Oddbean new post about | logout
bad71098 | 1 years ago (raw) | root | parent | reply | flag 
 @a0b872c9 This sounds really good. But then I went to the page about configuring it, and it shows Cloudflare as an example of a secure DNS provider.
I am not sure if I trust Cloudflare at all. 
It looks like this is one of the things that is really awesome if you spend a bunch of time and effort setting it up correctly, but it can be dangerous when just set to "auto".
Glyn Moody | 1 years ago (raw) | root | parent | reply | flag 
 @ee7a05b3 but I think this is separate from DNS, no?
bad71098 | 1 years ago (raw) | root | parent | reply | flag 
 @a0b872c9 It uses a secore DNS to get the public key. The explanation says it needs a secure DNS provider, but doesn't go into any detail about where to find one.
It looks like it could pick one automatically, or you can pick your own on the "increased security" setting.
But that means all trust has to be with this one provider. 
If the provider is good, it is beneficial.
But if the provider is malicious or compromised, it could be disastrous.
Glyn Moody | 1 years ago (raw) | root | parent | reply | flag 
 @ee7a05b3 sure, but you can split the two aspects, so that's ok