Contributed by Paul 'WEiRD' de Weerd on from the put-your-names-in-the-crypt dept.
On Monday, Otto (otto@
) committed a small but significant change to the Firefox port.
Date: Mon, 9 Sep 2019 12:50:35 -0600 (MDT) From: Otto Moerbeek <otto@[elided]> To: ports-changes@openbsd.org Subject: CVS: cvs.openbsd.org: ports Sender: owner-ports-changes@openbsd.org CVSROOT: /cvs Module name: ports Changes by: otto@cvs.openbsd.org 2019/09/09 12:50:35 Modified files: www/mozilla-firefox: Makefile www/mozilla-firefox/files: all-openbsd.js Log message: Disable DoH by default. While encrypting DNS might be a good thing, sending all DNS traffic to Cloudflare by default is not a good idea. Applications should respect OS configured settings. The DoH settings still can be overriden if needed. ok landry@ job@
If you are running your own DNS over HTTPS (DoH) server, you may want to point Firefox at it using the network.trr.uri
configuration option in about:config, and overriding the network.trr.mode
setting that Otto changed to 5
in this commit to 3
.
For more details on how to configure Firefox's use of DoH, please see their wiki.
(Comments are closed)
By mccoma (mccoma) on
Is there a package for OpenBSD to run your own DNS over HTTPS server?
Comments
By Otto Moerbeek (ottom) otto@drijf.net on
Not yet. unbound (in base) support DoT (DNS over TLS)
Th upcoming PowerDNS dnsdist 1.4.0 release will support both DoT and DoH. I expect it to be included in the packages for the upcoming OpenBSD 6.6 release.