Discuss mailing list

[3 <babut AT yandex.ru>]

Hi admin2welcome, 18.03.2020 23:43:16 you wrote:
> How do you check if a DNS server supports "DoT"? Is it the same as 
> DNSSEC?
> I just recently built welcome.factoryfouroh.net to learn how to fully 
> configure the DNS.
> https://en.internet.nl/site/welcome.factoryfouroh.net/814232/

> I would like to configure mine to work.

i don't know much english and most likely misunderstood the question :\
i just assign the server to opennic zones and forbid fall back. of
course i specify to use tls and specify the port. then i just try to
resolve some name in the opennic zone. if name is resolved then does
work.   
no, dnssec is not a DoT. dnssec is like a digital signature linked to
the server domain. this mechanism allows you to determine whether the
response was spoofed on the path from the server to the client. in the
fascist countries this is of little use. yes, you will find out that
Putin changed the server's response, but what good will it do if the
correct ip remains unknown to you? much more popular is DoT
technology, which transmits requests between the server and the client
in an encrypted channel