From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Should we block DoH by default? Date: Tue, 03 Mar 2020 11:47:00 +0000 Message-ID: <83D08EF2-A2BC-4759-9F69-E42BADBDA3C9@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7874468724464454389==" List-Id: --===============7874468724464454389== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, A post on the community portal has raised my attention today: https://community.ipfire.org/t/firefox-doh-and-ipfire-blocked-dns-ports/146= 6/3 The author links an article that explains how Firefox decides to enable DoH. I do not want DoH. I do not like it. Mozilla is doing something really really= bad here. We could consider always blocking this domain and always return NXDOMAIN or s= omething else that falls into the =E2=80=9Cnegative=E2=80=9D category. That way we can guarantee (at least for now) that Firefox users will still us= e the IPFire resolver. Would anybody be against this? -Michael --===============7874468724464454389==--