Mozilla employs encrypted DNS now in browsers.
If in the case such DNS cannot be used, maybe users need corporate DNS for example, a "canary domain" can be resolved first and if it is successful, encrypted DNS is used by the application. However, if is is unresolved with a known and expected DNS error response, encrypted DNS is not used.
Does Apple have or plan to have a "canary domain" that would allow a VPN on device to "notify" the system a per-app encrypted DNS usage is not allowed?
How does Apple plan on allowing a user on a corporate network to access everything needed on their own DNS without forcibly adopting a per-app encrypted DNS usage?
Thank you,
Logan
If in the case such DNS cannot be used, maybe users need corporate DNS for example, a "canary domain" can be resolved first and if it is successful, encrypted DNS is used by the application. However, if is is unresolved with a known and expected DNS error response, encrypted DNS is not used.
Does Apple have or plan to have a "canary domain" that would allow a VPN on device to "notify" the system a per-app encrypted DNS usage is not allowed?
How does Apple plan on allowing a user on a corporate network to access everything needed on their own DNS without forcibly adopting a per-app encrypted DNS usage?
Thank you,
Logan
