Secured w/ECS Quad9:
Malware blocking, DNSSEC Validation, ECS enabled
IPv4
9.9.9.11
149.112.112.11
IPv6
2620:fe::11
2620:fe::fe:11
HTTPS
https://dns11.quad9.net/dns-query
TLS
tls://dns11.quad9.net
https://quad9.net/service/service-a...s-and-features/


Quad9 now supports Ed25519 in 9.9.9.11 / May 13, 2025“
https://quad9.net/news/blog/quad9-n...19-in-9-9-9-11/

使用Ed25519 的優點
【轉貼】Ed25519 is an Edwards-curve Digital Signature Algorithm (EdDSA). Like other ellipctic curve algorithms, its main advantage over RSA is that it offers the same level of security with much shorter key lengths, leading to shorter DNSKEY and RRSIG records. This in turn means that most DNS responses will fit in a single UDP packet (<512 bytes), and the potential for DNS amplification DDoS attacks is greatly reduced. EdDSA also has a number of advantages over ECDSA algorithms such as DNSSEC algorithm 13 (ECDSA P-256) and 14 (ECDSA P-384): it is faster, it is not dependent on a unique random number when generating signatures, it is more resilient to side-channel attacks, and it is easier to implement correctly.
https://ed25519.no/