ammnt
Hello, as far as we all know HTTP/3 it's close... Please add HTTP/3 support for three AGH entities: 1. Frontend web-interface; 2. Client part DoH; 3. Upstream DoH servers. As...
Hello, please add CNAME flattering support. This is necessary for reduce and speed up DNS lookups via disabling ANAME support and block RFC compliant CNAME records at a root domains....
Hello, please add QNAME minimisation to improve privacy: https://datatracker.ietf.org/doc/html/rfc7816 Thank you. Best regards!😮💨
Hello, please add support of 0-RTT for TLS 1.3 and TCP Fast Open (TFO) for TLS 1.2 for encrypted DNS endpoints: https://blog.cloudflare.com/introducing-0-rtt/ https://datatracker.ietf.org/doc/html/rfc7413 Thank you. Best regards!😲
Hello, please add OCSP stapling support for encrypted DNS endpoints: http://datatracker.ietf.org/doc/rfc2560/ http://datatracker.ietf.org/doc/rfc6066/ Thank you. Best regards!🤤
Hello, please add these EDNS improvements: - EDNS0 TCP keepalive Option: https://datatracker.ietf.org/doc/html/rfc7828 https://datatracker.ietf.org/doc/html/rfc7830 - EDNS0 Padding Option: https://datatracker.ietf.org/doc/html/rfc8467 Thank you. Best regards!😬
Hello, please add DNS-over-HTTP/3 support. For example, NextDNS has an DoH3 endpoint so you can try to test it too: https://doh3.dns.nextdns.io/subscription_id/clients_id https://help.nextdns.io/t/y4hfw14/cant-use-doh3 Now I use NGINX for this purpose, but...
Hello, please add DNSSEC and DNSSEC-validated cache (RFC8198) support for encrypted DNS endpoints: https://dnssec-analyzer.verisignlabs.com/adguard-dns.com https://dnssec-analyzer.verisignlabs.com/adguard-dns.io https://dnssec-analyzer.verisignlabs.com/adguard.com More information here: https://tools.ietf.org/html/rfc8198 Thank you. Best regards!😳
Hello, please add DNS rebind native protection to block all private addresses and subnets. Now I use these ugly rules: ``` /^(22[4-9]|23[0-9])(.[0-9]{1,3}){3}$/ /^(24[0-9]|25[0-5])(.[0-9]{1,3}){3}$/ /^(::1)$/ /^(::ffff:)/ /^(fc00::)/ /^(fe80::)/ /^(febf::)/ /^(fec0::)/ /^(feff::)/...
Hello, please add encrypted DNS endpoints in HSTS preload list: https://hstspreload.org/?domain=adguard-dns.com https://hstspreload.org/?domain=adguard-dns.io Thank you. Best regards!😚