I was wondering about how beneficial DNS Crypt or DNS Privacy would be for relays. Is anyone using any kind of encryption for their DNS queries on their relay?
https://networkfilter.blogspot.com/2017/04/be-your-own-vpn-provider-with-openbsd-v2.html#dns shows how to set up multiple dnscrypt proxies on openbsd for redundancy (with a local instance of unbound as well). Any benefit to doing something like this? Regards Chuck On 08/06/2017 10:47 PM, Philipp Winter wrote: > On Sun, Aug 06, 2017 at 04:03:53PM -0400, Dennis Emory Hannon wrote: >> Guide is meant for debian/linux users >> http://backplanedns.org/TOR_exit_dns_resolver_howto.htm > > I think the solution to Google seeing so many DNS requests is more > nuanced. A single organisation seeing that many request is certainly > problematic but so is random ASs on the Internet seeing the same > requests -- which is what happens when you resolve a domain name on the > exit relay. We also want low query latency and integrity, which > Google's resolver happens to be good at. > > While we can quantify all these properties, there is no easy way to > compare them against each other. Do you prefer an exit relay that uses > Google or one that exposes your queries to numerous ASs, and is also > more likely to be poisoned? > > On a more optimistic note, the DNS privacy project is doing some > promising work that exit relays may benefit from: > <https://dnsprivacy.org> > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
