NixNet
/
NixNet
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

DNS questions #2

New Issue
Closed
opened 2019-08-24 08:25:40 +00:00 by mikaela · 4 comments
mikaela commented 2019-08-24 08:25:40 +00:00
First-time contributor
Copy Link

Hi, we "met" earler at Cloudflare-tor and I would be interested in listing your DNS server at privacytools.io DNS section (edit: PTIO issue), but I have some questions:

  • Do you have any plans supporting DoT in port 443 for avoiding restrictive firewalls?
  • Do you perform DNSSEC validation?
  • Do you perform QNAME minimization? (I think Unbound does it by default, but you don't mention either it or DNSSEC on the page)
  • What is included in Unbound verbosity 1? Could you add an example to your privacy policy?

The checkboxes are Privacytools.io requirements, on logging the only requirement is not logging IP addresses during normal operation.

Hi, we "met" earler at [Cloudflare-tor](https://codeberg.org/crimeflare/cloudflare-tor/issues/28#issuecomment-5473) and I would be interested in listing your DNS server at [privacytools.io DNS section](https://www.privacytools.io/providers/dns/#icanndns) (edit: [PTIO issue](https://github.com/privacytoolsIO/privacytools.io/issues/1206)), but I have some questions: * Do you have any plans supporting DoT in port 443 for avoiding restrictive firewalls? * [ ] Do you perform DNSSEC validation? * [ ] Do you perform QNAME minimization? (I think Unbound does it by default, but you don't mention either it or DNSSEC on the page) * [ ] What is included in Unbound verbosity 1? Could you add an example to your privacy policy? The checkboxes are Privacytools.io requirements, on logging the only requirement is not logging IP addresses during normal operation.
Amolith commented 2019-08-25 15:37:42 +00:00
Owner
Copy Link

I replied on the GitHub issue regarding this but I'll reply here as well. I plan to implement the missing features in the near future. However, I just started at uni and don't have much time so I'll keep this (and the other one) up to date with my progress.

I replied on the [GitHub issue](https://github.com/privacytoolsIO/privacytools.io/issues/1206) regarding this but I'll reply here as well. I plan to implement the missing features in the near future. However, I just started at uni and don't have much time so I'll keep this (and the other one) up to date with my progress.
Amolith commented 2019-08-25 16:28:21 +00:00
Owner
Copy Link

TODO

  • DNSSEC validation
  • Check QNAME minimization
  • Explain Unbound verbosity in privacy policy

I set these up a while ago and I couldn't remember what I had configured. As I was looking around, I found that all the features requested are enabled; Unbound does DNSSEC validation and QNAME minimisation by default. I've added a new header on the DNS page with a list of the features as well as mentioned the Unbound verbosity in the Privacy Policy

### TODO - [x] DNSSEC validation - [x] Check QNAME minimization - [x] Explain Unbound verbosity in privacy policy I set these up a while ago and I couldn't remember what I had configured. As I was looking around, I found that all the features requested are enabled; Unbound does DNSSEC validation and QNAME minimisation by default. I've added a new header on the [DNS page](https://nixnet.xyz/dns) with a list of the features as well as mentioned the Unbound verbosity in the [Privacy Policy](https://nixnet.xyz/privacy)
👍 1 ❤️ 1
mikaela commented 2019-08-25 20:32:07 +00:00
Author
First-time contributor
Copy Link

Thanks for the responses :)

The only thing you didn't comment on is whether you have any plans for DoT on port 443? It's not a PTIO requirement, but it's a DoT server type I am seeing a shortage of.

Thanks for the responses :) The only thing you didn't comment on is whether you have any plans for DoT on port 443? It's not a PTIO requirement, but it's a DoT server type I am seeing a shortage of.
Amolith commented 2019-08-25 20:44:58 +00:00
Owner
Copy Link

The only thing you didn’t comment on is whether you have any plans for DoT on port 443?

I did forget to respond to that 😅 It's been a long day haha. I will put something on port 443 but I don't know if that will be DoT or DoH yet.

> The only thing you didn’t comment on is whether you have any plans for DoT on port 443? I did forget to respond to that :sweat_smile: It's been a long day haha. I will put something on port 443 but I don't know if that will be DoT or DoH yet.
👍 1 ❤️ 1
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: NixNet/NixNet#2
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?