discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: kevin <krattai AT gmail.com>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] DNS-over-TLS (was: DNSCrypt.org offline)
- Date: Mon, 08 Jan 2018 13:46:10 -0600
Sorry, I mis-spoke. Tenta did not acquire DNScyrpt.org nor
dnsprivacy.org
I think I've just been going through too much info and it's getting
messed up in my brain.
The dnsprivacy.org domain is registered to nlnetlabs.nl which promotes
open internet and open source, while it does have some corporate
interests that has sponsored certain projects, from time to time.
The dnsprivacy.org site points to tenta as a DNS security option in a
reference of interesting work.
dnsprivacy.org group was previously funded by Verisign and is currently
funded not just by nlnetlabs.nl, but also by OTF:
https://en.wikipedia.org/wiki/Open_Technology_Fund
Lots of red flags here for me, and if Tenta is truly public privacy
minded, I think it would be in their best interst to distance
themselves from the dnsprivacy.org project.
Kevin
On Mon, 2018-01-08 at 13:12 -0600, kevin wrote:
> So there's a lot of concern over DNSCrypt being lost. I'm a fan of
> alternatives and if the proposed DNS-over-TLS standard is being
> backed
> by large corporate money, then I have misgivings, of course.
>
> That said, the company that took over the DNSCrypt.org domain, which
> now points to dnsprivacy.org, claims to be an open source
> implementation of DNS-over-TLS.
>
> Tenta LLC, a company based in Seatle, which claims to have been in
> the
> software business for as many as 10 years, but has a stated employee
> base of 2, and was only registered in 2016, is the company that took
> over the DNSCrypt.org domain.
>
> Not sure if anyone realizes this, but Tenta claims to use OpenNIC DNS
> servers (look down the page to device configurations):
> https://tenta.com/dns-setup-guides
>
> Are the owner's of tenta LLC creeping this mailing list by any
> chance?
>
> Kevin
>
> On Mon, 2018-01-08 at 11:15 -0600, kevin wrote:
> >
> > nvm reaching out to Frank. I've gone back through the reddit
> > thread
> > and he's just abandoned it and is using a VPN. If it's any other
> > reason than he probably doesn't want people bothering about it any
> > more, he's being otherwise tight lipped.
> >
> > There is an up to date also at:
> > https://github.com/dyne/dnscrypt-proxy
> >
> > Kevin
> >
> > On Mon, 2018-01-08 at 11:06 -0600, kevin wrote:
> > >
> > >
> > > Who updated the DNSCrypt wikipedia? It's already pointing to
> > > FUSL's
> > > fork:
> > > https://en.wikipedia.org/wiki/DNSCrypt
> > >
> > > Google appears to be suggesting that Frank was the prior
> > > maintainer
> > > of
> > > what we were using. Has anyone been in contact with him? It's
> > > he
> > > that
> > > has removed the repository so he'd be the one to ask why it's
> > > gone
> > > and
> > > if we could get the post up to date code.
> > >
> > > https://github.com/jedisct1/
> > >
> > > He seems to be still quite active on other projects, so it's not
> > > like
> > > he dropped off the face of the earth with updates to repositories
> > > still
> > > ongoing as of today. Yecheng is still active as well.
> > >
> > > https://github.com/cofyc
> > >
> > > RFC is quite a process and it's hard to imagine that it will be
> > > adopted, but I suppose it's worth a try. But, it certainly
> > > doesn't
> > > have to be officially part of protocol. That would not help any
> > > on
> > > the
> > > implementation, it would just make it a standard that still
> > > requires
> > > someone to code an interpretation of use.
> > >
> > > Kevin
> > >
> > > On Mon, 2018-01-08 at 15:15 +0000, Rouben wrote:
> > > >
> > > >
> > > >
> > > > I doubt we’ll see any kind of stability from this unless:
> > > > a) we roll our own fork and assume maintenance over this
> > > > project
> > > > as
> > > > an
> > > > OpenNIC community project; the biggest issue here is to find
> > > > people
> > > > skilled
> > > > enough to keep this project alive, even on life support
> > > > (implement
> > > > security
> > > > patches for holes discovered and disclosed to us)
> > > > b) we somehow lobby to make this part of the DNS protocol
> > > > itself
> > > > (part of
> > > > the RFC) and therefore see these implemented as part of stock
> > > > DNS
> > > > server
> > > > implementations (bind, powerdns, etc)
> > > >
> > > > Rouben
> > > >
> > > > On Mon, Jan 8, 2018 at 08:04 Famicoman <famicoman AT gmail.com>
> > > > wrote:
> > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > It looks like the new site was an exiting dns-over-tls
> > > > > product,
> > > > > that has
> > > > > now acquired the dnscrypt.org domain. Sort of like if Pepsi
> > > > > went
> > > > > out of
> > > > > business so Coca Cola bought pepsi.com.
