Privacytools.io: ๐๏ธ DNS provider suggestion | NixNet
Basic Information
Name: NixNet
Filtering: No
Privacy policy: https://nixnet.xyz/privacy/
Protocols: DoT (853)
Server/Location: Anycast, Luxembourg, New York, Las Vegas
Source: - (Unbound)
Type: Informal collective (part of Librehosters, see #816 )
Website: https://nixnet.xyz/dns/
Description
From what I understood they are smaller indepedent provider and thus good for decentralization. They also have servers in the US which our listing is currently missing.
I opened an issue about features I am unsure of: https://git.nixnet.xyz/NixNet/NixNet/issues/2 (including whether IP addresses get logged)
Required features:
- [x] supports DoH or DoT
- [x] supports DNSSEC
- [x] doesn't log IP addresses during normal operation
Desired features
- [x] supports QNAME minimization
Mikaela
All 10 comments
They also recommend lelux.fi which leaves some details unclear to me, but I get the picture that they don't support DNSSEC, so I am not opening an issue for now.
Edit:
The resolver does support IPv4 and IPv6 and checks DNSSEC. Uncensored results (aka no adblocking or such).
Mikaela
on 24 Aug 2019
poke @amolith
Perflyst
on 24 Aug 2019
It seems silly to add another DNS server to an already packed list, especially when it doesn't support all the features that would make it fully privacy focused.
ProgressiveArchitect
on 25 Aug 2019
TODO
- [x] DNSSEC validation
- [x] Check QNAME minimization
- [x] Explain Unbound verbosity in privacy policy
I set these up a while ago and I couldn't remember what I had configured. As I was looking around, I found that all the features requested are enabled; Unbound does DNSSEC validation and QNAME minimisation by default. I've added a new header on the DNS page with a list of the features as well as mentioned the Unbound verbosity in the Privacy Policy
EDIT
The wording in my privacy policy was inaccurate; previously, it said "Unbound query logs are enabled" and now it says "Unbound debug logs are enabled". Verbosity is set to 1 by default and I didn't mess with that.
Amolith
on 25 Aug 2019
Adblocked DoH is active and uncensored is in progress.
https://nixnet.xyz/dns/
Amolith
on 16 Sep 2019
Thanks for the update (and https://github.com/privacytoolsIO/privacytools.io/pull/1321).
Is Anycast DoH missing on purpose? I see that only Adblock anycast has DoH listed.
Mikaela
on 16 Sep 2019
The first Anycast section is DNS without Adblock (uncensored) and that's what I'm working on implementing DoH with. You'll notice that the specific locations only list that as well and not uncensored.
Amolith
on 16 Sep 2019
I'm in the process of moving all of my documentation to a new website; DNS information can be found here with relevant links to other sections. I have git set up for the backend so all the pages are plain MD files stored on Gitea
Amolith
on 18 Feb 2020
Change of URL again (sorry!); I switched from Wiki.js to MediaWiki because the former relies to heavily on JS and this information needs to be accessible to anyone. Most information can be found here but the privacy policy is on a separate page. I'm going to set them all up with proper categories in the near future.
Amolith
on 3 Mar 2020
blacklight447-ptio
Related issues
BurungHantu1605
ยท
3Comments
Echo1707
ยท
3Comments
ghost
ยท
3Comments
0verk1ll
ยท
3Comments
ghost
ยท
3Comments
Most helpful comment
TODO
I set these up a while ago and I couldn't remember what I had configured. As I was looking around, I found that all the features requested are enabled; Unbound does DNSSEC validation and QNAME minimisation by default. I've added a new header on the DNS page with a list of the features as well as mentioned the Unbound verbosity in the Privacy Policy
EDIT
The wording in my privacy policy was inaccurate; previously, it said "Unbound query logs are enabled" and now it says "Unbound debug logs are enabled". Verbosity is set to 1 by default and I didn't mess with that.