Thursday, January 18, 2018

QDNS rebinding trickery

I am trying to do some posts via my gh pages.
I will cross-link my posts on this blog in future,
so you don't need to update your bookmarks.

Both blogs will stay free of advertisement or
influencer shit in 2018 as before, except the usual C++11
(now C++17) attitude towards Rust coders. :p

Friday, January 5, 2018

harddns usability

I updated harddns to make use of standard TLS certificate
checking. Usage of pinned certs is now optional. If they
exist inside /etc/harddns/pinned, they have to match
in order for the resovle to succeed. If there don't exist
any pinned certs, the common X509 chain verification
is applied.
This should make harddns much more usable, as
there are plenty of X509's from google endpoints
which may appear if the resolver web API is contacted.