From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tapani Tarvainen To: development@lists.ipfire.org Subject: Re: Should we block DoH by default? Date: Wed, 04 Mar 2020 07:53:05 +0200 Message-ID: <20200304055305.GA26106@tarvainen.info> In-Reply-To: <596BD1FF-1BCB-4184-A92C-86F19E6104FD@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============9109746434327649079==" List-Id: --===============9109746434327649079== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Tue, Mar 03, 2020 at 05:18:57PM +0000, Michael Tremer (michael.tremer(a)ip= fire.org) wrote: > What we could do instead is adding a checkbox to the new DNS settings secti= on and call it =E2=80=9CEnforce using IPFire as DNS resolver=E2=80=9D. >=20 > That could then activate the following: >=20 > * Filter the domain name that Firefox uses to auto-enable DoH (*) >=20 > * Reject any client connecting to any other DNS server on the internet I would be fine with that, although I'd prefer two separate checkboxes for those. I can imagine situations where I'd want one or the other but not both (admittedly not very likely). --=20 Tapani Tarvainen --===============9109746434327649079==--