Add Full DNScrypt Package Integration

390 votes

DNSCrypt is currently the safest and most cutting edge DNS protocol that exists on the planet. It protects against MITM, DNS poisoning and easedropping. Because DNSCrypt does not have a TLS stack nor use X509 certs, the attack surface is vastly smaller than DNS over TLS. Validating TLS certificates in non-browser software is the most insecure code in the world:

DNSCrypt specializes in the art of DNS encryption and does not use a generic protocol such as TLS to accomplish this, but its own complete and unique specification fine tuned for DNS. DNScrypt offers users over 100 decentralized servers to choose from from around the world. Many modern systems offer only DNS over TLS, limiting users to 5 eyes jurisdiction corporations for services like Google or Cloudflare. Here are some of the flavors it comes in:

Under consideration Suggested by: Tyler Vincent Upvoted: 21 Sep Comments: 7

Comments: 7

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators