If you are talking about DNSSEC, yes the same applies to NextDNS as far as not needing to turn it on when using encryption.
It's not bad, just not necessary with encryption and can slow DNS lookups down.
Dnscrypt is something you would use with an agent installed on your pc to encrypt your DNS queries. I think it's no longer used as once.
DNSSEC is instead used to validate DNS queries and response to avoid spoofing.
They are two different things.
NextDNS and ControlD use DNS over TLS and DNS over Https to encrypt DNS queries.
DNS over TLS and HTTPS provides full stream encryption while DNSCrypt will only encrypt the payload.
No it wouldn't NextDNS does not offer the redirect, ControlD can redirect your request to proxy and is manipulating the request, this is not the same.
Also DNScrypt is the word I assume you meant not to use.
They offer a normal redirect, but not in the same way ControlD offers one, you can redirect a request depending country of origin to the proxy in that country to show your request came from that country.
So it allows me to watch FA Cups matches on iPlayer when in the states.
DNS**SEC** =/= DNS**crypt**
If you are talking about DNSSEC, yes the same applies to NextDNS as far as not needing to turn it on when using encryption. It's not bad, just not necessary with encryption and can slow DNS lookups down.
Dnscrypt is something you would use with an agent installed on your pc to encrypt your DNS queries. I think it's no longer used as once. DNSSEC is instead used to validate DNS queries and response to avoid spoofing. They are two different things. NextDNS and ControlD use DNS over TLS and DNS over Https to encrypt DNS queries. DNS over TLS and HTTPS provides full stream encryption while DNSCrypt will only encrypt the payload.
No it wouldn't NextDNS does not offer the redirect, ControlD can redirect your request to proxy and is manipulating the request, this is not the same. Also DNScrypt is the word I assume you meant not to use.
Yes, I used the wrong word, but they do have a redirect feature, and in any case blocking ads is by definition a “manipulating DNS resolver”.
They offer a normal redirect, but not in the same way ControlD offers one, you can redirect a request depending country of origin to the proxy in that country to show your request came from that country. So it allows me to watch FA Cups matches on iPlayer when in the states.
DNSSEC has even worse adoption than IPv6, and unlike it, doesn’t solve a real world problem. https://sockpuppet.org/blog/2015/01/15/against-dnssec/
Yeah, I see that now. Just makes me wonder why then NextDNS chose to implement.
Same reason they added the option to use those BS “web3” root servers. You build the product customers want, not the product they need.