dnstap tls support (#5917)

Signed-off-by: dmachard <5562930+dmachard@users.noreply.github.com>

plugin/dnstap/README.md

@@ -18,6 +18,7 @@ Every message is sent to the socket as soon as it comes in, the *dnstap* plugin
 dnstap SOCKET [full] {
   [identity IDENTITY]
   [version VERSION]
+  [skipverify]
 }
 ~~~
 
@@ -25,6 +26,7 @@ dnstap SOCKET [full] {
 * `full` to include the wire-format DNS message.
 * **IDENTITY** to override the identity of the server. Defaults to the hostname.
 * **VERSION** to override the version field. Defaults to the CoreDNS version.
+* `skipverify` to skip tls verification during connection. Default to be secure
 
 ## Examples
 
@@ -61,6 +63,14 @@ dnstap /tmp/dnstap.sock {
 }
 ~~~
 
+Log to a remote TLS endpoint.
+
+~~~ txt
+dnstap tls://127.0.0.1:6000 full {
+  skipverify
+}
+~~~
+
 You can use _dnstap_ more than once to define multiple taps. The following logs information including the
 wire-format DNS message about client requests and responses to */tmp/dnstap.sock*,
 and also sends client requests and responses without wire-format DNS messages to a remote FQDN.