Can I use HTTPS RRs?
4 comments
·December 12, 2025gucci-on-fleek
gorgoiler
I wonder why it’s not 14%, given that that’s the Safari market share, Safari is the only browser that does HTTPS DNS requests in its default configuration, and every https:// request should involve an HTTPS lookup?
A1: it’s naive to assume we’re at 100% https:// adoption? Any http:// URL will not trigger an HTTPS DNS lookup.
A2: site popularity and downstream caching of 1.1.1.1 means CloudFlare see fewer requests for HTTPS DNS than there are https:// connections?
rokoss21
HTTPS RRs are a practical improvement over HTTPS records. However, adoption has been slow partly due to inconsistent support across DNS providers and registrars. Clear guidance on fallback strategies helps.
TZubiri
You can, but you may not.
> you end up with no clear picture of which browsers support these records to which end.
> Unfortunately even the otherwise ever so useful https://caniuse.com/ does not provide that information
Not quite the same, but Cloudflare's statistics show that 8.1% of all DNS requests to its public resolver are for HTTPS RRs [0], and the statistics on the authoritative DNS server that I run [1] show that only 1.11% of requests were for an HTTPS RR.
[0]: https://radar.cloudflare.com/dns#dns-query-type
[1]: https://ns.maxchernoff.ca/