Hello, Is there any benefit (especially privacy-wise) in setting dnscrypt_ephemeral_keys to true in the example-dnscrypt-proxy.toml file when I'm using anonymized DNS relays anyways? Furthermore, I think this also becomes unnecessary if one is setting skip_incompatible to true in order to skip resolvers that are incompatible with anonymization.
Any thoughts?
Yes, there is.
Without ephemeral keys, a DNS server will not learn what IP address sent the queries, but can learn that they come from the same device.
Yes, there is.
Without ephemeral keys, a DNS server will not learn what IP address sent the queries, but can learn that they come from the same device.
So is there any chance they (server owners) would block access to the anon relays if I keep on using them without ephemeral_keys? I'm guessing I'd get easily fingerprinted if every dnscrypt users are using ephemeral_keys except me but is there any stats as to what % of users actually use this?
Thanks!
They can, but the main reason they would do that is for rate limiting in order to prevent a single user from using too much resources.
So, the answer is yes, there is still value in turning that feature on. But CPU usage will be higher.