Hello fellow Comodo Geeks,
I’ve not been able to find anything about cDome Shield being having DNSCrypt or DNS-over-TLS capabilities. DNSCrypt encrypts DNS requests from the client to the DNS server using elliptical curve encryption so that DNS requests can’t be intercepted/modified. This is something that OpenDNS/Cisco Umbrella has supported for a number of years. The truth is not many firewall products have support for it. I currently use it with a Shibby Tomato-based router which does. I’d like to see either DNSCrypt or DNS-over-TLS or both integrated to Shield and for the Comodo Dome firewall to have a the client(s).
See the following for more info:
DNSCrypt: https://dnscrypt.org/ - There may be an opportunity to promote Comodo by sponsoring/assisting with it’s development as the primary author has been maintaining it for 6 years and is ready to move on to other things.
https://github.com/jedisct1/dnscrypt-proxy/issues/769
DNS-over-TLS: https://dnsprivacy.org/wiki/display/…oject+Homepage
C1 Partners please chime in on the topic. I’m curious to know how many are familiar with DNS encryption and if so, how they’ve implemented it.
Edit: I’ll also add that encrypting DNS requests keeps them private in transit and largely prevents ISPs and others from easily snooping the DNS requests themselves which is helpful in reducing intrusive data collection. However, it doesn’t prevent them from seeing where your packets are going once you are connected to the service looked up in DNS. Every little bit of privacy counts though.
Regards,
-felipe