The DNSCrypt-proxy has seen some significant improvements lately and client implementations are now availabe for all platforms.
As a direct consequence, everybody can encrypt the individual traffic from each of their smartphones and computers or alternatively from all devices in their local network, e.g. by using DNSCrypt on a pi-hole or pfsense etc, and also because there is a number of complementary DNS servers which support DNSCrypt.
As a customer of OpenDNS, I would like to see some new developments from OpenDNS as well, and I am actually willed to pay for it.
When I look into my dashboard stats, I would like to see not only whether domains resolved normally or whether some responses have been blocked, but also whether the server response was encrypted, because I am actually using DNSCrypt and I want to see if the whole thing is really working.
This feature should not be made available only to enterprise customers, but also to subscribers of OpenDNS VIP.
I believe this could be a win-win for both sides.
OpenDNS can attract more users with a feature that is useful and complementary to DNSCrypt, while it has never been easier to implement DNSCrypt on your network at home or your individual devices. Users will be encouraged to start using DNSCrypt when there is a service that shows them that the traffic is indeed encrypted and that the whole thing is working...and in the end, everybody is using it.
I never fully understood why OpenDNS doesn't offer DNSSEC, but perhaps there are some technical reasons for this, however, as a pioneer of DNSCrypt this should be a slam dunk.
Please sign in to leave a comment.