search

rthalley / dnspython

a powerful DNS toolkit for python
http://www.dnspython.org
Other
2.46k stars 518 forks source link

Support Oblivious DNS over HTTPS (RFC 9230) #880

Closed dpatel1411 closed 1 year ago

dpatel1411 commented 1 year ago

Motivation Recently Apple started using Oblivious DNS over HTTPS for their Private Relay Feature. It would be good to have this support.

Describe the solution you'd like. Similar to other supported protocol, it would be similar to dns.query.https but follows Oblivious DoH Protocol.

nicki-krizek commented 1 year ago
  1. RFC 9230 is not on a standards track, it is experimental
  2. There is quite an additional complexity that would be introduced by implementing ODoH client
  3. In case you're worried about exposing HTTP metadata in DoH, you can use DoT/DoQ. If you're worried about exposing your IP, you can use Tor/VPN.

I suggest carefully considering whether implementing and maintain this complex feature is worth it.

rthalley commented 1 year ago

I'm not familiar with all that is involved, so I'll research that and then say more.

rthalley commented 1 year ago

After consideration, I don't think now is the right time to add this to dnspython, so I will close this issue for now.