[Dnssec-trigger] port 443 vs port 80?

Paul Wouters paul at nohats.ca
Thu Jan 26 19:59:54 UTC 2012


See these results:

results from probe at 2012-01-26 14:49:28

ssl443 OK tcp80 OK authority 
error timeout
no cache: no DNS servers have been supplied via DHCP

DNSSEC results fetched from open resolvers over TCP

I think "over TCP" means port 80, not port 443. But I recommend telling
the user whether tcp80 or ssl443 is used.

Second, if indeed it is using tcp80, I suggest that since we can do
ssl443, we might as well use that to give the user some query privacy.

So I propose to use ssl443 over port80 if both are available.


More information about the dnssec-trigger mailing list