<div dir="ltr">My apologies. I evidently did not search thoroughly enough. The response to my question is here:<br><a href="http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q3/009837.html">http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q3/009837.html</a> <br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jul 6, 2020 at 2:34 PM Mathew Keith <<a href="mailto:rommy@appus.org">rommy@appus.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div>I'd like to request support for DNS over TLS within dnsmasq. Information can be found here:</div><div><a href="https://dnsprivacy.org/wiki/display/DP" target="_blank">https://dnsprivacy.org/wiki/display/DP</a> - DNS Privacy project<br><a href="https://tools.ietf.org/html/rfc7858" target="_blank">https://tools.ietf.org/html/rfc7858</a> - <span style="font-size:1em;color:rgb(0,0,0)">Specification for DNS over Transport Layer Security (TLS)</span><div><br></div><div>I checked if there was already such a request but I only found reference to someone pointing dnsmasq to Stubby. While configuring dnsmasq to relay to a dns server which supports dns over tls is certainly possible it would seem to defeat the purpose of dnsmasq.</div><div><br></div><div>While implementing this it would be ideal to allow for a hostname to be provided and validated against the certificate name or subject alternate name provided by the forwarder.</div><div><br></div><div>Thank you in advance for your time and consideration!</div>-- <br><div dir="ltr">Take care,<br>Matt</div></div></div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">Take care,<br>Matt</div>