Hi all,
have included dns.sb in my list and it works here.
;; DEBUG: Querying for owner(www.isoc.org.), class(1), type(1), server(185.222.222.222), port(853), protocol(TCP)
;; DEBUG: TLS, imported 138 certificates from '/etc/ssl/certs/ca-bundle.crt'
;; DEBUG: TLS, received certificate hierarchy:
;; DEBUG: #1, C=EE,L=Tallinn,O=xTom OU,CN=dns.sb
;; DEBUG: SHA-256 PIN: /qCm+kZoAyouNBtgd1MPMS/cwpN4KLr60bAtajPLt0k=
;; DEBUG: #2, C=US,O=DigiCert Inc,CN=DigiCert SHA2 Secure Server CA
;; DEBUG: SHA-256 PIN: 5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=
;; DEBUG: TLS, skipping certificate PIN check
;; DEBUG: TLS, The certificate is trusted.
;; TLS session (TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 17566
;; Flags: qr rd ra ad; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 1
;; EDNS PSEUDOSECTION:
;; Version: 0; flags: do; UDP size: 4096 B; ext-rcode: NOERROR
;; QUESTION SECTION:
;; www.isoc.org. IN A
;; ANSWER SECTION:
www.isoc.org. 300 IN A 46.43.36.222
www.isoc.org. 300 IN RRSIG A 7 3 300 20200314085007 20200229085007 29027 isoc.org. Yy0+tOrkwb+BVBrvPdfR1foG+5+5BTZZfogapZEKPSBJh78Nz94WTdkVhbRaVfcaY7+4CbwyzWPfJfcnA5jy/TLhOhOHNNmX7oQ/RVEoORX063oKy4E2sEsULaaWuuL5iRkFcTIGRtHkSEfk60aDHTuwdVRa41HRRPoMeKYcBUQ=
;; Received 225 B
;; Time 2020-02-29 14:45:54 CET
;; From 185.222.222.222@853(TCP) in 463.4 ms
Exit status: 0
IP = 185.222.222.222
TLS Hostname = dns.sb
According to the topic, DoT located in the US seems to be really rare !
Best,
Erik