Re: DOH (was: geolocation services disabled and Gnome maps)

To: debian-user@lists.debian.org
Subject: Re: DOH (was: geolocation services disabled and Gnome maps)
From: Liam O'Toole <liam.p.otoole@gmail.com>
Date: Mon, 13 Apr 2020 16:16:17 +0100
Message-id: <[🔎] 20200413151617.GC8807@dipsy.tubbynet>
Mail-followup-to: Liam O'Toole <liam.p.otoole@gmail.com>, debian-user@lists.debian.org
In-reply-to: <[🔎] E1jNz0F-0006kL-IW@enotuniq.net>
References: <[🔎] 20200412101045.GL7740@tuxteam.de> <[🔎] E1jNZjg-0001wc-LQ@enotuniq.net> <[🔎] 20200412103544.GM7740@tuxteam.de> <[🔎] E1jNaP5-0001xW-R0@enotuniq.net> <[🔎] CAD8GWssYFCR-YHvucyzYXDuaNw+Skhyrb9OKmrBJz_Puk88DMg@mail.gmail.com> <[🔎] E1jNrwI-0006AF-RV@enotuniq.net> <[🔎] 20200413081602.bcvnm23ijdgybopv@cbuster.nuvreauspam> <[🔎] E1jNvqk-0006TT-Uu@enotuniq.net> <[🔎] 20200413111444.GA8807@dipsy.tubbynet> <[🔎] E1jNz0F-0006kL-IW@enotuniq.net>

On Mon, 13 Apr, 2020 at 16:19:55 +0300, Reco wrote:
> On Mon, Apr 13, 2020 at 12:14:44PM +0100, Liam O'Toole wrote:
> > On Mon, 13 Apr, 2020 at 12:57:54 +0300, Reco wrote:
> > > 	Hi.
> > > 
> > > On Mon, Apr 13, 2020 at 11:16:02AM +0300, Andrei POPESCU wrote:
> > 
> > [...]
> > 
> > > > Whether DoH or DNS-over-TLS, you have to trust the DNS server.
> > > 
> > > Yup. That's why I have my own, and every Debian user can have their own
> > > too, using only free software.
> > > 
> > 
> > Pray tell us more. I use dnsmasq for clients on my LAN, but even that
> > has to use an upstream name server --- in my case the one provided by my
> > ISP.
> 
> 1) Rent yourself a VPS, install bind there (there's no DNS but bind).
> Replace bind with unbound if you need caching-only nameserver
> (caching-only bind is possible, but it's an overkill).
> 
> 2) Apply [1] to your dnsmasq.
> 
> 3) Your ISP gets a TLS tunneled DNS request (and they can't do anything
> about it), you get unmolested name resolution.
> 

[...]

Thanks for the detailed information.

I'm not familiar with bind. Does it work by consulting root name servers
directly?

Reply to:

Follow-Ups:
- Re: DOH
  - From: John Hasler <jhasler@newsguy.com>

References:
- Re: geolocation services disabled and Gnome maps
  - From: <tomas@tuxteam.de>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Reco <recoverym4n@enotuniq.net>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: <tomas@tuxteam.de>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Reco <recoverym4n@enotuniq.net>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Lee <ler762@gmail.com>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Reco <recoverym4n@enotuniq.net>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Reco <recoverym4n@enotuniq.net>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Liam O'Toole <liam.p.otoole@gmail.com>
- Re: DOH (was: geolocation services disabled and Gnome maps)
  - From: Reco <recoverym4n@enotuniq.net>

Prev by Date: Re: Debian is testing Discourse
Next by Date: Re: Unstable ==> Testing ==> Stable
Previous by thread: Re: DOH (was: geolocation services disabled and Gnome maps)
Next by thread: Re: DOH
Index(es):
- Date
- Thread