<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 26 Jun 2018, at 10:09, bert hubert <<a href="mailto:bert.hubert@powerdns.com" class="">bert.hubert@powerdns.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Hi everyone,<br class=""><br class="">[tl;dr enable DNS over TLS on your resolvers and CPE/modem if you can]<br class=""><br class="">As announced in <a href="https://android-developers.googleblog.com/2018/04/dns-over-tls-support-in-android-p.html" class="">https://android-developers.googleblog.com/2018/04/dns-over-tls-support-in-android-p.html</a><br class="">Android "P" will attempt to talk DNS over TLS to its resolver by default.<br class=""></div></div></blockquote></div><br class=""><div class="">FYI: systemd-resolvd has implemented DNS-over-TLS in the latest release:</div><div class=""><a href="https://github.com/systemd/systemd/blob/master/NEWS" class="">https://github.com/systemd/systemd/blob/master/NEWS</a></div><div class=""><br class=""></div><div class="">“* systemd-resolved now supports DNS-over-TLS. It's still</div>   turned off by default, use DNSOverTLS=opportunistic to turn it on in<br class="">   resolved.conf. We intend to make this the default as soon as couple<br class="">   of additional techniques for optimizing the initial latency caused by <br class=""><div class="">   establishing a TLS/TCP connection are implemented."</div><div class=""><br class=""></div><div class="">Sara. </div></body></html>