Marker for full request

Hi,
I wanted to know if there is a marker used to indicate, that my request was made only in a secure way?

For example: I want to go to Cloudflare.com: I send my request to my server DoH/DoT.
When I get the response, can I know if my server made the recursive requests in a secure way, or no. Or is there another way to know it.

Best regards,
Adriano

hm… it’s your server you can know whatever you want, you decided how your server response

Can you give me an example how to do it ?

Can you elaborate on what you mean by that?

By encapsulating the requests of the server in DoH or DoT for example

So you want the ability to check whether the entire request chain (DNS and HTTP) was made in an encrypted fashion?! That would not be possible to my knowledge. What is the reason you are looking into this?

I want to implement my own DoT and DoH server this way, between the client and the server the requests are encrypted. The purpose was to be sure, that the response was secure.
Withtout using DNNSec.

How is that related to Cloudflare however?

DNSSEC is the way that a resolver ensures the response is valid. A recursive resolver has to ask the individual nameservers in the chain for an answer, many/most DNS hosts do not support DoH/DoT queries, so it is impractical to write a recursive resolver which requires that each hop in the chain speaks DoT/DoH.

Why would you want your DNS server to make the queries in this fashion?

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.