[Pdns-users] Setting up dnsdist + authoritative for small domain
Brian Candler
b.candler at pobox.com
Wed Apr 10 19:29:37 UTC 2019
On 10/04/2019 20:04, Daniel Miller via Pdns-users wrote:
>
> So now...I'm wondering providing my domain via TLS and possibly HTTP.
I'm not sure what you mean by "providing my domain via TLS".
DNS-over-TLS and DNS-over-HTTPS are both protocols which run between the
client (stub resolver) and cache (recursive server) only. There is no
encryption between caches and authoritative servers (*), so there's
nothing you can configure on the authoritative server.
If you're interested in securing your domain you can enable DNSSEC on
it, which you say you've already done - but that's only for integrity,
not confidentiality.
Regards,
Brian.
(*) unless you count DJB's DNScurve
More information about the Pdns-users
mailing list