[tor-bugs] #25564 [Community/Relays]: DNS-over-HTTPS for exit relays
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 21 12:40:34 UTC 2018
#25564: DNS-over-HTTPS for exit relays
------------------------------+------------------------
Reporter: cypherpunks | Owner: Nusenu
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Community/Relays | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+------------------------
Comment (by cypherpunks):
Replying to [comment:1 cypherpunks]:
> Yes, I had the same idea but I came to the conclusion that it is worse
since you give all data to 3th party (your DNS-over-HTTPS resolver)
instead of not using any forwarding at all.
With plaintext DNS with ISP's own DNS server, those who can see the DNS
requests: ISP + anyone snooping on the exit.
With DNS-over-HTTPS with a DNS server other than ISP: Only DNS server can
see the requests (+ anyone who can force them to hand that data). ISP +
anyone snooping on the exit isn't included.
I think it's less, isn't it? The only problem is finding some trustworthy
DNS-over-HTTPS server (Google and Cloudflare are not okay).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25564#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list