@bortzmeyer @torproject this allows all old tools to have same level of encryption via Tor without waiting for DoT support. It takes UDP calls

@kushal @torproject Yes, but the proxy itself could as well use regular DoT over Tor, not Socks.

Do you mean that the proxy could accept requests over DoT? As well as making requests over DoT over Tor? Sounds like adding SOCKS support to an ordinary DoT resolver, for outgoing requests, while making sure that clients are not discriminated on origin. Adding a single-hop onion service would make it even better.

Clients would still have to know DoT, something I understand Kushal wants to avoid.
@kushal @torproject

@ln4711 @kushal @torproject No, regular DNS from the end clients to the proxy, and DoT or DoH (over Tor) to the resolver.



Few points: For any call to happen, you will have to use the SOCKS proxy to go over Tor. Next, I think you are asking for the dns-tor-proxy tool to do a DoT/DoH call to the upstream server. Those features will be added. But, even then it will use the SOCKS proxy to make sure calls because we want the data to flow over Tor network.

@ln4711 @torproject

· · Web · 0 · 0 · 1
Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!