top | item 33985350

(no title)

There will come a day where I will have to give MaraDNS some form of DNS-over-HTTPS and/or DNS-over-TLS support if I want to keep it relevant. Right now, 1.1.1.1, 8.8.8.8, 9.9.9.9, and 4.2.2.1 all still support old school DNS-over-UDP, and Deadwood (part of MaraDNS) can do full recursion with just the root servers too.

But, over the medium term, we will probably hit a point where unencrypted DNS stops being mainstream, just as unencrypted HTTP by and large stopped being used in the 2010s.

This means that Deadwood (the caching/recursive DNS part of MaraDNS) will grow from being a tiny, efficient, 71680-byte server to being something a good deal more huge (TLS, HTTPS, etc. are really bloated compared to good old DNS-over-UDP).

discuss

No comments yet.