TLS security for DNS: Not in Firefox style, please
TLS security for DNS: Not in Firefox style, please
A German blogger (known for security audits and notorious for "conspiracy theories"), Fefe, mentioned ways to make DNS more secure and pointed out flaws in the technology which the publisher Heise (c't and iX magazine) proposes and Firefox will support soon (JSON via TLS via Cloudflare, network.trr.mode).
Last edited by LigH1L on 2018-08-05, 18:34, edited 1 time in total.
Fun and success!
Re: TLS security for DNS: Not in Firefox style, please
This has already been discussed. DNS-over-HTTP(S) (or "D'Oh!" as I call it) is IMHO the wrong approach for untrusted local networks, and specifically requires implicit and explicit trust in the resolver chosen. It may have a use in some corners cases but I don't plan to cater to it.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: TLS security for DNS: Not in Firefox style, please
Perfect reply.Moonchild wrote:DNS-over-HTTP(S) (or "D'Oh!" as I call it) ...
Fun and success!