[tor-bugs] #30753 [Applications/Tor Browser]: Think about using DNS over HTTPS for Tor Browser 9
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 15 09:24:54 UTC 2019
#30753: Think about using DNS over HTTPS for Tor Browser 9
--------------------------------------+--------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff68-esr | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by cypherpunks):
Tor Browser needs DoT (DNS over Tor network), i.e. not DNS
server/proxy/cache on Tor client as it was before, but DNS service,
provided by the Tor network itself (like consensus, etc).
DoH (DNS over HTTPS) might be useful for exit nodes (to exclude MiTM in
exit<->DNS server), but as you mentioned you'd like to move the trust zone
out of the Tor network (exit nodes), then we'd really have problems with
trust! Moving it to SPoF like Google/CF/etc is not an option.
DoO (DNS over Onion) which was mentioned by cpunk above has similar
drawbacks.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30753#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list