diff --git a/dns/types/records/HTTPS.nix b/dns/types/records/HTTPS.nix
index a1e2b28..205d1db 100644
--- a/dns/types/records/HTTPS.nix
+++ b/dns/types/records/HTTPS.nix
@@ -1,3 +1,4 @@
-args: import ./SVCB.nix args // {
+args@{lib, ...}: import ./SVCB.nix args // {
   rtype = "HTTPS";
+  nameFixup = name: self: if self.port == null || self.port == 443 then name else "_${self.port}._https.${name}";
 }
diff --git a/dns/types/records/SVCB.nix b/dns/types/records/SVCB.nix
index 1a4d8ac..5c8651c 100644
--- a/dns/types/records/SVCB.nix
+++ b/dns/types/records/SVCB.nix
@@ -10,6 +10,7 @@ let
     isInt
     isList
     mapAttrsToList
+    mkEnableOption
     mkOption
     types
     ;
@@ -75,6 +76,29 @@ in
       type = types.nullOr types.str;
       default = null;
     };
+    dohpath = mkOption {
+      example = "/dns-query{?dns}";
+      type = types.nullOr types.str;
+      default = null;
+    };
+    tls-supported-groups = mkOption {
+      example = [ 23 29 ];
+      default = null;
+      type = types.nullOr (types.nonEmptyListOf types.int.u16);
+    };
+    ohttp = mkOption {
+      example = true;
+      default = false;
+      type = types.bool;
+    };
+
+    # For when the AttrLeaf convention is required
+    nodeServiceName = mkOption {
+      example = "_8443._https"
+      description = "If the protocol requires the underscored node name prefix specified in RFC 8552, the node name to use";
+      type = types.nullOr types.strMatching "^_(.+)";
+      default = null;
+    };
   };
   dataToString = { svcPriority, targetName, mandatory ? null, alpn ? null, no-default-alpn ? null, port ? null, ipv4hint ? null, ipv6hint ? null, ech ? null, ... }:
 "${toString svcPriority} ${targetName} ${
@@ -87,7 +111,11 @@ in
       mandatory
       no-default-alpn
       port
+      dohpath
+      tls-supported-groups
+      ohttp
       ;
   }
 }";
+  nameFixup = name: self: if (self.nodeServiceName != null) then "${self.nodeServiceName}.${name}" else name;
 }