Jump to content
Not connected, Your IP: 3.138.114.38
AirVPN
Sign in to follow this  
Followers 0
zhang888

Seggestion: DNSCrypt nodes operated by AirVPN

By zhang888, ... in General & Suggestions

Recommended Posts

zhang888    1065

zhang888
Posted ...

Hello,

During the past year the DNScrypt project became very actively deployed, both on client OS (Win/*nix) and on some routers with OpenWRT/Pfsense.

 

For now, the availability of resolving servers there is very limited, most of them are provided by volunteers, including OpenNIC:

 

https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv

 

 

I suggest that if Air could "open" their own resolver to the public, it would be very helpful, here are some benefits:

 

1) The more users that will use those servers, the more anonymous Air's users will be. Since there will be a greater number of queries.

2) The Air client can be upgraded in the future to support this (optional), at least the official DNScrypt opensource client will include those servers for sure.

That means more decentralization, because your AirVPN exit node won't see your DNS queries anymore.

3) As I mentioned above, the servers are handling lots of queries and this could be an alternative way of donation to OpenNIC.

4) "Free" commercial for Air.

 

 

Thanks!

zsam288, OmniNegro and rickjames reacted to this

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post

Link to post

Staff    9771

Staff
Posted ...

Hello,

we know how DNScrypt works.

Every VPN server has its resolver. When an authoritative DNS receive a query from our server (for example Castor), actually may know (if it knows the Castor exit-IP address) that the domain is requested by an AirVPN customer. Absolutely no information about which customer.

 

Your suggestion doesn't really provide any benefit. And opening servers for public access (anyway even if limited to DNS) may expose them to other kind of troubles. Also it makes no sense to support DNScrypt in our client. When you are connected to the VPN, DNS queries are already encrypted. If you mean 'using DNScrypt when not connected to a VPN', this can be eventually done, but it sounds like bloatware, it's better to have a dedicated DNScrypt client.

What we might do is funding a DNScrypt resolver node on a dedicated server (that can resolve ICANN domains, OpenNIC domains and NameCoin domains at the same time, like our VPN servers) or a project for a better client. We'll think about that.

 

Kind regards

OmniNegro reacted to this

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...