[talk] DNS over TLS
Brian Reynolds
nycbug-talk at reynolds.users.panix.com
Thu Sep 12 18:19:18 EDT 2019
George Rosamond wrote:
>
> If you haven't heard, Firefox is enabling DOT by default.
>
> I wasn't at the Vixie talk at vBSDCon on Friday, but apparently it is
> worth hearing. We need to get him to speak when he's in NYC.
>
> DOT means no more dns lookups over UDP to the locally configured
> resolvers, but all straight to Cloudflare.
It is my understanding that Paul Vixie was to talk about DNS over
HTTPS.
These both may have privacy and anonymity concerns, but I don't think
that they have the same concerns.
A meeting about both of these methods, and how we got here (i.e., why
not DNSSEC) would be a good one.
> This is the relevant js to change in any user.js config file to never
> use DOT:
>
> https://wiki.mozilla.org/Trusted_Recursive_Resolver
>
> pref("network.trr.mode", 5);
I think you can also change that in Firefox's about:config page. It
looks like you can change the resolver name an url also.
--
Brian Reynolds -- reynolds at panix.com
"Long ago, it was the way of my people to travel to the Moon. My people
travelled to the Moon in a ship called 'Apollo.' I tell the story of Apollo
in the hope that some day, my people will again travel to the Moon." P. Alway
More information about the talk
mailing list