From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tapani Tarvainen <ipfire@tapanitarvainen.fi>
To: development@lists.ipfire.org
Subject: Re: Should we block DoH by default?
Date: Wed, 04 Mar 2020 07:53:05 +0200
Message-ID: <20200304055305.GA26106@tarvainen.info>
In-Reply-To: <596BD1FF-1BCB-4184-A92C-86F19E6104FD@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============9109746434327649079=="
List-Id: <development.lists.ipfire.org>

--===============9109746434327649079==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

On Tue, Mar 03, 2020 at 05:18:57PM +0000, Michael Tremer (michael.tremer(a)ip=
fire.org) wrote:

> What we could do instead is adding a checkbox to the new DNS settings secti=
on and call it =E2=80=9CEnforce using IPFire as DNS resolver=E2=80=9D.
>=20
> That could then activate the following:
>=20
> * Filter the domain name that Firefox uses to auto-enable DoH (*)
>=20
> * Reject any client connecting to any other DNS server on the internet

I would be fine with that, although I'd prefer two separate checkboxes
for those. I can imagine situations where I'd want one or the other but
not both (admittedly not very likely).

--=20
Tapani Tarvainen

--===============9109746434327649079==--