From: Bernhard Bitsch <Bernhard.Bitsch@gmx.de>
To: development@lists.ipfire.org
Subject: Aw: Re: Should we block DoH by default?
Date: Tue, 03 Mar 2020 14:58:20 +0100 [thread overview]
Message-ID: <trinity-2fe2ee85-83a3-48d4-87ba-13b6f7b290d9-1583243900256@3c-app-gmx-bap45> (raw)
In-Reply-To: <20200303131550.GE31441@tehanu.it.jyu.fi>
[-- Attachment #1: Type: text/plain, Size: 1386 bytes --]
> Gesendet: Dienstag, 03. März 2020 um 14:15 Uhr
> Von: "Tapani Tarvainen" <ipfire(a)tapanitarvainen.fi>
> An: development(a)lists.ipfire.org
> Betreff: Re: Should we block DoH by default?
>
> On Mar 03 11:47, Michael Tremer (michael.tremer(a)ipfire.org) wrote:
>
> > I do not want DoH. I do not like it.
>
> I want it and I like it and I think it will come anyway.
>
Maybe it comes anyway. Just as Google devices want to do DNS resolving on 8.8.8.8, without looking at the rules defined by DHCP etc.
Nevertheless this is no reason to allow it. In most countries vigilantism is not allowed, even when weapons are spread very widely in the society.
> > We could consider always blocking this domain and always return NXDOMAIN or something else that falls into the “negative” category.
> >
> > That way we can guarantee (at least for now) that Firefox users will still use the IPFire resolver.
> >
> > Would anybody be against this?
>
> I would. I don't want to be *forced* to use IpFire resolver.
>
But one task of an internet appliance like IPFire is just to force such local rules.
> If you something like that, at the very least it should be an option
> that can easily be turned off.
>
This is one aspect. On the other side such a feature like DoH should be turned on "silently".
---
Bernhard
> --
> Tapani Tarvainen
>
next prev parent reply other threads:[~2020-03-03 13:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-03 11:47 Michael Tremer
2020-03-03 12:55 ` Aw: " Bernhard Bitsch
2020-03-03 13:15 ` Tapani Tarvainen
2020-03-03 13:58 ` Bernhard Bitsch [this message]
2020-03-03 15:55 ` Tapani Tarvainen
2020-03-03 15:59 ` Arne Fitzenreiter
2020-03-03 16:06 ` Aw: Re: " Bernhard Bitsch
2020-03-03 17:18 ` Michael Tremer
2020-03-03 18:32 ` Peter Müller
2020-03-04 6:00 ` Tapani Tarvainen
2020-03-04 10:11 ` Michael Tremer
2020-03-04 10:56 ` Tapani Tarvainen
2020-03-04 10:58 ` Michael Tremer
2020-03-04 5:53 ` Tapani Tarvainen
2020-03-03 16:06 ` Arne Fitzenreiter
2020-03-03 14:09 ` Sorin-Mihai Vârgolici
2020-03-03 15:28 ` Peter Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=trinity-2fe2ee85-83a3-48d4-87ba-13b6f7b290d9-1583243900256@3c-app-gmx-bap45 \
--to=bernhard.bitsch@gmx.de \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox