Updated FAQ

2024-01-11 08:36:10 +01:00 · 2024-01-11 08:36:10 +01:00 · d0f5d7ffdf
parent f0b7396a31
commit d0f5d7ffdf
2 changed files with 4 additions and 2 deletions
--- a/FAQ.md
+++ b/FAQ.md
@ -5695,12 +5695,13 @@ You can use [this tool](https://ssl-tools.net/tlsa-generator) to generate TLSA D
 You can enable enforcing DNSSEC and/or DANA in the (advanced) account and identity settings (since version 1.2149).

 Note that only some email providers support DANE and that only a limited number of DNS servers support DNSSEC (January 2024: ~30%), which is required for DANE.
-Most private DNS providers support DNSSEC, though. You can configure private DNS in the Android network settings.
+Most private DNS providers support DNSSEC, though. You can configure private DNS in the Android network settings (since Android 9).
 To be sure that private DNS is being used, better configure a host name like *dns.google*, *1dot1dot1dot1.cloudflare-dns.com* or *dns.quad9.net*.
 An alternative is using Certificate Transparency, see the previous FAQ.

 Email providers known to support DANE:

+* [Disroot.org](https://disroot.org/)
 * [Freenet.de](https://email.freenet.de/)
 * [Mailbox.org](https://mailbox.org/)
 * [Posteo.de](https://posteo.de/)
--- a/index.html
+++ b/index.html
@ -2782,9 +2782,10 @@ adb install /path/to/FairEmail-xxx.apk</code></pre>
 <p>Please see <a href="https://github.com/internetstandards/toolbox-wiki/blob/main/DANE-for-SMTP-how-to.md">this article</a> about what DANE is. Alternatively, see <a href="https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities">this Wikipedia article</a>.</p>
 <p>You can use <a href="https://ssl-tools.net/tlsa-generator">this tool</a> to generate TLSA DNS records for DANE (select either PKIX-EE or DANE-EE).</p>
 <p>You can enable enforcing DNSSEC and/or DANA in the (advanced) account and identity settings (since version 1.2149).</p>
-<p>Note that only some email providers support DANE and that only a limited number of DNS servers support DNSSEC (January 2024: ~30%), which is required for DANE. Most private DNS providers support DNSSEC, though. You can configure private DNS in the Android network settings. To be sure that private DNS is being used, better configure a host name like <em>dns.google</em>, <em>1dot1dot1dot1.cloudflare-dns.com</em> or <em>dns.quad9.net</em>. An alternative is using Certificate Transparency, see the previous FAQ.</p>
+<p>Note that only some email providers support DANE and that only a limited number of DNS servers support DNSSEC (January 2024: ~30%), which is required for DANE. Most private DNS providers support DNSSEC, though. You can configure private DNS in the Android network settings (since Android 9). To be sure that private DNS is being used, better configure a host name like <em>dns.google</em>, <em>1dot1dot1dot1.cloudflare-dns.com</em> or <em>dns.quad9.net</em>. An alternative is using Certificate Transparency, see the previous FAQ.</p>
 <p>Email providers known to support DANE:</p>
 <ul>
+<li><a href="https://disroot.org/">Disroot.org</a></li>
 <li><a href="https://email.freenet.de/">Freenet.de</a></li>
 <li><a href="https://mailbox.org/">Mailbox.org</a></li>
 <li><a href="https://posteo.de/">Posteo.de</a></li>