tor/changes/prop205-simplified

26 lines
1.3 KiB
Plaintext
Raw Normal View History

o Major features (client-side DNS):
- The updating and usage of DNS cache is now configurable on a
per- client-port level. SOCKSPort, DNSPort, etc lines may now
contain {No,}Cache{IPv4,IPv6,}DNS lines to indicate that we
shouldn't cache these types of DNS answers when we receive them
from an exit node in response to a request from this port, and
{No,}UseCached{IPv4,IPv6,DNS} lines to indicate that if we have
cached DNS answers of these types, we shouldn't use them. It's
potentially risky to use cached DNS answers at the client,
since doing so can indicate to one exit
what answers we've gotten for DNS lookups in the past. With
IPv6, this becomes especially problematic. Using cached DNS
answers for requests on the same circuit would present less
linkability risk, since all traffic on a circuits is already
linkable, but it would also provide little performance benefit:
the exit node caches DNS replies too. Implements a simplified
version of Proposal 205. Implements ticket #7570.
o Disabled features:
- Client-side use of the DNS cache is now off by default. See "Major
features (client-side DNS)" for more information. Implements a
simplified version of Proposal 205. Implements ticket #7570.