Author Topic: Google Public DNS DNSSEC-validating resolution  (Read 670 times)

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 4013
  • Karma: 373
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Google Public DNS DNSSEC-validating resolution
« on: November 15, 2017, 09:33:40 am »
Google Public DNS DNSSEC-validating resolution over an encrypted HTTPS connection

Does Google Public DNS secure the so-called "last-hop" by encrypting communication with clients?

Yes! Traditional DNS traffic is transported over UDP or TCP without encryption. We also provide DNS-over-HTTPS which encrypts the traffic between clients and Google Public DNS. You may try it at:


DNS-over-HTTPS appears to me to be a new feature added to Google's Public DNS.  Is this Google's alternative to Cisco's DNSCrypt?  Also, why does my DNSCrypt still work when running Google's DNS if it is allegedly incompatible with DNSCrypt? :o

Here are the servers that are currently compatible with DNSCrypt.  Google Public DNS is conspicuously absent from this list.

By the way, these are NOT support questions.  Everything is working fine for me with Peppermint 8.  I'm only trying to increase my understanding of DNS by asking these two questions, BUT I am puzzled by this relatively new development within Google's Public DNS and why my I am still able to pass GRL Gibson's DNS Spoofability Test when running Google Public DNS with DNSCrypt.  :-\

Thank you,


[T]here are a lot of people happily running Peppermint ICE which hasn't been receiving ANY updates for a while now .. and I personally would STILL consider that MUCH more secure than any version of Windows with up-to-date AV/Anti-malware ;)

--  PCNetSpec, Cornwall, Eng.  Dec 03, 2013 5:18 pm