On Tue, 2020-06-09 at 23:54 +0200, nusenu wrote:
However, thinking about it, DNSSEC might be useful for caching DNS records on the client side.
caching has privacy implications and is therefore a risk.
So you are saying that caching is not an option in any case, right? Can I kindly ask you to elaborate on this? You don't have to write a long answer. A link pointing me to the answer would be more than enough. I just want to understand the reason behind this.
My vision for DNS privacy in Tor Browser: Be able to visit a HTTPS website without the exit relay learning what domain it was (encrypted DNS + encrypted SNI)
Makes sense. Which nameserver are you planning to use, since the used provider will get all Tor Browser DNS queries? Do you (the Tor project) plan to host your own DNS resolver(s)?
based on statements from Roger about what is the max. acceptable size of a single exit operator in terms of fraction of the network I'd assume that it is somewhat ok to use a single resolver operator for about 5% of the total exit traffic. That means we need at least 20 resolver operators, preferably 30. We could come up with requirements for them (Mozilla's DoH resolver requirements is a start) and make use of public privacy aware DNS resolver operators that meet the requirements. It might also be possible to ask well established exit operators to run DoH endpoints on their resolvers. This would have positive performance implications and increase the number of available DoH servers.
but finding resolvers is probably one of the smaller issues when compared to getting everything implemented in firefox/tor browser. Current versions do not even allow to set more than one resolver URL.
I see. Are there any tickets or design proposals I can contribute to?
Since you have no comments on my suggestion for an alternative approach, I assume that it is not worth to compare it to DoH, right?
kind regards, nusenu
BR Christian
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev