mirror of
https://github.com/NexusOne23/noid-privacy.git
synced 2026-02-07 04:01:52 +01:00
38 lines
1.5 KiB
JSON
38 lines
1.5 KiB
JSON
{
|
|
"DoHPolicy": {
|
|
"Mode": "REQUIRE",
|
|
"Description": "DNS-over-HTTPS enforcement mode",
|
|
"Options": {
|
|
"REQUIRE": {
|
|
"Value": 3,
|
|
"Description": "REQUIRE DoH (no unencrypted fallback) - Maximum security",
|
|
"BestFor": "Home users, single-network systems, maximum privacy",
|
|
"Warning": "May cause connectivity issues in corporate networks, captive portals, or mobile hotspots"
|
|
},
|
|
"ALLOW": {
|
|
"Value": 2,
|
|
"Description": "ALLOW DoH (fallback to UDP if DoH fails) - Balanced",
|
|
"BestFor": "VPN users, mobile devices, multi-network systems, enterprise environments",
|
|
"Warning": "Less secure - DNS queries may fall back to unencrypted UDP"
|
|
},
|
|
"PROHIBIT": {
|
|
"Value": 1,
|
|
"Description": "PROHIBIT DoH (disable encrypted DNS) - Not recommended",
|
|
"BestFor": "Legacy systems, specific enterprise requirements only",
|
|
"Warning": "All DNS queries will be unencrypted"
|
|
}
|
|
},
|
|
"Recommendation": "Use REQUIRE for home networks, ALLOW for VPN/mobile/enterprise"
|
|
},
|
|
"AllowFallbackToUdp": {
|
|
"REQUIRE": false,
|
|
"ALLOW": true,
|
|
"PROHIBIT": true
|
|
},
|
|
"Notes": [
|
|
"REQUIRE mode (default): Best privacy, but may break in corporate/captive portal networks or with VPNs",
|
|
"ALLOW mode: Good balance for VPN users, mobile users and enterprise environments",
|
|
"Users with VPNs or on multiple networks should choose ALLOW mode",
|
|
"PROHIBIT mode is NOT recommended - only for specific legacy requirements"
|
|
]
|
|
}
|