On Mon, Sep 1, 2014, at 11:54, Mike Cardwell wrote:
> The exit nodes do the DNS requests. The client doesn't see an IP address.
> It connects to the Tor SOCKS interface and says, "connect me to hostname
> example.com on port N". It doesn't look up the IP address of
> "example.com"
> and *then* conn
On Mon, Sep 1, 2014, at 10:19, Артур Истомин wrote:
> On Mon, Sep 01, 2014 at 04:33:34PM +, David Stainton wrote:
> >
> > Dear merc1...@f-m.fm,
> >
> > Is DNSSEC is not evil? To me it seems like the 1984 of domain name
> > systems...
> > Please take a good look at the political implications
I am surprised to find that there is no form of DNSSEC associated with
TOR. I am running dnscrypt, but find that I fail the DNSSEC test at
http://dnssec.vs.uni-due.de/ when using the TBB. I have unbound chained
to dnscrypt which is on a rotary to 5 trusted DNS resolvers.
How can you not understa
Does anyone know why TOR does not use DNSSEC? The only documentation I
found on the TORProject website for DNS does not actually explain how
DNS works on TOR. I infer it must be TCP, as TOR can not do UDP, and I
imagine that relay nodes must be the resolvers in order to resolve
.onion domains.
