On 2020/05/23 8:35 , Dave . wrote:
Would it be possible for your servers to first verify whether a DOH address is really a DNS before running actual atlas tests? If you can do it from an IP address that also hosts a web page that explains the purpose of the test, anyone investigating traffic coming to them is easily informed.
Some people want to use DoH from within a browser. If that gets popular, it could be that many webservers would also have DoH endpoints. In any case, for now that might be a sensible solution. Some time ago it was proposed that the MAT working group would handle policy proposals for Atlas. So, whoever wants to make the effort to push the policy proposal through, please contact the chairs of the MAT wg on how they would like to handle this. Philip