Gesendet: Dienstag, 03. März 2020 um 14:15 Uhr Von: "Tapani Tarvainen" ipfire@tapanitarvainen.fi An: development@lists.ipfire.org Betreff: Re: Should we block DoH by default?
On Mar 03 11:47, Michael Tremer (michael.tremer@ipfire.org) wrote:
I do not want DoH. I do not like it.
I want it and I like it and I think it will come anyway.
Maybe it comes anyway. Just as Google devices want to do DNS resolving on 8.8.8.8, without looking at the rules defined by DHCP etc. Nevertheless this is no reason to allow it. In most countries vigilantism is not allowed, even when weapons are spread very widely in the society.
We could consider always blocking this domain and always return NXDOMAIN or something else that falls into the “negative” category.
That way we can guarantee (at least for now) that Firefox users will still use the IPFire resolver.
Would anybody be against this?
I would. I don't want to be *forced* to use IpFire resolver.
But one task of an internet appliance like IPFire is just to force such local rules.
If you something like that, at the very least it should be an option that can easily be turned off.
This is one aspect. On the other side such a feature like DoH should be turned on "silently".
--- Bernhard
-- Tapani Tarvainen