I've been doing DNS over TLS with pfSense for over a year now. The problem as I ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

gormandizer on Oct 23, 2019 | parent | context | favorite | on: Comcast Is Lobbying Against DNS Encryption

I've been doing DNS over TLS with pfSense for over a year now.

The problem as I understand it is that Firefox and Chrome will soon default to DoH. Now I have to remember to go in and change default app settings. Ok not a huge deal with just two apps but yet something else I shouldn't have to do.

growse on Oct 23, 2019 [–]

Just set your network resolver to return NXDOMAIN for the canary domain use-application-dns.net. (https://support.mozilla.org/en-US/kb/canary-domain-use-appli...)

That will signal to firefox (at least) to disable DoH and use the system resolver.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact