[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #25564 [Community/Relays]: DNS-over-HTTPS for exit relays
#25564: DNS-over-HTTPS for exit relays
------------------------------+------------------------
Reporter: cypherpunks | Owner: Nusenu
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Community/Relays | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+------------------------
Comment (by cypherpunks):
Replying to [comment:1 cypherpunks]:
> Yes, I had the same idea but I came to the conclusion that it is worse
since you give all data to 3th party (your DNS-over-HTTPS resolver)
instead of not using any forwarding at all.
With plaintext DNS with ISP's own DNS server, those who can see the DNS
requests: ISP + anyone snooping on the exit.
With DNS-over-HTTPS with a DNS server other than ISP: Only DNS server can
see the requests (+ anyone who can force them to hand that data). ISP +
anyone snooping on the exit isn't included.
I think it's less, isn't it? The only problem is finding some trustworthy
DNS-over-HTTPS server (Google and Cloudflare are not okay).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25564#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs