Is it better to use my isp dns server or a public one like cloudflare? I’ve noticed that my isp dns servers are slightly faster according to ping tests but they fail the dnssec signature test, while cloudflare and Google dns pass all signature tests using dnssec standards. The difference in speeds isn’t really noticeable, but I’m wandering about security and privacy.
I’d avoid your ISP DNS for almost any other option. I’ve had multiple ISPs that redirect unregistered domains to their own site or search pages, and/or marketing pages, or decide that some sites or content should be limited for no real reason.
At least the big public ones (Cloudflare, Google, Quad9, etc) have less reason to misdirect your results.
I now run my own DNS resolver, which also can cache results on my LAN for improved speed, and then query upstream to Cloudflare 1.1.1.1 or Google 8.8.8.8 as needed. I’ve been quite happy with that.