So am I correct assuming they support DNSCrypt if they claim they support encryption?
If that's the case that's really nice actually. Google DNS kinda silently launched DNS-over-HTTPS in 2016 but still no DNSCrypt; opendns are the only major ones supporting it.
Of course I stopped using dnscrypt at some point because it was a pain to maintain, and wasnt supported on most of my devices :/
Should point out though that it is using DNS-over-HTTP/2 and not DNSCrypt it seems, because the DNS stamp you provided in a sibling comment starts with "Ag" and not "AQ".
When you are a CDN and already have a massive infrastructure to handle HTTP/2 traffic, DNS-over-HTTP/2 makes more sense.
I also totally trust Cloudflare for the TLS security part, especially since they support TLS 1.3 already.
Quad9 said they will support DNSCrypt soon, and the software they use just got an update to do it nicely. So, this will be a decent alternative if you are looking for an anycast resolver.
Snap, hours later as I was looking for some things relating to setting up dnscrypt-proxy2 I landed on https://github.com/jedisct1/dnscrypt-proxy and spotted a certain similarity between the usernames of that GitHub user and the person that had responded to me on HN earlier.
Thanks for making this :) Also, thanks for using the ISC license, it is my favorite license.
PS: And additionally then, the text I was quoting from https://dnscrypt.info/faq was probably written by you. Good thing I was sufficiently convinced by what you said that I didn't argue against it, that'd been embarrassing. Embarrassing but also funny ofc ;)
Edit, another 40 minutes later: And you've authored libsodium, and you've done a bunch of other really cool things also. Holy crap! I'd buy you a beer if I ever met you but you are probably way busy anyway lol.
This CSV file is gone, along with the confusing and mostly useless information it contained.
All the required parameters to connect to a server (protocol, certificate hashes, public keys, bootstrap IP address, URL...) are now represented as a string ("DNS Stamp").
If that's the case that's really nice actually. Google DNS kinda silently launched DNS-over-HTTPS in 2016 but still no DNSCrypt; opendns are the only major ones supporting it.
Of course I stopped using dnscrypt at some point because it was a pain to maintain, and wasnt supported on most of my devices :/