[tbb-bugs] #30753 [Applications/Tor Browser]: Think about using DNS over HTTPS for Tor Browser 9

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jun 5 08:22:35 UTC 2019


#30753: Think about using DNS over HTTPS for Tor Browser 9
--------------------------------------+--------------------------
 Reporter:  gk                        |          Owner:  tbb-team
     Type:  task                      |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  ff68-esr                  |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by teor):

 Replying to [comment:3 arma]:
 > What would "using DoH" look like here?
 >
 > If Tor clients are doing it themselves, then two more cons include:
 > * Several more round-trips across the Tor network for each web request,
 which would seem to be a huge performance penalty.
 > * Most every circuit will also include (start with?) a stream to a known
 destination, which would be...confusing in terms of anonymity but it
 doesn't strike me as good.
 >
 > If the exit relays are doing DoH on their own in order to resolve
 addresses that the clients ask for on the exit circuits, that seems much
 more workable to me, because it would let the exit relay cache and reuse
 answers for a while across all requestors, and because it would remove the
 need for the full Tor network round-trips just to do a resolve. But then
 it would become a different sort of ticket, more like "encourage Tor exit
 relay operators to change their local dns resolver to use a DoH option."

 We could also build a DoH library into tor, and use it by default on tor
 exits.
 But I don't know if the ecosystem is there yet. At this time, I'd be
 worried about single points of failure.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30753#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list