mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2026-07-07 08:54:54 +00:00
refactor: Ensure relative links are correct
This commit is contained in:
@@ -83,7 +83,7 @@ Encrypted DNS can refer to one of a number of protocols, the most common ones be
|
||||
|
||||
[**DNS over HTTPS**](https://en.wikipedia.org/wiki/DNS_over_HTTPS), as defined in [RFC 8484](https://datatracker.ietf.org/doc/html/rfc8484), packages queries in the [HTTP/2](https://en.wikipedia.org/wiki/HTTP/2) protocol and provides security with HTTPS. Support was first added in web browsers such as Firefox 60 and Chrome 83.
|
||||
|
||||
Native implementation of DoH showed up in iOS 14, macOS 11, Microsoft Windows, and Android 13 (however, it won't be enabled [by default](https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/1833144)). General Linux desktop support is waiting on the systemd [implementation](https://github.com/systemd/systemd/issues/8639) so [installing third-party software is still required](../../tools/services/dns/_index.md#encrypted-dns-proxies).
|
||||
Native implementation of DoH showed up in iOS 14, macOS 11, Microsoft Windows, and Android 13 (however, it won't be enabled [by default](https://android-review.googlesource.com/c/platform/packages/modules/DnsResolver/+/1833144)). General Linux desktop support is waiting on the systemd [implementation](https://github.com/systemd/systemd/issues/8639) so [installing third-party software is still required](../../../tools/services/dns/_index.md#encrypted-dns-proxies).
|
||||
|
||||
### Native Operating System Support
|
||||
|
||||
@@ -101,7 +101,7 @@ Apple does not provide a native interface for creating encrypted DNS profiles. [
|
||||
|
||||
#### Linux
|
||||
|
||||
`systemd-resolved`, which many Linux distributions use to do their DNS lookups, doesn't yet [support DoH](https://github.com/systemd/systemd/issues/8639). If you want to use DoH, you'll need to install a proxy like [dnscrypt-proxy](../../tools/services/dns/_index.md#dnscrypt-proxy) and [configure it](https://wiki.archlinux.org/title/Dnscrypt-proxy) to take all the DNS queries from your system resolver and forward them over HTTPS.
|
||||
`systemd-resolved`, which many Linux distributions use to do their DNS lookups, doesn't yet [support DoH](https://github.com/systemd/systemd/issues/8639). If you want to use DoH, you'll need to install a proxy like [dnscrypt-proxy](../../../tools/services/dns/_index.md#dnscrypt-proxy) and [configure it](https://wiki.archlinux.org/title/Dnscrypt-proxy) to take all the DNS queries from your system resolver and forward them over HTTPS.
|
||||
|
||||
## What can an outside party see?
|
||||
|
||||
@@ -131,7 +131,7 @@ We can see the [connection establishment](https://en.wikipedia.org/wiki/Transmis
|
||||
|
||||
## Why **shouldn't** I use encrypted DNS?
|
||||
|
||||
In locations where there is internet filtering (or censorship), visiting forbidden resources may have its own consequences which you should consider in your [threat model](../../basics/threat-modeling/_index.md). We do **not** suggest the use of encrypted DNS for this purpose. Use [Tor](../tor-overview/_index.md) or a [VPN](../../tools/services/vpn/_index.md) instead. If you're using a VPN, you should use your VPN's DNS servers. When using a VPN, you are already trusting them with all your network activity.
|
||||
In locations where there is internet filtering (or censorship), visiting forbidden resources may have its own consequences which you should consider in your [threat model](../../basics/threat-modeling/_index.md). We do **not** suggest the use of encrypted DNS for this purpose. Use [Tor](../tor-overview/_index.md) or a [VPN](../../../tools/services/vpn/_index.md) instead. If you're using a VPN, you should use your VPN's DNS servers. When using a VPN, you are already trusting them with all your network activity.
|
||||
|
||||
When we do a DNS lookup, it's generally because we want to access a resource. Below, we will discuss some of the methods that may disclose your browsing activities even when using encrypted DNS:
|
||||
|
||||
@@ -299,7 +299,7 @@ graph TB
|
||||
|
||||
Encrypted DNS with a third party should only be used to get around redirects and basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences, or you're interested in a provider that does some rudimentary filtering.
|
||||
|
||||
[List of recommended DNS servers](../../tools/services/dns/_index.md){ .md-button }
|
||||
[List of recommended DNS servers](../../../tools/services/dns/_index.md){ .md-button }
|
||||
|
||||
## What is DNSSEC?
|
||||
|
||||
|
||||
Reference in New Issue
Block a user