Hi Dominik,
If an operator you trust offers DoT with DNSSEC validated name and pinned
certificate - would you trust this more than if all happens in the clear?
At least it allows me to make sure that there are just two places where my DNS
in in the clear - on the HG and on the DNS service endp
Hey Normen,
What is the precise goal you want to achieve with DNS-over-TLS?
You have to connect to the host before the encryption begins. So, after the
browser has the IP address for the domain it seeks, it requests that host
address in clear text. If you want to give your browsing from your ID
Hi Simon,
I would love to have my HG funnal all local LAN DNS quereis througha
properly TLS secured path towards my trusted DNS of choice.
I stumbled upon a several year old narchive thread where you were
considering DNS-over-TLS support:
https://dnsmasq-discuss.thekelleys.org.narkive.com/ID8nebi