Firefox default DoH

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Firefox default DoH

Otto Moerbeek
Hi,

Firefox will change (for US based users as a start) its default DNS to
be DoH to Cloudflare.

https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/

I dont't think we should ship it like that.

Are there any plans to disable that for our port?

I think (hope) including network.trr.mode=5 in all-openbsd.js should be
enough.

Thanks,

        -Otto


Reply | Threaded
Open this post in threaded view
|

Re: Firefox default DoH

Landry Breuil-5
On Sun, Sep 08, 2019 at 01:19:56PM +0200, Otto Moerbeek wrote:

> Hi,
>
> Firefox will change (for US based users as a start) its default DNS to
> be DoH to Cloudflare.
>
> https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/
>
> I dont't think we should ship it like that.
>
> Are there any plans to disable that for our port?
>
> I think (hope) including network.trr.mode=5 in all-openbsd.js should be
> enough.

I personally have zero interest in bikeshedding this, so i'd go for
whatever ppl want. i'm fine with 5, but i think all-openbsd.js only
applies to *new* profiles, unsure about that. Someone (not me) should
test.

Landry

Reply | Threaded
Open this post in threaded view
|

Re: Firefox default DoH

Otto Moerbeek
On Sun, Sep 08, 2019 at 09:03:27PM +0200, Landry Breuil wrote:

> On Sun, Sep 08, 2019 at 01:19:56PM +0200, Otto Moerbeek wrote:
> > Hi,
> >
> > Firefox will change (for US based users as a start) its default DNS to
> > be DoH to Cloudflare.
> >
> > https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/
> >
> > I dont't think we should ship it like that.
> >
> > Are there any plans to disable that for our port?
> >
> > I think (hope) including network.trr.mode=5 in all-openbsd.js should be
> > enough.
>
> I personally have zero interest in bikeshedding this, so i'd go for
> whatever ppl want. i'm fine with 5, but i think all-openbsd.js only
> applies to *new* profiles, unsure about that. Someone (not me) should
> test.
>
> Landry

I'll try to do that,

        -Otto

Reply | Threaded
Open this post in threaded view
|

Re: Firefox default DoH

Otto Moerbeek
In reply to this post by Landry Breuil-5
On Sun, Sep 08, 2019 at 09:03:27PM +0200, Landry Breuil wrote:

> On Sun, Sep 08, 2019 at 01:19:56PM +0200, Otto Moerbeek wrote:
> > Hi,
> >
> > Firefox will change (for US based users as a start) its default DNS to
> > be DoH to Cloudflare.
> >
> > https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/
> >
> > I dont't think we should ship it like that.
> >
> > Are there any plans to disable that for our port?
> >
> > I think (hope) including network.trr.mode=5 in all-openbsd.js should be
> > enough.
>
> I personally have zero interest in bikeshedding this, so i'd go for
> whatever ppl want. i'm fine with 5, but i think all-openbsd.js only
> applies to *new* profiles, unsure about that. Someone (not me) should
> test.
>
> Landry

So I tested that the setting below works:

1. New profile gets new default
2. Existing profile gets new default if user did not set it previously
3. Existing profile is not overriden if user set it previously.

A user mailed me privately and confirmed this,

So I think that is what we want,

OK?

        -Otto

Index: Makefile
===================================================================
RCS file: /cvs/ports/www/mozilla-firefox/Makefile,v
retrieving revision 1.392
diff -u -p -r1.392 Makefile
--- Makefile 6 Sep 2019 15:27:26 -0000 1.392
+++ Makefile 9 Sep 2019 07:57:57 -0000
@@ -10,7 +10,7 @@ MOZILLA_BRANCH = release
 MOZILLA_PROJECT = firefox
 MOZILLA_CODENAME = browser
 
-REVISION= 0
+REVISION= 1
 
 WRKDIST = ${WRKDIR}/${MOZILLA_DIST}-${MOZILLA_DIST_VERSION:C/b[0-9]*//}
 HOMEPAGE = https://www.mozilla.org/firefox/
Index: files/all-openbsd.js
===================================================================
RCS file: /cvs/ports/www/mozilla-firefox/files/all-openbsd.js,v
retrieving revision 1.9
diff -u -p -r1.9 all-openbsd.js
--- files/all-openbsd.js 29 Jan 2019 21:03:19 -0000 1.9
+++ files/all-openbsd.js 9 Sep 2019 07:57:57 -0000
@@ -12,3 +12,4 @@ pref("security.sandbox.pledge.content","
 pref("extensions.pocket.enabled", false);
 pref("browser.newtabpage.enabled", false);
 pref("browser.startup.homepage", "about:blank");
+pref("network.trr.mode", 5);

Reply | Threaded
Open this post in threaded view
|

Re: Firefox default DoH

Job Snijders-2
On Mon, Sep 09, 2019 at 10:22:53AM +0200, Otto Moerbeek wrote:
> So I tested that the setting below works:
>
> 1. New profile gets new default
> 2. Existing profile gets new default if user did not set it previously
> 3. Existing profile is not overriden if user set it previously.
>
> A user mailed me privately and confirmed this,
>
> So I think that is what we want,

Elegant solution. I suspect you'll need to keep monitoring whether '5'
does today what it'll do tomorrow.

> OK?

OK job@

Reply | Threaded
Open this post in threaded view
|

Re: Firefox default DoH

Otto Moerbeek
On Mon, Sep 09, 2019 at 12:47:30PM +0200, Job Snijders wrote:

> On Mon, Sep 09, 2019 at 10:22:53AM +0200, Otto Moerbeek wrote:
> > So I tested that the setting below works:
> >
> > 1. New profile gets new default
> > 2. Existing profile gets new default if user did not set it previously
> > 3. Existing profile is not overriden if user set it previously.
> >
> > A user mailed me privately and confirmed this,
> >
> > So I think that is what we want,
>
> Elegant solution. I suspect you'll need to keep monitoring whether '5'
> does today what it'll do tomorrow.

Yeah, do not trust upstream and verify ;-)

>
> > OK?
>
> OK job@
>

Reply | Threaded
Open this post in threaded view
|

Re: Firefox default DoH

Landry Breuil-5
In reply to this post by Otto Moerbeek
On Mon, Sep 09, 2019 at 10:22:53AM +0200, Otto Moerbeek wrote:

> On Sun, Sep 08, 2019 at 09:03:27PM +0200, Landry Breuil wrote:
>
> > On Sun, Sep 08, 2019 at 01:19:56PM +0200, Otto Moerbeek wrote:
> > > Hi,
> > >
> > > Firefox will change (for US based users as a start) its default DNS to
> > > be DoH to Cloudflare.
> > >
> > > https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/
> > >
> > > I dont't think we should ship it like that.
> > >
> > > Are there any plans to disable that for our port?
> > >
> > > I think (hope) including network.trr.mode=5 in all-openbsd.js should be
> > > enough.
> >
> > I personally have zero interest in bikeshedding this, so i'd go for
> > whatever ppl want. i'm fine with 5, but i think all-openbsd.js only
> > applies to *new* profiles, unsure about that. Someone (not me) should
> > test.
> >
> > Landry
>
> So I tested that the setting below works:
>
> 1. New profile gets new default
> 2. Existing profile gets new default if user did not set it previously
> 3. Existing profile is not overriden if user set it previously.
>
> A user mailed me privately and confirmed this,
>
> So I think that is what we want,
>
> OK?

Ok, and thanks for testing.