Path: csiph.com!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail From: Evan Hunt Newsgroups: comp.protocols.dns.bind Subject: Re: DoH plugin for BIND Date: Thu, 30 Apr 2020 00:00:12 +0000 Lines: 11 Approved: bind-users@lists.isc.org Message-ID: References: <85af55bb-1b23-b847-3de9-ffb198bc9fb9@web.de> <20200429074035.GA91269@isc.org> <20200430000012.GA2952@isc.org> NNTP-Posting-Host: lists.isc.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: usenet.stanford.edu 1588204814 5354 149.20.1.60 (30 Apr 2020 00:00:14 GMT) X-Complaints-To: action@cs.stanford.edu Cc: bind-users@lists.isc.org To: Michael De Roover Return-Path: X-Original-To: bind-users@lists.isc.org Delivered-To: bind-users@lists.isc.org Content-Disposition: inline In-Reply-To: X-BeenThere: bind-users@lists.isc.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: BIND Users Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Mailman-Original-Message-ID: <20200430000012.GA2952@isc.org> X-Mailman-Original-References: <85af55bb-1b23-b847-3de9-ffb198bc9fb9@web.de> <20200429074035.GA91269@isc.org> Xref: csiph.com comp.protocols.dns.bind:15696 On Wed, Apr 29, 2020 at 08:06:20PM +0200, Michael De Roover wrote: > On that subject, how about DoT? I have mixed feelings about using 443 as a > kitchen sink port but encrypting DNS seems like a good idea. Native support by the end of the year, same as DoH. Also, there's a sample configuration for an nginx proxy in the BIND source tree under contrib/dnspriv that you can use now, if you wish. -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc.