On 13/11/18 4:57 pm, Kim Holburn wrote:
The problem is that DNS is currently basically broken. DNS requests go
unencrypted, in the clear and there is no kind of proof that the answer has not
been read or tampered with.
This (app) solves one part of that problem and not well really. The connection
between you and one or two DNS servers are encrypted. The dns requests you
make cannot be examined or changed by your ISP or other ISPs in the chain.
It doesn't solve the problem of proving the DNS record is accurate.
DNSSEC proves that the answer has not been tampered with. It does not
prevent eavesdropping, but DNS over HTTPS or DNS over TLS do.
Hamish
_______________________________________________
Link mailing list
[email protected]
http://mailman.anu.edu.au/mailman/listinfo/link
