Le samedi 09 novembre 2019 à 12:04 +0100, Nicolas Mailhot a écrit : > Le samedi 09 novembre 2019 à 11:09 +0100, Tomasz Torcz a écrit : > > On Thu, Nov 07, 2019 at 06:18:46PM +0100, Nicolas Mailhot via devel > > wrote: > > Here's a network management lesson for you: > > - run DoH resolver* not on ::1, but on IP available on your LAN > > - put above IP in DHCP and RA replies > > - bam! every device you mentioned uses DoH to resolve > > Using DoH? Nope. using evil unencrypted legacy DNS. So anything that > care for DoH as you seem to will reject the configuration > > You continue advocating half-assed setups that work for your case but > not others RFC 8484 (DoH) 3. Selection of DoH Server The DoH client is configured with a URI Template [RFC6570], which describes how to construct the URL to use for resolution. Configuration, discovery, and updating of the URI Template is done out of band from this protocol. So where is the specification for “Configuration, discovery, and updating of the URI Template” when delegation DoH selection to the network admin ? It's not specified. It does not exist. It's not adopted by any DoH app. All the entities pushing DoH retain the possibility to refuse implementing it if it does not fit their objectives. DoH is not finished from a management PoW. The only actual and concrete mecanism right now is using Google DoH whitelists. -- Nicolas Mailhot _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
