Since this year I have an internet provider where dual stack IPv4/IPv6 is possible without DS-Lite. And after about 7 years!! after the IPv6 Launch Day on June 6th, 2012 I arrived with my home network in the IPv6 age.
Now that I have the base of “Atmo”, my weather station ready, I continue programming the ESP32 to read the sensor values and transmit them centrally.
In the 1st part of “Atmo” I described how I assembled the indoor base station, on which this article is based.
In the previous blog entry [Pi-hole with DNS-over-TLS] I set up stubby for dns-over-tls on the pi-hole. I want to do the same now for DNS-over-HTTPS (DoH), but neither Stubby nor Unbound support the young protocol which answers DNS queries via HTTPS. Some browsers have now integrated DoH, but I would like to protect all DNS queries from my home network. Therefore I use the client of cloudflare written in Go:
The new ACME v2 protocol for Let’s Encrypt certificates is live! Among other things, this now allows wildcard certificates to be obtained. This allows many individual certificates (such as subdomains) to be reduced to one, and no additional certificates are required for multiple subdomains.
Since August 2014, the members of IETF and other stakeholders have been working on the upcoming TLS version 1.3. After some delay due to the surprisingly negative field test results caused by middleboxing, the current draft is now submitted.