W.C.A. Wijngaards <wouter at nlnetlabs.nl> wrote: > On 02/24/2014 12:37 PM, Beeblebrox wrote: > > > > * Unbound does not support encryption natively (from own code > > base) AFAIK. I have come across two methods to encrypt DNS traffic: > > TOR and DNSCrypt. Are there any other alternatives? > > You would need answers from other member of this mailing list for > that. ssl-upstream is one option, but it needs an upstream resolver > that performs this weird style of encryption (i.e. another unbound). The same is true for DNScrypt, and Tor is sort-of analogous. There is not currently any common way to encrypt DNS. There is going to be a discussion at the London IETF meeting next week about possible approaches, but it is still very early days. Tony. -- f.anthony.n.finch <dot at dotat.at> http://dotat.at/ FitzRoy, Sole: Westerly or southwesterly, backing southerly for a time, 5 to 7, increasing gale 8 to storm 10 for a time. Very rough, becoming high or very high. Rain or squally showers. Moderate or good, occasionally poor.