[Dnsmasq-discuss] Implementation of DOH in dnsmasq
Geert Stappers
stappers at stappers.nl
Wed Jun 20 09:57:56 BST 2018
On Wed, Jun 20, 2018 at 10:11:53AM +0200, Nicolas Cavallari wrote:
> On 14/06/2018 22:32, Kurt H Maier wrote:
> > On Thu, Jun 14, 2018 at 09:38:42PM +0200, Mateusz Jo??czyk wrote:
> >>
> >> How difficult would it be to add support to DNS over HTTP/2.0 in dnsmasq, for
> >> example in constrained environments like home routers?
> >>
> >
> > This should be handled with a wrapper program. HTTP/2.0 is an enormous
> > and ill-defined specification and it would not be appropriate to bolt it
> > directly into dnsmasq. A dedicated HTTP/2.0 daemon can talk to dnsmasq
> > on the backend to provide this service. Home routers are not
> > particularly constrained in this regard, since they generally have web
> > services running to begin with.
>
> It's much more than that. To be secure, TLS requires time, entropy and a CA
> list. Many home routers fails at having all three, or require the DNS to get
> time and CAs...
>
> >> Please send any replies to the DoH mailing list at <doh at ietf.org>.
> >
> > Why?
>
> Because by doing so you will be subjected to the various IETF policies that
> applies to anyone participating on the IETF mailing list, which includes
> copyright grants, patents disclosure and other things that should be read by a
> lawyer.
>
No new text, just doing the
} Please send any replies to the DoH mailing list at <doh at ietf.org>.
Groeten
Geert Stappers
Subscriber of mailinglist dnsmasq-discuss at lists.thekelleys.org.uk
--
Leven en laten leven
More information about the Dnsmasq-discuss
mailing list