Back on-topic, I don't know whether the following is of any interest or not.
Mozilla now have a form of secure DNS in Firefox which can be enabled from
Preferences > General > Network Settings. This works by encapsulating DNS
queries in HTTPS ("DOH"), and it's intended to provide privacy by making it
impossible for ISPs & others to monitor and sell their customers' browsing
patterns. There's a move to make it the Firefox default.
It has three modes, mode-2 uses DOH if possible, otherwise reverting to normal
DNS, and mode-3 only uses DOH.
It obviously requires a DNS server which supports DOH. The default is one by
Cloudflare in San Franscisco who are said to have an agreement with Mozilla
which bans monitoring. In mode-3 DOH also requires a "bootstrap" DNS server to
look up Cloudflare.
However DOH only seems to work with the Cloudflare server, and in mode-3 it
only works with a bootstrap server having the odd IP address 1.1.1.1.
Looking up 1.1.1.1 in the APNIC 'whois' reveals the subnet 1.1.1.0-255 is
assigned to the "APNIC and Cloudflare DNS Resolver project"
Routed globally by AS13335/Cloudflare
Research prefix for APNIC Labs
6 Cordelia Street
Brisbane
Does anyone know anything about this? There are many DOH servers around the
world, for example <doh.securedns.eu> so DOH isn't new, and there's also
DNS-over-TLS which seems more elegant.
Do the spooks have a hand in all this?
David L.
_______________________________________________
Link mailing list
[email protected]
http://mailman.anu.edu.au/mailman/listinfo/link
