Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS over TLS #66

Closed
bassosimone opened this issue Oct 1, 2019 · 7 comments
Closed

DNS over TLS #66

bassosimone opened this issue Oct 1, 2019 · 7 comments
Assignees
@simonfrey
Labels
new experiment Implementation of a new experiment

Comments

@bassosimone
Copy link
Contributor

This can be easily done by using https://github.com/ooni/netx.
@bassosimone bassosimone added new experiment Implementation of a new experiment P1 labels Oct 1, 2019
@bassosimone bassosimone added this to the new-nettests milestone Oct 2, 2019
@simonfrey
Copy link

I would like to work on this one, but as I am completely new to ooni, what is a DoT?

@bassosimone
Copy link
Contributor Author

DoT is DNS over TLS. We want to specify a OONI test that resolves a domain name using this protocol and returns the results. We optionally want to include into the results low-level data from the netx OONI library, but this we can also do after we've all the plumbing in place.

I tried to sketch out what the MVP probably looks like:

  • create a new file in https://github.com/ooni/spec/tree/master/nettests that describes the objective of this new experiment (nettest is a synonymous of experiment, btw). The main things that the spec should do are (1) describe the purpose of the experiment, (2) describe what input the experiment takes, (3) describe the output (or result or measurement) of the experiment. A good blueprint to start with is the tcp_connect spec.

  • write a first prototype of the experiment that uses netx to resolve a specific domain name using a specific DoT resolver. By default we can probably use dns.quad9.net as resolver. The blueprint of a simple experiment is the experiment/example/example.go. See cmd/dnsclient for a simple piece of Go that shows how to use netx functionality to perform DoT lookups.

  • once you have the netx-provided result of the DoT lookup, use this data to fill the measurement structure that you have defined inside the spec

  • write a simple integration test for this functionality

Cheers!

@bassosimone
Copy link
Contributor Author

bassosimone commented Oct 5, 2019
edited
Loading

Oh, BTW, since you said you are completely new to OONI: we're an open source project that measures interference to internet traffic (e.g. a specific website being blocked). In this issue, we want to introduce this new experiment for measuring whether the DoT protocol is working in a specific ISP, or, if it is blocked, how it is blocked. You can read more on OONI at https://ooni.torproject.org/about/.

@bassosimone bassosimone mentioned this issue Oct 6, 2019
Closed
@bassosimone bassosimone changed the title Specify and write DoT experiment DNS over TLS Oct 6, 2019
@bassosimone bassosimone removed this from the new-experiments-otfy2 milestone Oct 7, 2019
@bassosimone bassosimone mentioned this issue Oct 7, 2019
Closed
6 tasks
@bassosimone
Copy link
Contributor Author

@simonfrey do you need further assistance with this?

@bassosimone
Copy link
Contributor Author

@simonfrey I have implemented a similar experiment (DNS over HTTPS). You can see at what I did and use it as a blueprint for implementing DNS over TLS.

The new spec I added is in ooni/spec#158 and the implementation is in #94.

@simonfrey
Copy link

Thanks for all that input! I will checkout all of it tomorrow

@bassosimone bassosimone mentioned this issue Oct 8, 2019
Closed
@bassosimone
Copy link
Contributor Author

Was part of #87 and has been implemented as an automatic followup in github.com/ooni/netx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simonfrey simonfrey

Labels
new experiment Implementation of a new experiment
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bassosimone @hellais @simonfrey