[kdig][feature-request] Option to control APLN sent over TLS
RFC5878 (DoT) did not specify the use of any ALPN, although one was later registered.
Since then the security community at IETF require all TLS/QUIC based protocols to use an ALPN, so RFC9103 Zone transfer over TLS (XoT) specifies that the dot
ALPN MUST be used. It would be useful for testing to have the option in kdig
to control the ALPN.
For example, the very latest BIND and NSD server side code require APLN=dot
for XoT, so I can't use kdig
for testing right now. The latest dig
code seems to always sends APLN=dot
when using +tls
now.
Thanks!