03:37:55 <br-m> <pricebot:envs.net> 👋 Price Tracker & World Clock Bot
03:37:55 <br-m> <pricebot:envs.net> 📚 Available Commands:
03:37:55 <br-m> <pricebot:envs.net> • `?price <crypto>` - Get cryptocurrency price
03:37:55 <br-m> <pricebot:envs.net> • `?price <from> <to>` - Get exchange rate[... more lines follow, see https://mrelay.p2pool.observer/e/u67i7LgKQ2pZVzlH ]
04:39:24 <br-m> <shroomreactionary:matrix.org> Just use dnscrypt-proxy 
04:48:23 <DataHoarder> kill the bot
05:30:52 <br-m> <carlosat4:matrix.org> im.fluffychat://chat/#monero:monero.social
07:10:17 <br-m> <helene:unredacted.org> DataHoarder: the bot and whomever invited it, maybe? :p
07:52:35 <plowsof> 🔨
18:58:48 <Cindy> the public DNS parser in the source code is pretty thrown-together
19:06:13 <br-m> <ofrnxmr> Aw. you think its pretty? 💅
19:07:19 <br-m> <helene:unredacted.org> what counts is what's inside
19:22:37 <br-m> <eddie:oblak.be> so you're only going to allow DoT when running monerod?
19:23:27 <Cindy> i mean
19:23:31 <br-m> <eddie:oblak.be> then what if only DoH is allowed on my network?
19:24:07 <Cindy> you can switch back to regular DNS and use a DoH-to-DNS server? (like dnscrypt)
19:24:43 <br-m> <eddie:oblak.be> Yeah I don't think monerod should enforce how I do my DNS, that's all
19:24:52 <br-m> <eddie:oblak.be> I hate it when browsers attempt to do this
19:25:30 <Cindy> what about people who can't host their own DNS server
19:25:38 <Cindy> like say if they were using it within monero-wallet-gui
19:25:48 <Cindy> as it is implemented in my branch, it's off by default
19:26:05 <br-m> <eddie:oblak.be> it is good if monerod supports it, it should just not enforce it
19:26:50 <br-m> <eddie:oblak.be> in my opinion, that is
19:27:28 <br-m> <eddie:oblak.be> because then, which DNS servers are you going to enforce for everyone, Cloudflare's?
19:27:35 <Cindy> also btw this is a feature that already exists in unbound
19:27:39 <Cindy> i'm not adding additional bloat
19:27:58 <Cindy> eddie: it's a list of public DoH providers
19:28:00 <Cindy> DoT*
19:28:07 <br-m> <eddie:oblak.be> unbound is a dns server, monerod is not?
19:28:46 <Cindy> monerod uses libunbound to resolve domains
19:28:56 <Cindy> which is unbound in a library
19:29:08 <br-m> <eddie:oblak.be> ok, I see
19:29:10 <Cindy> this is done specifically for the hardcoded DNSSEC anchors
19:29:28 <br-m> <eddie:oblak.be> like I said, if it's optional I totally support it
19:29:34 <Cindy> yes it is
19:29:40 <br-m> <eddie:oblak.be> I don't mind if it would be the default
19:29:48 <br-m> <eddie:oblak.be> but I will turn it off :p
19:30:21 <br-m> <eddie:oblak.be> I totally get it for users that don't want to admin their network
19:30:53 <br-m> <helene:unredacted.org> it's more that 99% of users don't know anything about it or how it works
19:31:06 <Cindy> ^
19:31:23 <br-m> <eddie:oblak.be> yeah or that
19:32:01 <br-m> <eddie:oblak.be> which list of DoT servers, if I may ask?
19:32:05 <br-m> <eddie:oblak.be> is it curated?
19:32:38 <Cindy> i mean i do have to curate it
19:34:39 <br-m> <eddie:oblak.be> what if the access to certain DNS servers is blocked by the users' ISP and monerod isn't able to resolve anything
19:34:44 <br-m> <eddie:oblak.be> will it fallback ?
19:35:24 <br-m> <eddie:oblak.be> could there be a mechanism that randomizes the selected DNS server for each call? 
19:36:48 <br-m> <eddie:oblak.be> what if the user is on a network where the outbound port 853 is blocked (probably won't happen a lot on residential networks though)
19:37:40 <Cindy> this is why i wanted to do DoH
19:37:44 <Cindy> but unbound doesn't support it yet
19:37:55 <br-m> <eddie:oblak.be> No? I thought it does
19:37:58 <br-m> <eddie:oblak.be> I can be wrong
19:38:09 <br-m> <eddie:oblak.be> I also thing DoH is a better idea for such scenarios
19:39:41 <br-m> <eddie:oblak.be> You can use DoH with unbound but it needs an extra library nghttp2, it seems (and I am not looking at libunbound, for clarity)
19:39:47 <br-m> <eddie:oblak.be> https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html#using-doh
19:40:38 <br-m> <eddie:oblak.be> so maybe the lib doens't support it, that's sad :-)
19:45:08 <Cindy> that's for outbound DoH
19:45:21 <Cindy> like acting like a proxy between unencrypted DNS and DoH
19:45:31 <Cindy> not inbound/forwarding DoH
19:45:42 <br-m> <eddie:oblak.be> Yeah I understand
19:46:37 <br-m> <eddie:oblak.be> I though wrongly that DoH was possible in both directions
19:46:45 <br-m> <eddie:oblak.be> thought*
19:49:09 <Cindy> DoT is good enough tbh
19:49:29 <Cindy> because a ISP won't be able to tell if a user is specifically querying monero stuff
19:49:45 <br-m> <helene:unredacted.org> if we enter the DoH discussion we'll also end up entering the ECH discussion
19:50:43 <br-m> <eddie:oblak.be> I was more thinking in the event that DoT doesn't work for a user, which would cause monerod to malfunction, and considering that user is not technical, how will monerod either recover, or the user understand what is wrong
19:53:56 <br-m> <eddie:oblak.be> @helene:unredacted.org: That's not a concern with DoT? I hadn't even thought about that.µ
19:54:16 <br-m> <helene:unredacted.org> it's more difficult and less integrated with DoT
19:55:12 <Cindy> ECH is only a issue if there is a connection done with the queried server in question
19:55:15 <Cindy> TLS connection*
19:55:26 <Cindy> which, in the case of checkpoints and openalias, there is none
19:59:25 <br-m> <helene:unredacted.org> with some DoT and DoH setup, you can do ECH with the DNS provider itself (but almost no one supports that well)
21:22:34 <DataHoarder> 21:28:46 <Cindy> monerod uses libunbound to resolve domains
21:22:39 <DataHoarder> can you enable recursive mode? :D