[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5751 [Company]: Standardize SOCKS extensions to support proxied DNS queries
#5751: Standardize SOCKS extensions to support proxied DNS queries
---------------------+------------------------------------------------------
Reporter: rransom | Owner:
Type: project | Status: assigned
Priority: normal | Milestone:
Component: Company | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------+------------------------------------------------------
Changes (by rransom):
* status: new => assigned
* owner: phobos =>
Comment:
Replying to [comment:1 nickm]:
> Interesting idea. What working group has SOCKS under its purview?
I have no idea. There may not be one currently.
> One other possibility is that this will be attacked, on the theory that
"that's not what SOCKS is for". So we'll need to make the argument that
proxying a DNS request is something that SOCKS ought to be handling.
Local SOCKS proxies have become a popular way to direct an application's
outgoing connections through another computer without altering system-wide
network configuration. Some applications (such as XMPP clients) need to
perform custom DNS queries before they can decide what address and/or port
to connect to. If the local computer's DNS resolver is misconfigured or
broken, applications should be able to ask a proxy to handle DNS queries
for them.
(And I've already given an example that Tor doesn't support yet...)
Some applications need to find out what IP address their proxy will
connect them to when given a particular hostname.
> You're right about how we'll get opposed because our current thing
doesn't support all of DNS. One challenge there is that if we support all
of DNS, we might as well just open a DNS port. If we do all of DNS over
socks, applications would need to implement their own DNS resolvers, and
DNS is an annoyingly easy format to get wrong.
Even if Tor supports all of DNS over SOCKS, that's better for XMPP clients
and web browsers that are configured to use Tor as their SOCKS proxy than
a separate DNS port (which would need to be configured as the system
resolver in order to make applications use it).
I don't know which DNS queries (or replies) would be most useful in a DNS
subset yet.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5751#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs