Post

Replies

Boosts

Views

Activity

Is there a "canary domain" to signify per-app encrypted DNS should not be used?
Mozilla employs encrypted DNS now in browsers. If in the case such DNS cannot be used, maybe users need corporate DNS for example, a "canary domain" can be resolved first and if it is successful, encrypted DNS is used by the application. However, if is is unresolved with a known and expected DNS error response, encrypted DNS is not used. Does Apple have or plan to have a "canary domain" that would allow a VPN on device to "notify" the system a per-app encrypted DNS usage is not allowed? How does Apple plan on allowing a user on a corporate network to access everything needed on their own DNS without forcibly adopting a per-app encrypted DNS usage? Thank you, Logan
1
0
957
Jun ’20