DNS RPZ Protection From DoH
Daniel Stirnimann
daniel.stirnimann at switch.ch
Wed Oct 2 11:28:28 UTC 2019
You cannot block DoH with RPZ but you can block bootstrapping DoH if the
web browser is configured to use "normal" DNS to lookup the DoH
endpoint. See also:
https://github.com/bambenek/block-doh
Daniel
On 02.10.19 13:23, Blason R wrote:
> Hi Folks,
>
> Wondering if anyone has any clue or defining policies for blocking DoH
> [DND Over HTTPS] traffic using bind RPZ feature?
>
> Does anyone have any use case about it?
>
> Thanks and Regards,
> Blason R
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
More information about the bind-users
mailing list