User.js: Additional value for TRR to "...disable DoH under all circumstances."

Created on 5 Aug 2018  路  7Comments  路  Source: arkenfox/user.js

Read this link from r/firefox earlier today Mozilla's new DNS resolution is dangerous and noticed a bit of extra info not found in our user.js. Currently, 0707: disable (or setup) DNS-over-HTTPS lists 0 as "off". This Mozilla page suggests a value of 5 to "disable DoH under all circumstances."

Note: Blog is for Nightly so it's subject to change at any time but probably worth keeping an eye on.

Item 3 at the bottom of the page:

3] Change network.trr.mode to 2 to enable DoH. This will try and use DoH but will fallback to insecure > DNS under some circumstances like captive portals. (Use mode 5 to disable DoH under all
circumstances.)

picture grauenwolfe
👍1

Most helpful comment

value 5 was added in 61. It seems to be only used for telemetry purposes though. No need to change it IMO

picture earthlng on 6 Aug 2018
👍3

All 7 comments

Related https://gist.github.com/bagder/5e29101079e9ac78920ba2fc718aceec

5 - Off by choice This is the same as 0 but marks it as done by choice and not done by default.

Not sure what's the difference, though.

Nice tip for checking whether it is active or inactive:

Go to about:networking, click the DNS link in the left-side menu. That shows the contents of the in-memory DNS cache. The TRR column says "true" for host names that were resolved using TRR (DNS-over-HTTPS).

claustromaniac picture claustromaniac on 6 Aug 2018

We'll have to update 0707 with the value 5 (not sure when that was added, 62? 63?). The good news is nothing can happen if there is no uri etc :)

Thorin-Oakenpants picture Thorin-Oakenpants on 6 Aug 2018

https://dxr.mozilla.org/mozilla-central/search?q=network.trr.mode&redirect=false

Lots of tests .. I see nothing for a 5 (yet)

Thorin-Oakenpants picture Thorin-Oakenpants on 6 Aug 2018

value 5 was added in 61. It seems to be only used for telemetry purposes though. No need to change it IMO

earthlng picture earthlng on 6 Aug 2018
👍3

Cool. I'll close this then. If, and I doubt they will, ever flip DoH on, we can always revisit the values

Thorin-Oakenpants picture Thorin-Oakenpants on 6 Aug 2018
👍1

FYI: @earthlng send you as bcc on an email

Thorin-Oakenpants picture Thorin-Oakenpants on 6 Aug 2018

Just following up. Seems a lot of aritcles appeared within hours of posting this.

If, and I doubt they will, ever flip DoH on, we can always revisit the values

Sounds good to me.

grauenwolfe picture grauenwolfe on 8 Aug 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Thorin-Oakenpants picture Thorin-Oakenpants  路  5Comments
kaliostro2 picture kaliostro2  路  7Comments
GIPeon picture GIPeon  路  3Comments
Thorin-Oakenpants picture Thorin-Oakenpants  路  5Comments
Thorin-Oakenpants picture Thorin-Oakenpants  路  4Comments