> > > > >
> > > > > It's definitely something to keep an eye on, but I find their
> > > > > own
> > > > > comparison article of dns-over-tls to dnscrypt quite vapid.
> > > > > There
> > > > > is little
> > > > > documentation on setup from a server perspective and things
> > > > > that
> > > > > they
> > > > > criticise dnscrypt for (a client app on the server machine
> > > > > and
> > > > > companion
> > > > > software on the server) are what they recommend for dns-over-
> > > > > tls
> > > > > via the
> > > > > "Stubby" resolver and nginx reverse proxies.
> > > > >
> > > > > On Jan 6, 2018 6:35 PM, "Rouben" <rouben AT rouben.net> wrote:
> > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > https://github.com/xuanhan863/dnscrypt-proxy
> > > > > > Looks like an old fork.
> > > > > >
> > > > > > It’s hard to believe there were no other forks of this repo
> > > > > > on
> > > > > > github.
> > > > > >
> > > > > > On Sat, Jan 6, 2018 at 18:02 kevin <krattai AT gmail.com>
> > > > > > wrote:
> > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Probably grab the zips and see if there is an open
> > > > > > > license. If
> > > > > > > so,
> > > > > > > then would likely be a good idea to put it back up to
> > > > > > > github
> > > > > > > as
> > > > > > > an open
> > > > > > > mirror. If there isn't indication that the original
> > > > > > > project
> > > > > > > doesn't
> > > > > > > resurface again, then hopefully someone can pick it up
> > > > > > > for
> > > > > > > further
> > > > > > > development.
> > > > > > >
> > > > > > > Kevin
> > > > > > >
> > > > > > > On Sat, 2018-01-06 at 20:35 +0000, Matthias Merkel wrote:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > The source code and binaries I mean
> > > > > > > >
> > > > > > > > On Sat, Jan 6, 2018, 9:34 PM Matthias Merkel <matthias@
> > > > > > > > bo
> > > > > > > > lt
> > > > > > > > n-
> > > > > > > > hosting.
> > > > > > > > com>
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Do you think we should put up a download mirror site
> > > > > > > > > with
> > > > > > > > > all the
> > > > > > > > > stuff we
> > > > > > > > > can find?
> > > > > > > > >
> > > > > > > > > On Sat, Jan 6, 2018, 9:28 PM Famicoman <famicoman@gma
> > > > > > > > > il
> > > > > > > > > .c
> > > > > > > > > om
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Internet archived captured *some* of the files from
> > > > > > > > > > their
> > > > > > > > > > download
> > > > > > > > > > directory:
> > > > > > > > > > https://web.archive.org/web/20170602214244/https://
> > > > > > > > > > do
> > > > > > > > > > wn
> > > > > > > > > > lo
> > > > > > > > > > ad.dnscr
> > > > > > > > > > ypt.org/
> > > > > > > > > >
> > > > > > > > > > Fossies has a mirror of the latest linux source,
> > > > > > > > > > but
> > > > > > > > > > I
> > > > > > > > > > can't find
> > > > > > > > > > any
> > > > > > > > > > verification/signature files to go with it,
> > > > > > > > > > https://fossies.org/linux/misc/dns/dnscrypt-proxy-1
> > > > > > > > > > .9
> > > > > > > > > > .5
> > > > > > > > > > .t
> > > > > > > > > > ar.gz/
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > On Sat, Jan 6, 2018 at 3:23 PM, kevin <krattai@gmai
> > > > > > > > > > l.
> > > > > > > > > > co
> > > > > > > > > > m>
> > > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > I've seen this happen when someone sells
> > > > > > > > > > > intellectual
> > > > > > > > > > > property. The
> > > > > > > > > > > source is taken down by the original project
> > > > > > > > > > > owner.
> > > > > > > > > > >
> > > > > > > > > > > You might want to check github to see if anyone
> > > > > > > > > > > had
> > > > > > > > > > > cloned the
> > > > > > > > > > > project.
> > > > > > > > > > > It might eventually be further developed as a
> > > > > > > > > > > fork,
> > > > > > > > > > > depending
> > > > > > > > > > > on what
> > > > > > > > > > > the license was.
> > > > > > > > > > >
> > > > > > > > > > > Kevin
> > > > > > > > > > >
> > > > > > > > > > > On Sat, 2018-01-06 at 15:04 -0500, Famicoman
> > > > > > > > > > > wrote:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > It looks like the DNSCrypt site and github
> > > > > > > > > > > > project
> > > > > > > > > > > > are gone
> > > > > > > > > > > > as of
> > > > > > > > > > > > today.
