There is no such thing as a "CurveDNS resolver". CurveDNs is a forwarder that encrypts DNS packets.
For me it runs bound to a loopback address, as do the nsd and tinydns servers. None of this traffic uses the network, there are no remote queries. There is nothing for the ISP to sniff.
When placed in front of a remote authoritative DNS server, that server can be queried using DNSCurve, e.g., with dq or dqcache. The packets are encrypted. ISPs cannot read them.
The IP address of the ianix.com name servers, 104.207.143.9, and the DNSCurve key, dns2sdrnxskf5lqt46v34cdlfqb9q2lvvmpr95g3l1qh0148sf6, can be obtained from the com.zone file, which is available for free from https://czds.icann.org/home
No recursive resolver is used. No packets are sent "in the clear". There is nothing for the ISP to sniff. Unlike public DoH or DNSCrypt servers, there is no third party DNS provider involved. No middleman.
For me it runs bound to a loopback address, as do the nsd and tinydns servers. None of this traffic uses the network, there are no remote queries. There is nothing for the ISP to sniff.
When placed in front of a remote authoritative DNS server, that server can be queried using DNSCurve, e.g., with dq or dqcache. The packets are encrypted. ISPs cannot read them.
For example,
The IP address of the ianix.com name servers, 104.207.143.9, and the DNSCurve key, dns2sdrnxskf5lqt46v34cdlfqb9q2lvvmpr95g3l1qh0148sf6, can be obtained from the com.zone file, which is available for free from https://czds.icann.org/homeNo recursive resolver is used. No packets are sent "in the clear". There is nothing for the ISP to sniff. Unlike public DoH or DNSCrypt servers, there is no third party DNS provider involved. No middleman.