stubby icon indicating copy to clipboard operation
stubby copied to clipboard
verified publisher icon getdnsapi

Option to listen for DNS-over-TLS queries

Open triatic opened this issue 6 years ago • 3 comments

Would it be feasible to have Stubby listen for DNS-over-TLS queries as well as send them? That way it could act as a fully-fledged DNS-over-TLS proxy without any additional software.

triatic avatar Aug 19 '19 14:08 triatic

What is the use case for this? Does unbound not address some of the needs?

CameronNemo avatar Feb 26 '20 03:02 CameronNemo

Yes, Unbound can do this, as can Knot Resolver. Maybe Stubby could do it too.

triatic avatar Feb 26 '20 11:02 triatic

Well I do not know how much effort it would be to add such functionality. But I will say that what attracts me to Stubby is that it is a minimal tool designed for the most common use case. For more complicated cases there are alternatives, like the ones you mentioned. I would hope that scope creep does not jeopardize one of stubby's main differentiating factors compared to other resolvers.

CameronNemo avatar Mar 01 '20 16:03 CameronNemo