> > > > > > > > > > > >
> > > > > > > > > > > > There is a reddit thread speculating that
> > > > > > > > > > > > jedisct1
> > > > > > > > > > > > has given
> > > > > > > > > > > > up the
> > > > > > > > > > > > project. Sort of strange to take it off of
> > > > > > > > > > > > github
> > > > > > > > > > > > though,
> > > > > > > > > > > > https://www.reddit.com/r/privacy/comments/7oiu9
> > > > > > > > > > > > f/
> > > > > > > > > > > > wh
> > > > > > > > > > > > at
> > > > > > > > > > > > _happene
> > > > > > > > > > > > d_to_dns
> > > > > > > > > > > > crypt/
> > > > > > > > > > > >
> > > > > > > > > > > > Anyone have any more information? dnscrypt-
> > > > > > > > > > > > wrapper
> > > > > > > > > > > > is
> > > > > > > > > > > > still
> > > > > > > > > > > > on github
> > > > > > > > > > > > and
> > > > > > > > > > > > working, and for the time being, dnscrypt-proxy
> > > > > > > > > > > > is
> > > > > > > > > > > > still
> > > > > > > > > > > > available
> > > > > > > > > > > > through
> > > > > > > > > > > > apt under debian.
> > > > > > > > > > > >
> > > > > > > > > > > > --------
> > > > > > > > > > > > You are a member of the OpenNIC Discuss list.
> > > > > > > > > > > > You may unsubscribe by emailing discuss-
> > > > > > > > > > > > unsubscribe
> > > > > > > > > > > > @l
> > > > > > > > > > > > ists.ope
> > > > > > > > > > > > nnicproj
> > > > > > > > > > > > ect.org
> > > > > > > > > > > --------
> > > > > > > > > > > You are a member of the OpenNIC Discuss list.
> > > > > > > > > > > You may unsubscribe by emailing
> > > > > > > > > > > discuss-unsubscribe AT lists.opennicproject.org
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > --------
> > > > > > > > > > You are a member of the OpenNIC Discuss list.
> > > > > > > > > > You may unsubscribe by emailing
> > > > > > > > > > discuss-unsubscribe AT lists.opennicproject.org
> > > > > > > > > >
> > > > > > > > > --
> > > > > > > > >
> > > > > > > > > Matthias Merkel
> > > > > > > > > CTO
> > > > > > > > > BoltN Hosting Limited
> > > > > > > > > https://boltn-hosting.com
> > > > > > > > > Company registration number 11081979
> > > > > > > > >
> > > > > > > > --------
> > > > > > > > You are a member of the OpenNIC Discuss list.
> > > > > > > > You may unsubscribe by emailing discuss-unsubscribe@lis
> > > > > > > > ts
> > > > > > > > .o
> > > > > > > > pe
> > > > > > > > nnicproj
> > > > > > > > ect.org
> > > > > > > --------
> > > > > > > You are a member of the OpenNIC Discuss list.
> > > > > > > You may unsubscribe by emailing
> > > > > > > discuss-unsubscribe AT lists.opennicproject.org
> > > > > > >
> > > > > > --
> > > > > >
> > > > > > Rouben
> > > > > >
> > > > > >
> > > > > >
> > > > > > --------
> > > > > > You are a member of the OpenNIC Discuss list.
> > > > > > You may unsubscribe by emailing
> > > > > > discuss-unsubscribe AT lists.opennicproject.org
> > > > > >
> > > > > >
> > > > > --------
> > > > > You are a member of the OpenNIC Discuss list.
> > > > > You may unsubscribe by emailing
> > > > > discuss-unsubscribe AT lists.opennicproject.org
> > > > >
> > > > --------
> > > > You are a member of the OpenNIC Discuss list.
> > > > You may unsubscribe by emailing discuss-unsubscribe AT lists.openn
> > > > ic
> > > > pr
> > > > oj
> > > > ect.org
- Re: [opennic-discuss] DNSCrypt.org is offline, (continued)
- Re: [opennic-discuss] DNSCrypt.org is offline, Famicoman, 01/06/2018
- Message not available
- Re: [opennic-discuss] DNSCrypt.org is offline, Matthias Merkel, 01/06/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, kevin, 01/06/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, Rouben, 01/06/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, Famicoman, 01/08/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, Rouben, 01/08/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, kevin, 01/08/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, kevin, 01/08/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, kevin, 01/08/2018
- [opennic-discuss] DNS-over-TLS (was: DNSCrypt.org offline), kevin, 01/08/2018
- Re: [opennic-discuss] DNS-over-TLS (was: DNSCrypt.org offline), kevin, 01/08/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, Rouben, 01/06/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, kevin, 01/06/2018
- Re: [opennic-discuss] DNSCrypt.org is offline, Matthias Merkel, 01/06/2018
- Message not available
- Re: [opennic-discuss] DNSCrypt.org is offline, Famicoman, 01/06/2018
- Message not available
- Re: [opennic-discuss] DNSCrypt.org is offline, Famicoman, 01/06/2018
Archive powered by MHonArc 2.6.19.