Hello Everybody, It looks like there is an assumption that it is an application responsibility to get user consent before accessing an unsigned domain (whenever 'ad' flag is not set). AFAIK, that is not the case: majority of applications is not 'ad' flag aware.
How to prevent accesses to unsigned domains from these applications? Is there a way to force resolution failure (in unbound) for an unsigned domain? Regards, Sen Dion
