LibreDNS upgrades the security of DNS over TLS (DoT) service
on improving the security of our DNS over TLS (DoT) service in LibreDNS, we upgraded the security suite of the service.
To be technical: DoT is using gnutls 3.5.x. We changed our configuration to SECURE256 and we deprecated any support of SSL3.0 and TLS1.0. As a result of this, only TLS1.2 protocol is now supported.
In our systems, we tested DoT and it is working as advertised. But as always, if you notice any problem, plz feel free to contact us.