Support for authentication using SPKI pinsets.
TCP Fast Open enabled by default if possible, support for MAC OS X TFO added.
First version available now for review: https://datatracker.ietf.org/doc/draft-dgr-dprive-dtls-and-tls-profiles/
Includes EDNS0 padding option and EDNS Client Subnet privacy option. Also improved reporting of transport and authentication status.
Another successful Hackathon for the DNS/DNSSEC team! EDNS0 Padding and EDNS0 ECS privacy options added to the code
DNS-over-TLS draft is also going through WGLC
The latest release of getdns includes an experimental implementation of TLS hostname based authentication
There were presentations at the OARC Fall workshop on both 'DNS Privacy Mechanisms' and 'Using TLS for DNS privacy in practice'
The latest release of getdns allows the user to specify an ordered list of transports from TLS, STARTTLS, TCP or UDP. It also supports configuration of the DNS-over-TCP idle timeout for a paramter
Working on TLS authentication in getdns!
New versions of 2 internet drafts are available:
The latest release includes and implementation of STARTTLS
A demo of TLS and STARTTLS in getdns was given at Bits'n'Bytes IETF 92 in Dallas.
Update version of https://tools.ietf.org/html/draft-ietf-dnsop-5966bis-01 available