[Unbound-users] DNSSEC and traffic encryption questions
dot at dotat.at
Mon Feb 24 12:50:18 UTC 2014
W.C.A. Wijngaards <wouter at nlnetlabs.nl> wrote:
> On 02/24/2014 12:37 PM, Beeblebrox wrote:
> > * Unbound does not support encryption natively (from own code
> > base) AFAIK. I have come across two methods to encrypt DNS traffic:
> > TOR and DNSCrypt. Are there any other alternatives?
> You would need answers from other member of this mailing list for
> that. ssl-upstream is one option, but it needs an upstream resolver
> that performs this weird style of encryption (i.e. another unbound).
The same is true for DNScrypt, and Tor is sort-of analogous.
There is not currently any common way to encrypt DNS. There is going
to be a discussion at the London IETF meeting next week about possible
approaches, but it is still very early days.
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
FitzRoy, Sole: Westerly or southwesterly, backing southerly for a time, 5 to
7, increasing gale 8 to storm 10 for a time. Very rough, becoming high or very
high. Rain or squally showers. Moderate or good, occasionally poor.
More information about the Unbound-users