[EXTERNAL] Re: Flow collection and analysis
n5d9xq3ti233xiyif2vp at protonmail.ch
Fri Jan 28 14:01:55 UTC 2022
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, January 28th, 2022 at 11:52, Jean St-Laurent <jean at ddostest.me> wrote:
> Why DNS are still travelling in clear text?
It doesn't have to. In 2022 there are many encryption options for DNS. There are also things like DNSSEC and DANE for ensuring authenticity over cleartext.
In addition, if the latest US Federal guidance is anything to go by, we may be witnessing the first big nail being put into the cleartext DNS coffin. (https://www.bastionzero.com/blog/i-read-the-federal-governments-zero-trust-memo-so-you-dont-have-to)
More information about the NANOG