mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2025-03-04 10:24:40 +01:00
Use PolyChaCha, but more importantly, RSA by default
Even on non-ARM systems, this makes a difference in CPU usage/latency
This commit is contained in:
Frank Denis
parent
1a4d34dc55
commit
de6a8d230e
1 changed files with 6 additions and 4 deletions
|
|
@ -123,17 +123,19 @@ cert_refresh_delay = 240
|
|||
# tls_disable_session_tickets = false
|
||||
|
||||
|
||||
## DoH: Use a specific cipher suite
|
||||
## DoH: Use a specific cipher suite instead of the server preference
|
||||
## 49199 = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
## 49195 = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||
## 52392 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
||||
## 52393 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
||||
##
|
||||
## On non-Intel systems such as MIPS routers and ARM systems (Android, Raspberry Pi...),
|
||||
## the following suite may improve performance.
|
||||
## Everybody else should not set this parameter, and just use the default suite.
|
||||
## the following suite improves performance.
|
||||
##
|
||||
## Delete or comment the next line if you have issues connecting to some DoH servers, but
|
||||
## any modern server should support this cipher suite. Google and Cloudflare do.
|
||||
|
||||
# tls_cipher_suite = [52392, 49199]
|
||||
tls_cipher_suite = [52392, 49199]
|
||||
|
||||
|
||||
## Fallback resolver
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue