<pricebot:envs.net> 👋 Price Tracker & World Clock Bot

<pricebot:envs.net> 📚 Available Commands:

<pricebot:envs.net> • `?price <crypto>` - Get cryptocurrency price

<pricebot:envs.net> • `?price <from> <to>` - Get exchange rate[... more lines follow, see mrelay.p2pool.observer/e/u67i7LgKQ2pZVzlH ]

<shroomreactionary:matrix.org> Just use dnscrypt-proxy

kill the bot

<carlosat4:matrix.org> im.fluffychat://chat/#monero:monero.social

<helene:unredacted.org> DataHoarder: the bot and whomever invited it, maybe? :p

🔨

the public DNS parser in the source code is pretty thrown-together

<ofrnxmr> Aw. you think its pretty? 💅

<helene:unredacted.org> what counts is what's inside

<eddie:oblak.be> so you're only going to allow DoT when running monerod?

i mean

<eddie:oblak.be> then what if only DoH is allowed on my network?

you can switch back to regular DNS and use a DoH-to-DNS server? (like dnscrypt)

<eddie:oblak.be> Yeah I don't think monerod should enforce how I do my DNS, that's all

<eddie:oblak.be> I hate it when browsers attempt to do this

what about people who can't host their own DNS server

like say if they were using it within monero-wallet-gui

as it is implemented in my branch, it's off by default

<eddie:oblak.be> it is good if monerod supports it, it should just not enforce it

<eddie:oblak.be> in my opinion, that is

<eddie:oblak.be> because then, which DNS servers are you going to enforce for everyone, Cloudflare's?

also btw this is a feature that already exists in unbound

i'm not adding additional bloat

eddie: it's a list of public DoH providers

DoT*

<eddie:oblak.be> unbound is a dns server, monerod is not?

monerod uses libunbound to resolve domains

which is unbound in a library

<eddie:oblak.be> ok, I see

this is done specifically for the hardcoded DNSSEC anchors

<eddie:oblak.be> like I said, if it's optional I totally support it

yes it is

<eddie:oblak.be> I don't mind if it would be the default

<eddie:oblak.be> but I will turn it off :p

<eddie:oblak.be> I totally get it for users that don't want to admin their network

<helene:unredacted.org> it's more that 99% of users don't know anything about it or how it works

^

<eddie:oblak.be> yeah or that

<eddie:oblak.be> which list of DoT servers, if I may ask?

<eddie:oblak.be> is it curated?

i mean i do have to curate it

<eddie:oblak.be> what if the access to certain DNS servers is blocked by the users' ISP and monerod isn't able to resolve anything

<eddie:oblak.be> will it fallback ?

<eddie:oblak.be> could there be a mechanism that randomizes the selected DNS server for each call?

<eddie:oblak.be> what if the user is on a network where the outbound port 853 is blocked (probably won't happen a lot on residential networks though)

this is why i wanted to do DoH

but unbound doesn't support it yet

<eddie:oblak.be> No? I thought it does

<eddie:oblak.be> I can be wrong

<eddie:oblak.be> I also thing DoH is a better idea for such scenarios

<eddie:oblak.be> You can use DoH with unbound but it needs an extra library nghttp2, it seems (and I am not looking at libunbound, for clarity)

<eddie:oblak.be> unbound.docs.nlnetlabs.nl/en/latest…ivacy/dns-over-https.html#using-doh

<eddie:oblak.be> so maybe the lib doens't support it, that's sad :-)

that's for outbound DoH

like acting like a proxy between unencrypted DNS and DoH

not inbound/forwarding DoH

<eddie:oblak.be> Yeah I understand

<eddie:oblak.be> I though wrongly that DoH was possible in both directions

<eddie:oblak.be> thought*

DoT is good enough tbh

because a ISP won't be able to tell if a user is specifically querying monero stuff

<helene:unredacted.org> if we enter the DoH discussion we'll also end up entering the ECH discussion

<eddie:oblak.be> I was more thinking in the event that DoT doesn't work for a user, which would cause monerod to malfunction, and considering that user is not technical, how will monerod either recover, or the user understand what is wrong

<eddie:oblak.be> @helene:unredacted.org: That's not a concern with DoT? I hadn't even thought about that.µ

<helene:unredacted.org> it's more difficult and less integrated with DoT

ECH is only a issue if there is a connection done with the queried server in question

TLS connection*

which, in the case of checkpoints and openalias, there is none

<helene:unredacted.org> with some DoT and DoH setup, you can do ECH with the DNS provider itself (but almost no one supports that well)

21:28:46 <Cindy> monerod uses libunbound to resolve domains

can you enable recursive mode? :D