-
It should return a 401, not 400.
-
A colluding client and target can currently use proxies to send anything. This might be worth noting in the security considerations.
-
The current implementation doesn't restrict users from using an Oblivious Proxy and an Oblivious Target run by the same organization. Doing so would allow the organization to put together the relevant…
-
Cloudflare & IETF released open sourced protocol proposals, ODoH and ECH. I was hoping that DuckDuckGo would review and adopt these in the future updates
Oblivious DNS over HTTPS: https://github.co…
ghost updated
3 years ago
-
As part of 61171f56d06c07c49f3733770e8b3dcf490484af, the `proxyEndpoint` constant was removed in favour of using the `queryEndpoint` for both proxy and target requests, and the default for the `queryE…
-
Starting a discussion to figure out reasonable failure modes of the server:
1. Query cannot be deserialized into an `ObliviousDoHMessage`
2. Unknown key ID of query
3. Query cannot be parsed in…
-
Sorry for an issue report with very less details as I couldn't able to reproduce the issue to generate more details. Still thought of logging an issue will be helpful.
I was trying with odoh-rs usi…
-
This issue probably dovetails into the discovery mechanism of the proxies and targets in ODOH. In order to prevent flooding issues (#108) it's probably necessary to establish some means of trust in th…
-
- Program: Authoritative
- Issue type: Bug report
### Short description
If you `sdig` an `HTTPS` record (or probably an `SVCB` record) with an unrecognized parameter, the param value is display…
-
Currently, a bad DNS request, note, *not* a DNS request that returns something like `NXDOMAIN`, just a straight up bad request like say `dns_msg = [1]`, returns a generic 400. Checking for this is som…