Configurable DNS Servers #6532
Description
Context
Right now go-ipfs uses DNS provided by the operating system.
It brings serious downsides:
- DNS-based surveillance and censorship at ISP level (context)
- Browsing DNSLink websites in coffee shops is risky: We are unable to tell if the DNS query was resolved over unencrypted connection. Most of the DNS servers provided by public WiFis are plaintext. This means someone could do MITM on and inject malicious response, changing DNSLink etc. (feat: allow /ipns/webui.ipfs.io on api port #6530)
- Leaking plaintext queries in privacy-sensitive contexts (Disable DNSResolver option #5945, DNS leak when browser is set to use DoH or a proxy ipfs-companion#900)
Hardening DNS in go-ipfs
There are multiple steps to improve the situation, the basic ones would be:
- Stop using DNS provided by OS. We are unable to guarantee it uses TLS, it should never be used by go-ipfs.
- Pick a safe DNS over TLS (or HTTPS) provider and make it implicit default.
(see https://wiki.mozilla.org/Trusted_Recursive_Resolver for prior art) - Make it possible for users to override default DNS resolver via
DNS.*config- Ideally, we should support plaintext DNS (only on localhost), DNS over TLS and DNS over HTTPS.
- If we want to minimize the scope: focus on DNS over HTTPS (DoH). It works in browser, and we want to use it in js-ipfs (Support DNS over HTTPS helia-ipns#53) as replacement for calling
https://ipfs.io/api/v0/dnsall the time. - There should be a way to configure custom resolver per TLD or domain
- If we want to minimize the scope: focus on DNS over HTTPS (DoH). It works in browser, and we want to use it in js-ipfs (Support DNS over HTTPS helia-ipns#53) as replacement for calling
- Ideally, we should support plaintext DNS (only on localhost), DNS over TLS and DNS over HTTPS.
Ongoing work
- Proposal: Configurable DNS resolvers for human-readable names protocol/web3-dev-team#42: Proposal: configurable DNS resolvers for human-readable names
- 👉 this document is an updated problem statement and definition of the end user UX we aim for
- go-ipfs feat: support custom DoH resolvers #8068: support custom DoH resolvers, depends on:
- refactor Resolver to support custom per-TLD resolvers multiformats/go-multiaddr-dns#26: refactor: Resolver to support custom per-TLD resolvers
- DoH resolver implementation libp2p/go-doh-resolver#1: create DoH resolver
- make DNS resolver pluggable go-namesys#10: make DNS resolver pluggable, use new madns.BasicResolver interface
- option for custom dns resolver libp2p/go-libp2p#1073: option for custom dns resolver
-
add DNS interface interface-go-ipfs-core#69 - add custom DNS Resolver configuration go-ipfs-config#126: add custom DNS Resolver configuration
- Release go-libp2p 0.14.0 libp2p/go-libp2p#1079: go-libp2p release