AdGuardDNS
AdGuardDNS copied to clipboard
Oblivious DNS over HTTPS RFC 9230
Issue Details
Issue raised for a day when ODoH is no longer experimental. I presume being privacy focused, AdGuard will want to include this protocol in their lineup.
https://www.rfc-editor.org/info/rfc9230
Abstract This document describes a protocol that allows clients to hide their IP addresses from DNS resolvers via proxying encrypted DNS over HTTPS (DoH) messages. This improves privacy of DNS operations by not allowing any one server entity to be aware of both the client IP address and the content of DNS queries and answers.
This experimental protocol has been developed outside the IETF and is published here to guide implementation, ensure interoperability among implementations, and enable wide-scale experimentation.
Proposed solution
No response
Alternative solution
No response
This one's good question. We should probably support ODoH on the client side, i.e. in DnsLibs and dnsproxy/AdGuard Home, but I am not entirely sure about the ODoH proxy implementation and whether we should do this or not.
dnsproxy task: https://github.com/AdguardTeam/dnsproxy/issues/332