Hello,
I am trying bind9 DoH features (bind9 9.18.18). It works from Firefox,
although it feels slower than with native resolver.
However, it seems that this makes an open resolver, i.e. there is no
authentication of any sort.
I haven't found any reference to how to set up credentials in this doc:
https://bind9.readthedocs.io/en/latest/reference.html#http-block-grammar
Because I am using an Apache proxy, bind9 sees the incoming requests as
localhost, so allows all recursive requests from anybody.
Does it mean that credentials have to be implemented by the webserver ?
Firefox, for example, does not easily provide a way to specify credentials.
Also, strangely, the requests work fine from Firefox, or from curl
--doh-url, but dig +https (version 9.18.25) says:
ALPN for HTTP/2 failed.
;; no servers could be reached
Cheers,
Julien
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
