<hidden> anonymous
Created: 4 years and 10 months ago • Updated: 4 years and 10 months ago
DDG uses a com. domain, so it's possible to set up a DNSSEC zone to make it more secure with little effort. A TLSA record would be a nice bonus.


This forum has been archived

Thank you all for the many comments, questions and suggestions. Particular thanks go to user x.15a2 for constantly monitoring, replying and helping so many users here. To continue these discussions, please head over to the DuckDuckGo subreddit.


Also, there's the dnssec validator toolbar which should really be built-in.
posted by <hidden> • 4 years and 5 months ago Link
Yeah... DANE (with DNSSEC)

More information: https://en.wikipedia.org/wiki/DNS-based_...
Here is a list of sites which already supports DANE: http://www.internetsociety.org/deploy360...

This way you can make the SSL connection much more secure and be more independent from certification authorities.
posted by blobgo 4 years and 18 days ago Link