Comments (11)
jedisct1
commented on August 28, 2024
I'm not even sure that Google supports this yet. They have a service that returns responses as JSON results, but the actual DoH specification requires a way more efficient, binary format.
There must be some, but I'm not aware of any public DoH servers yet, even though some implementations exist. People are probably waiting for the final specification to be published.
from dnscrypt-proxy.
D1n0Bot
commented on August 28, 2024
Will u have plan to implement dns over tls?
from dnscrypt-proxy.
jedisct1
commented on August 28, 2024
No. DNS-over-TLS is useless, and will be quickly obsoleted by DoH.
from dnscrypt-proxy.
D1n0Bot
commented on August 28, 2024
Another question is why EDNS or SDNS? What are they? I tried Google.. I see extended dns and secure dns. Is that what they mean?
How are they got to do with DNSSEC? What is the advantage over the previous v1 with public key?
from dnscrypt-proxy.
jedisct1
commented on August 28, 2024
I have no idea what SDNS is.
EDNS is a standard mechanism to add features that DNS designers didn't think about 25 years ago.
v1 was too complicated and worked with a single protocol.
from dnscrypt-proxy.
D1n0Bot
commented on August 28, 2024
Coz I see your stamp is using sdns.
sdns://AQMAAAAAAAAAEjIxMi40Ny4yMjguMTM2OjQ0MyDoAbhOpga_sLrAzkNEW7FeumSwL6PEqjGuEGNqB5AyTR8yLmRuc2NyeXB0LWNlcnQuZnIuZG5zY3J5cHQub3Jn
So I am wondering what is this and what is the advantage in term of security and performance?
from dnscrypt-proxy.
jedisct1
commented on August 28, 2024
It’s like QR code for DNS.
from dnscrypt-proxy.
D1n0Bot
commented on August 28, 2024
In term of security and privacy, With http2, does isp know site I vistiting via dns?
Is the link between me and Google encrypted? Like dnscrypt?
What is different between dns over https and dns over http2?
from dnscrypt-proxy.
jedisct1
commented on August 28, 2024
It's called DNS-over-HTTPS, but, quoting section 7.1:
The minimum version of HTTP used by DOH SHOULD be HTTP/2 [RFC7540].
The messages in classic UDP based DNS [RFC1035] are inherently
unordered and have low overhead. A competitive HTTP transport needs
to support reordering, parallelism, priority, and header compression
to acheive similar performance. Those features were introduced to
HTTP in HTTP/2 [RFC7540]. Earlier versions of HTTP are capable of
conveying the semantic requirements of DOH but would result in very
poor performance for many uses cases.
HTTPS and HTTP2 are commonly intercepted by middleboxes "for security". DNSCrypt is not vulnerable to this, due to the static keys. But static keys can be implemented for HTTP2 as well, and dnscrypt-proxy implements this.
from dnscrypt-proxy.
D1n0Bot
commented on August 28, 2024
Does that mean now beta 11 is doing dns request via 443 instead of 53? In the example of using google dns (doh)
from dnscrypt-proxy.
jedisct1
commented on August 28, 2024
Yes. Same as DNSCrypt.
from dnscrypt-proxy.
Related Issues (20)
- go 1.21 HOT 1
- go 1.21 support HOT 4
- tls_key_log_file permissions HOT 2
- org site's content partially obsolete HOT 2
- forwarding-rules.txt not forwarding to ipv6 servers HOT 4
- Wiki Correction: Sources section missing in example-dnscrypt-proxy.toml HOT 1
- Errors encountered running generate-domains-blocklist.py on Fedora 38 HOT 2
- `odoh-relay.edgecompute.app` not compatible with ODoH latest spec? HOT 1
- Systemctl does not register dnscrypt-proxy.service on Ubuntu HOT 1
- Wiki Update for Listen Addresses Field Debian HOT 1
- [Feature Request] Ability to add rulesets and filterlists as sources. HOT 1
- Does this application work system wide? HOT 1
- Unix privilege escalation vulnerability & Windows UAC bypass HOT 23
- DNS64 responses are not cached HOT 2
- I went to the wrong website and got a browser error HOT 1
- Potential bug: dnscrypt-proxy does not go to "wait for network" after loss of connectivity HOT 4
- --list shows five servers.. startup does not always show those five (confused) HOT 1
- Cloaking rules also block MX and TXT records HOT 3
- Failed to set DNS configuration: Link lo is loopback device after Upgrade to Ubuntu 24.04 HOT 1
- Suggestion: reword documentation surrounding bootstrap resolvers HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dnscrypt-proxy.