[tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
Ralph Seichter
m16+tor at monksofcool.net
Tue Sep 12 20:55:39 UTC 2017
On 12.09.17 22:43, Igor Mitrofanov wrote:
> Every Tor relay can have a simple resolver built-in, and/or perhaps
> all Tor relays could be running a DHT-style global DNS cache.
"Simple resolver" won't do, IMO. It must be robust and fully DNSSEC
capable, which means reinventing the wheel. There is enough good DNS
resolver software available. Why invest time and effort in writing yet
another resolver, when the developer resources can be spent on Tor's
core functionality instead? I don't like the idea of feature creep.
> I am basically not sure if DNS is a high-priority vulnerability right
> now, or just a distraction.
That's what I am asking myself as well.
-Ralph
More information about the tor-relays
mailing list