privacyguides/privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

🌐 Website Issue | DNSCrypt tool vs protocol? #684

New Issue
Closed
opened 2018-12-22 20:30:11 +00:00 by Mikaela · 6 comments
Mikaela commented 2018-12-22 20:30:11 +00:00 (Migrated from github.com)
Copy Link

Description

DNSCrypt - Tool

A protocol for securing communications between a client and a DNS resolver. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver.

I think the word "Tool" is a bit misleading here as it's a protocol as the description mentions, but this may leave a confusion to the readers on which it is. I cannot think of a better word though, but wished to raise this issue.

## Description > DNSCrypt - Tool > > A protocol for securing communications between a client and a DNS resolver. The DNSCrypt protocol uses high-speed high-security elliptic-curve cryptography and is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver. I think the word "Tool" is a bit misleading here as it's a protocol as the description mentions, but this may leave a confusion to the readers on which it is. I cannot think of a better word though, but wished to raise this issue.
ghost commented 2018-12-23 11:48:05 +00:00 (Migrated from github.com)
Copy Link

DNSCrypt is a protocol and there are different implementations of it: https://dnscrypt.info/implementations/

So, the better wording might be "implementation" vs. "protocol".

Maybe, we should also mention DNS-over-HTTPS and DNS-over-TLS.

DNSCrypt is a protocol and there are different implementations of it: https://dnscrypt.info/implementations/ So, the better wording might be "implementation" vs. "protocol". Maybe, we should also mention DNS-over-HTTPS and DNS-over-TLS.
👍 1
beerisgood commented 2018-12-23 12:47:23 +00:00 (Migrated from github.com)
Copy Link

For DNS-over-TLS (DoT) we can use Stubby in combination with PiHole. Works great
The advantage is that clients (in that network) doesn't need any tool like DNSCrypt.

For DNS-over-TLS (DoT) we can use Stubby in combination with PiHole. Works great The advantage is that clients (in that network) doesn't need any tool like DNSCrypt.
Mikaela commented 2018-12-23 16:30:53 +00:00 (Migrated from github.com)
Copy Link

I don't know if implementation is any better word unless actual implementation is linked.

DNSCrypt-proxy also supports DNS over HTTPS, but don't have interest in DNS over TLS (https://github.com/jedisct1/dnscrypt-proxy/issues/68#issuecomment-362526814).

I don't know if implementation is any better word unless actual implementation is linked. DNSCrypt-proxy also [supports DNS over HTTPS](https://github.com/jedisct1/dnscrypt-proxy/blob/436125e812da5669f58cdf03019ec6878c33f5de/README.md#dnscrypt-proxy-2019-final-is-available-for-download), but don't have interest in DNS over TLS (https://github.com/jedisct1/dnscrypt-proxy/issues/68#issuecomment-362526814).
Atavic commented 2019-01-04 18:35:58 +00:00 (Migrated from github.com)
Copy Link

DNS is a protocol, while DNSCrypt in an implementation of encryption over DNS.

Although DNSCrypt site itself uses "protocol" that's not the correct term, see:

In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks.

Source

Wikipedia defines Hypertext Transfer Protocol Secure (HTTPS) as an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network.

Likewise, DNSCrypt is an extension of DNS and hopefully a soon-to-become standard like HTTPS has become.

*DNS* is a protocol, while *DNSCrypt* in an implementation of encryption over DNS. Although DNSCrypt site itself uses "protocol" that's not the correct term, see: > In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks. [Source](https://www.opendns.com/about/innovations/dnscrypt/) Wikipedia defines Hypertext Transfer Protocol Secure (HTTPS) as an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network. Likewise, DNSCrypt is an extension of DNS and hopefully a soon-to-become standard like HTTPS has become.
blacklight447 commented 2019-08-28 17:53:20 +00:00 (Migrated from github.com)
Copy Link

update on this, @mikeala ?

update on this, @mikeala ?
Mikaela commented 2019-08-28 18:28:23 +00:00 (Migrated from github.com)
Copy Link

No news, but looking at this again, I think I will:

  • delist DNSCrypt (protocol)
  • list DNSCrypt-proxy (software) as Local DNS server
  • I would mention DNSCrypt in terms, but it's already mentioned there.

Feel free to PR or take over or self-assign, my self-assignment is once again just a reminder for me to actually do this sometime.

No news, but looking at this again, I think I will: * delist DNSCrypt (protocol) * list DNSCrypt-proxy (software) as *Local DNS server* * I would mention DNSCrypt in terms, but it's already mentioned there. Feel free to PR or take over or self-assign, my self-assignment is once again just a reminder for me to actually do this sometime.
👍 2
This repo is archived. You cannot comment on issues.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🔍🤖 Search Engines
approved
approved, waiting for a PR
dependencies
Pull requests that update a dependency file
duplicate
feedback wanted
high priority
I2P
The Invisible Internet Project (I2P)
iOS
low priority
OS
Operating Systems
Self-contained networks
Social media
stale
A label for stalebot if it gets added
streaming
Anything related to media streaming.
todo
Tor
Anything covering the Tor network
WIP
active work in progress, do not merge or PR (yet)!
wontfix
Issues or bugs that will not be fixed and/or do not have significant impact on the project.
XMPP
Extensible Messaging and Presence Protocol
[m]
Matrix protocol
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
Browser Extension related issues
enhancement
software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
Correction of content on the website
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
Firefox & forks, about:config etc.
💻 hardware
🌐 hosting
🏠 housekeeping
Anything primarily related to site cleanup.
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
Virtual Private Network
🌐 website issue
*Technical* issues with the website.
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
Domain Name System
🗨️ instant messaging (im)
🇦🇶 translations
Anything covering a translated version of the site
No Label
enhancement
🌐 website issue
🗄️ DNS
Milestone
No items
No Milestone
Assignees
Clear assignees
jonah
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: privacyguides/privacytools.io#684
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?