NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Jochen79's avatar
Jochen79
Aspirant
Jan 11, 2022

DNS DoT (TLS / HTTPS)

Hi Community   Using the SXR80 OrbiPro6 quite new and realize there is no DNS DoT available. Either via TLS or HTTPS. The NETGEAR support line is completely overwhelmed and unable, in case any issu...
sendintheclones's avatar
sendintheclones
Initiate
Feb 17, 2022

Well, neither is WPA3, since so many devices donøt support it - yet.

 

DoH and DoT is the most privacy oriented features a router vendor can offer. I don't understand why this is not a feature yet. Both CLoudFlare, Google(!!) and quad9 supports both DoH and DoT, and it's really up to us all wether we will use it or not.

 

I don't hope Netgear has a business model where they need resolver data for resell...

 

By the why ..and while at it....why not enable HTTPS for the admin interface as the default AND update the the valid certificate.....??

 

 

schumaku's avatar
schumaku
Guru - Experienced User
Feb 24, 2022
sendintheclones wrote:

...why not enable HTTPS for the admin interface as the default ....??

Have your own DNS, ideally a split-DNS, a dedicated name for each of of your devices offering https? Sigh, we need the ability to generate CSRs, to import certificates and private key, for automatically maintaining the certificates (by industry standard CMP, and some popular free/open CA's like Let's Encrypt). Oh of course also for LE you need a unique DNS name for each device....

 

sendintheclones wrote:

... AND update the the valid certificate.....??

A shared certificate, being earlier the Entrust CS signed ones Netgear had in place, with the orbilogin.blah name, or the now self-signed ones in place - both can NEVER be considered a trusted certificate.

 

Or you might have the magic idea on how to bring the (shared) private key to all these Orbi Pro devices? The moment you share the private key, your beloved privacy is gone. 

 

-Kurt (who is an engineer, so has no idea about anything, but have participated with the design and implementation of the biggest private CAs 25 years ago - long before the CA know-how became commodity)

 

 

 

 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More