The canary domain will only disable DoH if you've been defaulted into using DoH.
If you've actively turned it on, or set network.trr.mode to 3 then the canary will not disable it. On Fri, Mar 6, 2020 at 2:58 PM Nathaniel Suchy < nathanielsu...@protonmail.com> wrote: > Even if that option is enabled it is my understanding that a network > administrator can still override your decision during a man in the middle > attack well you can imagine how this is problematic. I run a local DNS > resolver over Tor for my non-Tor traffic as I don’t trust Mozilla’s > implementation. > > Cordially, > Nathaniel Suchy (they/them) > > Sent from ProtonMail Mobile > > On Fri, Mar 6, 2020 at 2:07 AM, <hansva...@airmail.cc> wrote: > > > You can use network.trr.mode to enforce the use of DoT. IIRC 3 is to > > enforce it and not using other DNS. When using network.trr.mode Firefox > > should not do any other DNS than DoH. This should adress your concerns. > > > > The best way is to use DoT and to have it directly implemented into your > > router or locally on your machine. I don´t think the Mozilla approach is > > useless. It´s a better than nothing approach. Last, but not least you > > can use different DoH servers in FF. You are not tied to the default. > > Though the average Joe may not have the ability to use a custom DoH > > server in their Firefox. > > > > BTW, what router manufacturer already has DoT implemented? > > > > -- > > tor-talk mailing list - tor-talk@lists.torproject.org > > To unsubscribe or change other settings go to > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- Ben Tasker https://www.bentasker.co.uk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk