From 0f150c88b886920d3a3562f112f02e3333fc307d Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sat, 14 Aug 2021 12:28:38 +0200 Subject: [PATCH] Squashed commit of the following: commit ad7a3f18c32bbc3cd313946d609b88239a50d98c Author: Frank Denis Date: Sat Aug 14 12:28:07 2021 +0200 Sign commit 6b131aa3b437b7a715cad9d26fe3e5728e64c94a Author: Frank Denis Date: Sat Aug 14 12:26:59 2021 +0200 Add a deprecation notice for the combined odoh list commit b4c1e163b4a49e1bc04710e4c76e91372f9ab3b1 Author: Frank Denis Date: Fri Aug 13 23:17:01 2021 +0200 Shorten commit 3ca629f6cd9874b6758e6d0d2fac769258f6cdd9 Author: Frank Denis Date: Fri Aug 13 22:13:31 2021 +0200 The Fastly ODoH relay now supports more targets commit 1320ad854c831353e25cd025c4f272cd867cae81 Author: Frank Denis Date: Fri Aug 13 21:55:56 2021 +0200 Rename odoh.md -> odoh-servers.md commit 7b6b9bd050f2dc7a8bd637a54b90531b61872dd4 Author: Frank Denis Date: Fri Aug 13 19:15:03 2021 +0200 Split ODoH servers and relays --- utils/format.py | 6 +++- v3/odoh-relays.md | 51 ++++++++++++++++++++++++++++ v3/odoh-relays.md.minisig | 4 +++ v3/odoh-servers.md | 68 ++++++++++++++++++++++++++++++++++++++ v3/odoh-servers.md.minisig | 4 +++ v3/odoh.md | 13 ++++++-- v3/odoh.md.minisig | 6 ++-- 7 files changed, 145 insertions(+), 7 deletions(-) create mode 100644 v3/odoh-relays.md create mode 100644 v3/odoh-relays.md.minisig create mode 100644 v3/odoh-servers.md create mode 100644 v3/odoh-servers.md.minisig diff --git a/utils/format.py b/utils/format.py index 1961967e..e0068bc3 100755 --- a/utils/format.py +++ b/utils/format.py @@ -201,7 +201,11 @@ If you want to contribute changes to a resolvers list, only edit files from the # Legacy - if os.path.basename(md_path) == "odoh.md": + if ( + os.path.basename(md_path) == "odoh.md" + or os.path.basename(md_path) == "odoh-relays.md" + or os.path.basename(md_path) == "odoh-servers.md" + ): md_legacy_path = md_path else: with open(md_legacy_path) as f: diff --git a/v3/odoh-relays.md b/v3/odoh-relays.md new file mode 100644 index 00000000..0422b8d9 --- /dev/null +++ b/v3/odoh-relays.md @@ -0,0 +1,51 @@ +# Oblivious DoH relays list + +Oblivious DNS-over-HTTPS relays. + +By convention, entries whose name start with `odohrelay-` prefix are *relays* and names with an `odoh-` prefix are servers that can be reached through ODoH relays. + +Note that ODoH relays cannot be used with DNSCrypt servers, and DNSCrypt relays cannot be used to connect to ODoH servers. + +ODoH relays can also only connect to servers supporting the ODoH protocol, not regular DoH servers. + +In other words, only combine ODoH relays with ODoH servers. + +To use that list, add this to the `[sources]` section of your `dnscrypt-proxy.toml` configuration file: + + [sources.'odoh-relays'] + urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-relays.md'] + minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + cache_file = 'odoh-relays.md' + +-- + + +## odohrelay-ams + +Oblivious DoH relay in The Netherlands. No logs. + +sdns://hQcAAAAAAAAADTUxLjE1LjEyNC4yMDgAGG9kb2gtbmwuYWxla2JlcmcubmV0OjQ0MwYvcHJveHk + + +## odohrelay-bcn + +Oblivious DoH relay in Spain. No logs. + +sdns://hQcAAAAAAAAADjE4NS4yNTMuMTU0LjY2ABhvZG9oLWVzLmFsZWtiZXJnLm5ldDo0NDMGL3Byb3h5 + + +## odohrelay-crypto-sx + +Oblivious DoH relay running on Fastly Compute@Edge. +Maintained by Frank Denis. + +sdns://hQcAAAAAAAAAACCi3jNJDEdtNW4tvHN8J3lpIklSa2Wrj7qaNCgEgci9_BpvZG9oLXJlbGF5LmVkZ2Vjb21wdXRlLmFwcAEv + + +## odohrelay-surf + +SURFdomeinen oblivious DoH relay. +https://www.surf.nl + +sdns://hQcAAAAAAAAACjE0NS4wLjYuNTMgEbEC5rH2PlKJhNYCXzKxOCQfyIu9dRlXTXDJgy1T4egVb2RvaDEuc3VyZmRvbWVpbmVuLm5sBi9wcm94eQ + diff --git a/v3/odoh-relays.md.minisig b/v3/odoh-relays.md.minisig new file mode 100644 index 00000000..15f41ec1 --- /dev/null +++ b/v3/odoh-relays.md.minisig @@ -0,0 +1,4 @@ +untrusted comment: signature from minisign secret key +RWQf6LRCGA9i508YDZwVv9v5CFqYcd+58vPa71pGtwkABeJGdm4Sxp98uBexkmtlMEC0HNAoys6J/OYP91t3+qn2fzJuOobxgg8= +trusted comment: timestamp:1628889416 file:odoh-relays.md +GU0uEqHmCU4bbgozUHwLr/X+WPsu5bkU0q4B7BJQtAIWELJJL5S8VSCWaCXaq7FNm7zWTCHmVMeVNtNOdarSBw== diff --git a/v3/odoh-servers.md b/v3/odoh-servers.md new file mode 100644 index 00000000..461206c5 --- /dev/null +++ b/v3/odoh-servers.md @@ -0,0 +1,68 @@ +# Oblivious DoH servers list + +Oblivious DNS-over-HTTPS servers. + +Connecting to these can only be done via a relay from the odoh-relays list. + +To use that list, add this to the `[sources]` section of your `dnscrypt-proxy.toml` configuration file: + + [sources.'odoh'] + urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh.md'] + minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + cache_file = 'odoh.md' + +-- + + +## odoh-ams + +Oblivious DoH target server in The Netherlands. No logs, No filter, DNSSEC. + +sdns://BQcAAAAAAAAAGG9kb2gtdGFyZ2V0LmFsZWtiZXJnLm5ldAovZG5zLXF1ZXJ5 + + +## odoh-cloudflare + +Cloudflare ODoH server. +https://cloudflare.com + +sdns://BQcAAAAAAAAAF29kb2guY2xvdWRmbGFyZS1kbnMuY29tCi9kbnMtcXVlcnk + + +## odoh-crypto-sx + +ODoH target server. Anycast, no logs. +Backend hosted by Scaleway. Maintained by Frank Denis. + +sdns://BQcAAAAAAAAADm9kb2guY3J5cHRvLnN4Ci9kbnMtcXVlcnk + + +## odoh-id-gmail + +ODoH target server. Based in Singapore, no logs. +Filter ads, trackers and malware. + +sdns://BQMAAAAAAAAADGRvaC50aWFyLmFwcAUvb2RvaA + + +## odoh-jp.tiar.app + +ODoH target server. no logs. + +sdns://BQcAAAAAAAAAC2pwLnRpYXIuYXBwBS9vZG9o + + +## odoh-jp.tiarap.org + +ODoH target server via Cloudflare, no logs. + +sdns://BQcAAAAAAAAADWpwLnRpYXJhcC5vcmcFL29kb2g + + +## odoh-tiarap.org + +ODoH target server via Cloudflare, no logs. +Filter ads, trackers and malware. + +sdns://BQMAAAAAAAAADmRvaC50aWFyYXAub3JnBS9vZG9o + diff --git a/v3/odoh-servers.md.minisig b/v3/odoh-servers.md.minisig new file mode 100644 index 00000000..6b9fbe91 --- /dev/null +++ b/v3/odoh-servers.md.minisig @@ -0,0 +1,4 @@ +untrusted comment: signature from minisign secret key +RWQf6LRCGA9i5+YeAyhCQua/+5oVt/09oVoRn5IxYkmeR7T3J/OCGl4yCPGe4e1GY9qZvSEnGqEX9tvpYNHsbrQpkRGiihFTgQk= +trusted comment: timestamp:1628884538 file:odoh-servers.md +TnkZ+w/5Q65F3a3ynqCs8BkwvteqHrSEAx7Kq8ioeQseYZ0BfdTtnovotvh/D1LvfBwtskLrhzFZXet0GMIUCg== diff --git a/v3/odoh.md b/v3/odoh.md index dc3908fc..9f1df7f3 100644 --- a/v3/odoh.md +++ b/v3/odoh.md @@ -1,4 +1,12 @@ -# Oblivious DoH servers and relays list +# *** THIS LIST IS DEPRECATED *** + +It was only used by 2.0.46 beta versions, and has since be split into +the `odoh-servers` and `odoh-relays` lists. + +Please update your configuration to use these two new lists instead, +as the combined list is going to be removed soon. + +~~~ Oblivious DNS-over-HTTPS servers and relays. @@ -89,8 +97,7 @@ sdns://hQcAAAAAAAAADjE4NS4yNTMuMTU0LjY2ABhvZG9oLWVzLmFsZWtiZXJnLm5ldDo0NDMGL3Byb ## odohrelay-crypto-sx -Oblivious DoH relay, just for testing purposes. -Backend written in Zig, running on Fastly Compute@Edge. +Oblivious DoH relay running on Fastly Compute@Edge. Maintained by Frank Denis. sdns://hQcAAAAAAAAAACCi3jNJDEdtNW4tvHN8J3lpIklSa2Wrj7qaNCgEgci9_BpvZG9oLXJlbGF5LmVkZ2Vjb21wdXRlLmFwcAEv diff --git a/v3/odoh.md.minisig b/v3/odoh.md.minisig index 00cde490..d4f7e617 100644 --- a/v3/odoh.md.minisig +++ b/v3/odoh.md.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RWQf6LRCGA9i514QRePQbgEpnapoioAZK9VxtCsW0DQGy1iReo69ehakUu+nZo9tgrYsKe6H6QGpgkC6jpXnPW3Fb+nPxmhAFQg= -trusted comment: timestamp:1628885660 file:odoh.md -zKNd/FVSpVzCYiUbTOl/hzUmIIil/hwtcJBDIdcgp9otNUy1x2Max0T+gHXpsEeBnzAqI9OH83HAWO/9AXWkBg== +RWQf6LRCGA9i569yRTngck49Wg978ytGAFRU7Rnq4JJ6/68sRgWmOVG6DELMVR/e/+ZFzUzQIdkUTg1BOdC0EGKDAjBeEcmqYgo= +trusted comment: timestamp:1628936916 file:odoh.md +WUYe53o/GZueUWS9XumxEENLY6AY5nzUsBSCJvdwKLzX2skCYgLYSSnkcAtMSHYLBCCVQCM6aSO/Npz572leAg==