dns: document usage profiles & Android automatic mode #1242
No reviewers
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1242
Loading…
Reference in New Issue
No description provided.
Delete Branch "privatedns-dot-profiles"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
Resolves: #1239
Check List
Deploy preview for privacytools-io ready!
Built with commit
b9ab242203
https://deploy-preview-1242--privacytools-io.netlify.com
@madosss What do you think of this suggestion?
Oh, should https://tools.ietf.org/html/draft-ietf-dprive-dtls-and-tls-profiles-01 be linked somewhere?
I’m wondering if there is a better place for this. Do these modes also apply to DoH? I’m thinking they would, but primarily related to Firefox's TRR about:config modes, yeah? Would it make sense to link the about:config section here under DoH?
No, the modes are part of Authentication and (D)TLS Profile for DNS-over-TLS and DNS-over-DTLS for now which is one of the two DoT RFCs everyone (Google Developer documentation) cites.
I think this is currently a big benefit for DoT over DoH (but as you know DoH leads in censorship resistance), but this is hopefully changing as per Centralized DNS over HTTPS (DoH) Implementation Issues and Risks.
Firefox's
about:config
or evennetwork.trr.mode
is just something Mozilla/Firefox has thought of, even if they may havestolentook inspiration from DoT.Ah gotcha, thanks for the clarity!
LGTM besides small comment 👍🏼
Should we hyperlink the tooltip to point to SSLrip? Maybe to give users more info?
Any suggestions where to hyperlink it to?
We mean sslstrip yeah? We could link to Moxie’s (author) site: https://moxie.org/software/sslstrip/
I am not entirely sure about that. Is there any more generic term for SSL removing attack or are the available words SSLstrip (typo fixed) and MITM attack? I haven't tested the tool, which only talks about https, but I think the principle is same.
Ah sorry; I think the vulnerability is just "SSL Strip." We could also link to Moxie's overview video.
I will fix the name, but I am not entirely happy about the idea of linking to that video either as it's so long and it's nothing specific to DoT. Could we leave it as it is as curious people can type it to their favourite search engine and learn a lot anyway?
Would this be more proper English, or is it fine?
You’re right, yeah, agree 👍🏼
Either is fine 👍🏼