot-dns.cz\/2021-08-02-version-310.html (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_29_1","volume-title":"TRANCO: A Research-Oriented Top Sites Ranking Hardened Against Manipulation. In Network and Distributed Systems Security (NDSS) Symposium","author":"Pochat Victor Le","year":"2019","unstructured":"Victor Le Pochat, Tom Van Goethem, S Tajalizadehkhoob, and Wouter Joosen. 2019. TRANCO: A Research-Oriented Top Sites Ranking Hardened Against Manipulation. In Network and Distributed Systems Security (NDSS) Symposium 2019."},{"key":"e_1_3_2_1_30_1","volume-title":"Under the Hood of DANE Mismanagement in SMTP. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Lee Hyeonmin","year":"2022","unstructured":"Hyeonmin Lee, Md Ishtiaq Ashiq, Moritz M\u00fcller, Roland van Rijswijk-Deij, Taejoong Chung, et al. 2022. Under the Hood of DANE Mismanagement in SMTP. In 31st USENIX Security Symposium (USENIX Security 22). 1--16."},{"key":"e_1_3_2_1_31_1","volume-title":"Encrypted Client Hello - the last puzzle piece to privacy. https:\/\/blog.cloudflare.com\/announcing-encrypted-client-hello (accessed","author":"van der Mandele Achiel","year":"2024","unstructured":"Achiel van der Mandele, Alessandro Ghedin, Christopher Wood, and Rushil Mehra. 2023. Encrypted Client Hello - the last puzzle piece to privacy. https:\/\/blog.cloudflare.com\/announcing-encrypted-client-hello (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_32_1","volume-title":"https:\/\/wiki.mozilla.org\/Security\/Encrypted_Client_Hello (accessed","author":"Wiki Mozilla","year":"2024","unstructured":"Mozilla Wiki. 2022. Security\/Encrypted Client Hello. https:\/\/wiki.mozilla.org\/Security\/Encrypted_Client_Hello (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_33_1","volume-title":"https:\/\/nlnetlabs.nl\/projects\/unbound\/about\/ (accessed","author":"Labs Lnet","year":"2024","unstructured":"NLnet Labs. 2024. Unbound. https:\/\/nlnetlabs.nl\/projects\/unbound\/about\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","unstructured":"Mark Nottingham Patrick McManus and Julian Reschke. 2016. HTTP Alternative Services. RFC 7838. https:\/\/doi.org\/10.17487\/RFC7838","DOI":"10.17487\/RFC7838"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2896816"},{"key":"e_1_3_2_1_36_1","volume-title":"https:\/\/mailarchive.ietf.org\/arch\/msg\/quic\/sFgifP9vOY9xsmogVqiq-qtxPiQ\/ (accessed","author":"Pauly Tommy","year":"2024","unstructured":"Tommy Pauly. 2020. DNS HTTPS\/SVCB record type support in iOS 14. https:\/\/mailarchive.ietf.org\/arch\/msg\/quic\/sFgifP9vOY9xsmogVqiq-qtxPiQ\/ (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_37_1","volume-title":"Using SVCB and derived records. https:\/\/doc.powerdns.com\/authoritative\/guides\/svcb.html (accessed","author":"DNS.","year":"2024","unstructured":"PowerDNS. 2024. Using SVCB and derived records. https:\/\/doc.powerdns.com\/authoritative\/guides\/svcb.html (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_38_1","volume-title":"Edge DNS and the Top-Level Domain Hosting. https:\/\/www.akamai.com\/blog\/edge\/edge-dns-and-the-top-level-domain-hosting (accessed","author":"Preston Sam","year":"2024","unstructured":"Sam Preston. 2022. Akamai Blog. Edge DNS and the Top-Level Domain Hosting. https:\/\/www.akamai.com\/blog\/edge\/edge-dns-and-the-top-level-domain-hosting (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_39_1","volume-title":"Wood","author":"Rescorla Eric","year":"2023","unstructured":"Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. 2023. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-17. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/draft-ietf-tls-esni\/17\/ Work in Progress."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","unstructured":"Scott Rose Matt Larson Dan Massey Rob Austein and Roy Arends. 2005 a. DNS Security Introduction and Requirements. RFC 4033. https:\/\/doi.org\/10.17487\/RFC4033","DOI":"10.17487\/RFC4033"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","unstructured":"Scott Rose Matt Larson Dan Massey Rob Austein and Roy Arends. 2005 b. Protocol Modifications for the DNS Security Extensions. RFC 4035. https:\/\/doi.org\/10.17487\/RFC4035","DOI":"10.17487\/RFC4035"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","unstructured":"Scott Rose Matt Larson Dan Massey Rob Austein and Roy Arends. 2005 c. Resource Records for the DNS Security Extensions. RFC 4034. https:\/\/doi.org\/10.17487\/RFC4034","DOI":"10.17487\/RFC4034"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","unstructured":"Scott Rose and Wouter Wijngaards. 2012. DNAME Redirection in the DNS. RFC 6672. https:\/\/doi.org\/10.17487\/RFC6672","DOI":"10.17487\/RFC6672"},{"key":"e_1_3_2_1_44_1","volume-title":"Use of HTTPS Resource Records. https:\/\/www.netmeister.org\/blog\/https-rrs.html?utm_source=pocket_saves (accessed","author":"Schaumann Jan","year":"2024","unstructured":"Jan Schaumann. 2023. Use of HTTPS Resource Records. https:\/\/www.netmeister.org\/blog\/https-rrs.html?utm_source=pocket_saves (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","unstructured":"Benjamin M. Schwartz Mike Bishop and Erik Nygren. 2023. Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records). RFC 9460. https:\/\/doi.org\/10.17487\/RFC9460","DOI":"10.17487\/RFC9460"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363220"},{"key":"e_1_3_2_1_47_1","volume-title":"https:\/\/tranco-list.eu\/methodology (accessed","year":"2024","unstructured":"Tranco. 2024. Methodology. https:\/\/tranco-list.eu\/methodology (accessed Aug 26, 2024)."},{"key":"e_1_3_2_1_48_1","volume-title":"Measuring the Adoption of TLS Encrypted Client Hello Extension and Its Forebear in the Wild. In European Symposium on Research in Computer Security. Springer, 177--190","author":"Tsiatsikas Zisis","year":"2022","unstructured":"Zisis Tsiatsikas, Georgios Karopoulos, and Georgios Kambourakis. 2022. Measuring the Adoption of TLS Encrypted Client Hello Extension and Its Forebear in the Wild. In European Symposium on Research in Computer Security. Springer, 177--190."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOBECOM46510.2021.9685960"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3487552.3487826"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW59978.2023.00058"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","unstructured":"\u00d3lafur Gu\u00f0mundsson and Brian Wellington. 2003. Redefinition of DNS Authenticated Data (AD) bit. RFC 3655. https:\/\/doi.org\/10.17487\/RFC3655","DOI":"10.17487\/RFC3655"}],"event":{"name":"IMC '24: ACM Internet Measurement Conference","location":"Madrid Spain","acronym":"IMC '24","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication"]},"container-title":["Proceedings of the 2024 ACM on Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3646547.3688410","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3646547.3688410","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T11:52:13Z","timestamp":1755863533000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3646547.3688410"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,4]]},"references-count":52,"alternative-id":["10.1145\/3646547.3688410","10.1145\/3646547"],"URL":"https:\/\/doi.org\/10.1145\/3646547.3688410","relation":{},"subject":[],"published":{"date-parts":[[2024,11,4]]},"assertion":[{"value":"2024-11-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}