A hack to provide some privacy to DNS queries.
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
John-Mark Gurney 17dbcfa47d add tests/code for no answer and out of order answers pirms 10 mēnešiem
privrdns add tests/code for no answer and out of order answers pirms 10 mēnešiem
.gitignore initial work on privrdns... pirms 10 mēnešiem
Makefile initial work on privrdns... pirms 10 mēnešiem
NOTES.md add some basic code to do resolution.. pirms 10 mēnešiem
README.md add some text about DoH pirms 10 mēnešiem
requirements.txt initial work on privrdns... pirms 10 mēnešiem
setup.py add some basic code to do resolution.. pirms 10 mēnešiem

README.md

Privacy for recursive DNS

DNS is currently unsecured, and the IETF have only just started attempting to solve this problem, Signaling That an Authoritative DNS server offers DoT.

DoH doesn't actually solve the problem, it just centralizes it. Currently most [all] of the DoH providers have not undergone a third party audit, so there is no way to verify their claims that they are not logging or sending data somewhere. Even then, if they receive an NSL or other demand from a government, you will never know about the request. Most companies do not even notify you about a subpoena to let you have the option to quash it, so DoH just centralizes things making it easier for monitoring.

Even when Authoratative DoT is a thing, there will be plenty of domains that will take years, if not decades before it'll be rolled out.

One solution is to use tor to anonymize the DNS queries. This will only work w/ DNSSEC domains, though there is the option that a voting system could be used, say make 5 queries through different exit nodes, and if any of them disagree, do additional queries to validate the solution.