[tor-dev] Tor and DNS

Ondrej Mikle ondrej.mikle at gmail.com
Sun Feb 5 03:38:51 UTC 2012

On 02/01/2012 10:01 AM, Jacob Appelbaum wrote:
> That sounds good. I'll wait for the first draft and send feedback.

First draft is ready here:


Hopefully I reflected all the main points made in the DNS threads. There are a
few TODOs I couldn't decide what the best course of action would be (usually
options are listed).

I tried to keep Tor as much "DNS/DNSSEC-agnostic" as possible. There exists a
combination of answers to the TODOs that Tor won't have to touch the DNSSEC
part, except for calling ub_resolve ;-) And DNS packet itself would be touched
only in the DNSPort/SOCKS part (but still no fiddling with DNSSEC part).


More information about the tor-dev mailing list