On Mon, Sep 28, 2020 at 11:11 am, Michael Catanzaro
<mcatanzaro@xxxxxxxxx> wrote:
Florian just linked to that same chromium.org page as evidence that
Chrome is not ignoring system DNS. :) Indeed, if you read the page,
they're only using DNS over HTTPS (DoH) if system DNS matches a
hardcoded list of providers that support DoH.
Hm, I guess your point remains though, because if Chrome does decide to
do its own DNS after it sees that your default DNS matches one of the
whitelisted providers, then of course trying to resolve hostnames that
need to be resolved by a different DNS is going to fail. E.g. if your
corporate VPN is configured to be used only for resources on its
network, I imagine it would fail.
Anyway, nothing we can do about that at the system level, other than
promote secure system DNS so applications don't have to do it
themselves with these hacks. I'll start typing up a change proposal to
enable DNS over TLS.
Michael
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
