Hi,
On Sat, Jun 01, 2024 at 01:27:07PM -0600, paste...@gmx.com wrote:
Hi
could someone give me an idea about dillo using 'dns over tls' or 'dns
over https'? or using dnssec?
The mobilized fork has added support for it, as it is provided by
libcurl (which they have switched to):
20240522: New tarball. To enable DNS-over-HTTPS (DoH), you can now set
the preference dns_over_https_url.
https://www.toomanyatoms.com/software/mobilized_dillo.html
My recommendation is to setup a local resolver on your machine, so all
name resolution is handled by it, not just Dillo. Then you can use
whatever mechanism you want (DoH, DoT, DNSSEC...).
This would be especially useful if you download a file with Dillo, as it
would launch an external wget process. Or if you use any plugin that
performs network operations on its own.
Here are some docs (even if you don't use Arch):
https://wiki.archlinux.org/title/DNS-over-HTTPS
https://wiki.archlinux.org/title/DNSSEC
I didn't check on my own how well that works, but I would rather keep it
out of Dillo if posible.
what about dillo using mbed-tls vs openssl?
the configuration only shows a --disable-mbedtls
The DNS resolution is done prior to interacting with any TLS library.
There is also a --disable-openssl switch to search for mbed TLS only,
see ./configure --help.
Best,
Rodrigo.
_______________________________________________
Dillo-dev mailing list -- dillo-dev@mailman3.com
To unsubscribe send an email to dillo-dev-le...@mailman3.com