New Update AdGuard DNS now supports Structured DNS Errors. Here’s what it means

[silversurfer]

The AdGuard DNS v2.10 release is comparable in scope to the DNS-over-QUIC implementation — AdGuard DNS has once again become the world’s first public DNS resolver to implement a new feature before it becomes an official standard. This time, it’s Structured DNS Errors.

Below, we’ll go into detail about what this is and why it’s important. But if you’re short on time, here’s the summary:

• When a website is blocked at the DNS level, users may see a “This site can’t be reached” or “No Internet connection” error that doesn’t explain the reason for the block.
• To clarify this, DNS servers could redirect users to their own page with an explanation. However, HTTPS websites (which are the majority of websites) would require a separate certificate.
• There’s a simpler solution: Structured DNS Errors (SDE). They allow additional information (like the reason for blocking, responsible entity, and contact info) to be sent in the DNS response so that the browser can read it and pass it on to the user, greatly improving communication transparency.
• For this system to work, browsers must start supporting SDE. This is what we’re advocating for.

AdGuard DNS now supports Structured DNS Errors. Here’s what it means

AdGuard DNS is the world's first public DNS resolver to support Structured DNS Errors (SDE). Read how they can make communication more transparent for billions of people.

adguard-dns.io

 

[TairikuOkami]

We believe that DNS-over-QUIC (or simply DoQ) is the future of DNS encryption

Yes sadly, but it is less secure, no matter what excuses you throw at it. There is a reason TCP is more secure than UDP. I will choose DoT and DoH over DoQ any day. I block/disable QUIC.

At least get your story right, people supposedly moved to TCP, because UDP got lost, now they are supposed to move back to UDP, because TCP gets lost.
When is the last time you lost UDP/TCP packets? Unless you have an unreliable connection, packets do not get lost anymore, we have moved beyond this.

 

[Marko :)]

Yes sadly, but it is less secure, no matter what excuses you throw at it. There is a reason TCP is more secure than UDP. I will choose DoT and DoH over DoQ any day. I block/disable QUIC.

At least get your story right, people supposedly moved to TCP, because UDP got lost, now they are supposed to move back to UDP, because TCP gets lost.
When is the last time you lost UDP/TCP packets? Unless you have an unreliable connection, packets do not get lost anymore, we have moved beyond this.

The one thing I hate about AdGuard, they are constantly adopting unfinished standards for their services. DNS-over-QUIC has a lot of problems and isn't even finished, yet, they brag about being the first DNS resolver to support it. And now this... where you need to have experimental add-on installed just to see their error page when browsing the web.

I read many posts on Reddit which claim how DNS-over-QUIC sometimes just lets requests go unencrypted which is totally unacceptable for me. DNS-over-HTTPS is still champion for me; secure enough and harder to block because it relies on HTTPS traffic.

 

[franz]

AdGuard makes win10 work slower. As soon as I uninstall everything is ok. I have tried several times and this happens every time. Any advice on how to avoid this?