DNS over TLS (DoT) is a protocol for performing remote Domain Name System (DNS) resolution over the TLS protocol.
Questions tagged [dot]
11 questions
8
votes
1 answer
What does using Cloudflares WARP app offer that HTTPS (websites) alongside DNS over HTTPS / TLS doesn't?
Intoduction to Cloudflare WARP
I’ve been looking at Cloudflares WARP app for mobile. It claims to be a VPN but without some of the IP hiding anonymity features normal VPNS have: “Under the covers, WARP acts as a VPN. But now in the 1.1.1.1 App, if…
SneakyShrike
- 183
- 1
- 5
3
votes
1 answer
Does Unbound re-use TLS connections for DoT forwarding?
Unbound has the option to use DNS over TLS as an upstream (through the forward-tls-upstream setting).
CludFlare's 1.1.1.1 service offers this; also through TOR.
My question is whether
Unbound will open a new TLS connection for each request (in…
vbence
- 131
- 5
2
votes
0 answers
using DoH/DoT with your ISP?
Is there a point to using DoT or DoH while your DNS is your ISP from a security (not privacy) standpoint?
Assuming I trust my home network, could there be something along the way between my ISP and me that MitM (or some other attack?) me?
If this is…
Nullman
- 215
- 1
- 6
1
vote
1 answer
Any Cloudflare's DNS over TLS (DoT) check + DNSSEC test?
In my original question from 2020, I was unsuccessful in my effort to setup Cloudflare's (link to docs) DNS over TLS (DoT) (link to wiki) in my old, and now decomissioned, router:
Does Cloudflare's DNS over TLS (DoT) implement DNSSEC too?
Now,…
LinuxSecurityFreak
- 1,562
- 2
- 18
- 32
1
vote
2 answers
Relationship between DoT / DoH and HTTPS
I'm trying to understand the different roles that DoT / DoH and HTTPS are playing when it comes to protecting sensitive data in the internet. I spend the day reading a lot of stuff about DoT, HTTPS, TCP and IP.
But there is one thing that doesn't…
mu88
- 125
- 6
1
vote
2 answers
Does Cloudflare's DNS over TLS (DoT) implement DNSSEC too?
I am confused about if I decided to implement DNS over TLS (DoT), would I lose DNSSEC?
Details:
I am connected with IPv4 + IPv6 Cloudflare DNS directly in my home OpenWrt router.
I love the idea of safer DNS, even if for home purposes, DNSSEC…
LinuxSecurityFreak
- 1,562
- 2
- 18
- 32
1
vote
1 answer
How do DoT and DoH facilitate fingerprinting by resolver operators?
https://dnscrypt.info/faq/ states for both DNS over HTTPS and DNS over TLS that it
Provides more information than regular DNS to resolver operators in order to fingerprint clients
How so?
lucidbrot
- 135
- 1
- 6
0
votes
2 answers
What's the use of encrypted DNS when ISP can see the IP address of the website?
I use an encrypted DNS server that supports DNSSEC and DoH, these features are useful for hiding from the ISP, VPN server provider etc. which website you are trying to look up, but eventually those parties will know which website you looked up and…
user279925
0
votes
1 answer
How to check to see whether DNS over TLS is blocked in my network by ISP?
I'm looking for a method to check whether DNS over TLS is blocked in my network by my ISP or not. A method that isn't just trial and error of a bunch of popular DoT providers to see which one connects because I need to know for a fact that my ISP is…
user279925
0
votes
1 answer
What happens if both DoH and DoT are enabled?
If I have DNS over HTTPS and DNS over TLS activated simultaneously (router has DoT activated and smartphone browser has DoH activated, so I see on https://1.1.1.1/help DoH: yes and DoT: yes), which one is used?
iwab
- 71
- 2
-1
votes
1 answer
What exactly is the sense of DoT with respect to privacy, given that my provider can log my destination IP addresses?
I guess I have understood the basic concepts of DoT and DoH and how they prevent providers (ISPs) from analyzing my DNS queries and creating profiles. However, I have got a question which is so basic that it is probably quite stupid, but I'll take…
Binarus
- 557
- 5
- 16