Add DNS-over-TLS and DNS-over-HTTPS query capability via kdig

add DNS-over-TLS and DNS-over-HTTPS query capability by adding kdig from KNOT DNS project in its Alpine Linux package flavor.

@nbkowalewski nslookup/dig don't provide these capabilities ?

Thanks for asking - and yes, you are correct: DoH, DoT support are missing in the dig included in the current stable release of bind [1]: https://bind9.readthedocs.io/en/v9_16_17/manpages.html#dig-dns-lookup-utility

For nslookup i didn't check, since i don't consider it really fit for protocol detail debugging.

kdig supported it quite early and the authors sere wise enough to aim for coming up with "as dig like as possible" command line options.

DoH support for dig is as far as i understand (=possibly wrong, yet hopefully not) only in bind developer release since March 2021, [2] as part of 9.17.11

• https://gitlab.isc.org/isc-projects/bind9/-/blob/main/CHANGES#L280

DoT support for dig came in a bit earlier, in developer release 9.17.7

• https://gitlab.isc.org/isc-projects/bind9/-/blob/main/CHANGES#L564

So, assuming that 9.17.xx will at one point in time procreate into the next even number 9.18.xx stable release version of bind, i'd suggest to conclude it'll take quite a bit more time until we see a widespread of dig with DoT/DoH, thus I propose inclusion of kdig for the time being.

References [1] https://bind9.readthedocs.io/en/v9_16_17/manpages.html#dig-dns-lookup-utility [2] https://bind9.readthedocs.io/en/v9_17_11/manpages.html?highlight=dig#dig-dns-lookup-utility [3] https://bind9.readthedocs.io/en/v9_17_7/manpages.html?highlight=dig#dig-dns-lookup-utility

Hi again, do you need more to merge this, and if yes, what do you think needs to be different?

Its really only because at this time kdig is ahead of dig in native support for TLS security. Thus it at least can't harm to have kdig even if dig is there already.