DNS questions #2

Closed
opened 2019-08-24 08:25:40 +00:00 by mikaela · 4 comments
First-time contributor

Hi, we "met" earler at Cloudflare-tor and I would be interested in listing your DNS server at privacytools.io DNS section (edit: PTIO issue), but I have some questions:

  • Do you have any plans supporting DoT in port 443 for avoiding restrictive firewalls?
  • Do you perform DNSSEC validation?
  • Do you perform QNAME minimization? (I think Unbound does it by default, but you don't mention either it or DNSSEC on the page)
  • What is included in Unbound verbosity 1? Could you add an example to your privacy policy?

The checkboxes are Privacytools.io requirements, on logging the only requirement is not logging IP addresses during normal operation.

Hi, we "met" earler at [Cloudflare-tor](https://codeberg.org/crimeflare/cloudflare-tor/issues/28#issuecomment-5473) and I would be interested in listing your DNS server at [privacytools.io DNS section](https://www.privacytools.io/providers/dns/#icanndns) (edit: [PTIO issue](https://github.com/privacytoolsIO/privacytools.io/issues/1206)), but I have some questions: * Do you have any plans supporting DoT in port 443 for avoiding restrictive firewalls? * [ ] Do you perform DNSSEC validation? * [ ] Do you perform QNAME minimization? (I think Unbound does it by default, but you don't mention either it or DNSSEC on the page) * [ ] What is included in Unbound verbosity 1? Could you add an example to your privacy policy? The checkboxes are Privacytools.io requirements, on logging the only requirement is not logging IP addresses during normal operation.
Owner

I replied on the GitHub issue regarding this but I'll reply here as well. I plan to implement the missing features in the near future. However, I just started at uni and don't have much time so I'll keep this (and the other one) up to date with my progress.

I replied on the [GitHub issue](https://github.com/privacytoolsIO/privacytools.io/issues/1206) regarding this but I'll reply here as well. I plan to implement the missing features in the near future. However, I just started at uni and don't have much time so I'll keep this (and the other one) up to date with my progress.
Owner

TODO

  • DNSSEC validation
  • Check QNAME minimization
  • Explain Unbound verbosity in privacy policy

I set these up a while ago and I couldn't remember what I had configured. As I was looking around, I found that all the features requested are enabled; Unbound does DNSSEC validation and QNAME minimisation by default. I've added a new header on the DNS page with a list of the features as well as mentioned the Unbound verbosity in the Privacy Policy

### TODO - [x] DNSSEC validation - [x] Check QNAME minimization - [x] Explain Unbound verbosity in privacy policy I set these up a while ago and I couldn't remember what I had configured. As I was looking around, I found that all the features requested are enabled; Unbound does DNSSEC validation and QNAME minimisation by default. I've added a new header on the [DNS page](https://nixnet.xyz/dns) with a list of the features as well as mentioned the Unbound verbosity in the [Privacy Policy](https://nixnet.xyz/privacy)
Author
First-time contributor

Thanks for the responses :)

The only thing you didn't comment on is whether you have any plans for DoT on port 443? It's not a PTIO requirement, but it's a DoT server type I am seeing a shortage of.

Thanks for the responses :) The only thing you didn't comment on is whether you have any plans for DoT on port 443? It's not a PTIO requirement, but it's a DoT server type I am seeing a shortage of.
Owner

The only thing you didn’t comment on is whether you have any plans for DoT on port 443?

I did forget to respond to that 😅 It's been a long day haha. I will put something on port 443 but I don't know if that will be DoT or DoH yet.

> The only thing you didn’t comment on is whether you have any plans for DoT on port 443? I did forget to respond to that :sweat_smile: It's been a long day haha. I will put something on port 443 but I don't know if that will be DoT or DoH yet.
Sign in to join this conversation.
No Label
No Milestone
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: NixNet/NixNet#2
No description provided.