[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30753 [Applications/Tor Browser]: Think about using DNS over HTTPS for Tor Browser 9



#30753: Think about using DNS over HTTPS for Tor Browser 9
--------------------------------------+--------------------------
 Reporter:  gk                        |          Owner:  tbb-team
     Type:  task                      |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  ff68-esr                  |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by arma):

 What would "using DoH" look like here?

 If Tor clients are doing it themselves, then two more cons include:
 * Several more round-trips across the Tor network for each web request,
 which would seem to be a huge performance penalty.
 * Most every circuit will also include (start with?) a stream to a known
 destination, which would be...confusing in terms of anonymity but it
 doesn't strike me as good.

 If the exit relays are doing DoH on their own in order to resolve
 addresses that the clients ask for on the exit circuits, that seems much
 more workable to me, because it would let the exit relay cache and reuse
 answers for a while across all requestors, and because it would remove the
 need for the full Tor network round-trips just to do a resolve. But then
 it would become a different sort of ticket, more like "encourage Tor exit
 relay operators to change their local dns resolver to use a DoH option."

 Please do tell me that I'm totally missing the obvious reasons why this
 ticket is a good idea. :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30753#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs