Is it possible to disable DoH? #282
Comments
|
Hi! Let's discuss
I expect mtg runs in an environment where government is hunting for proxies and block them. I imply a certain action here, this is not about how the internet is censored, I'm narrowing it down to a specific action: inspection of traffic to find out proxies to block. FakeTLS solves this issue by cloaking this traffic in 100% correct TLS. This should be a default because Telegram had to painfully pass several iteration fighting with Russian govenrment:
I think FakeTLS is a sane default and I do not know why to avoid it.
You do not have incoming TLS connection. You establish TLS connection. This is no longer different from working with any website. Proxy does not dial to you as a client.
Socks5 proxy was a request from long time ago to integrate it with V2Ray |
|
Wow, thanks for your time and all the detailed explanation. I am going to borrow this from another issue: These are 2 completely different scenarios. I am using it in the first scenario, I am running mtg and shadowsocks client at home. So client (telegram android) is connecting to my home with fake TLS traffic. And you said
So from ISP's point of view, (assuming I am faking The reason I elected for the first scenario is that GFW is able to accurately identify FakeTLS traffic and block it, so scenario 2 simply does not work. And, no matter which way you use it, mtg does not need DoH. It is either outside the realm of censorship (scenario 2) or you have other ways to circumvent censorship(scenario 1). |
|
I see :/ Yes, it is expected to run mtg on some server, not at your residential IP that expose another sort of limitations. It looks a bit useless then. It could be it makes sense to relax DOH requirement. I'll probably work on that but do not know when because I'm quite busy at my daily work now :/ But I will try, thanks for pointing out. |
|
Thanks, so right now I have 2 issues opened, I think each one of them points to one problem (suggestion) The other issue is about suggestion to enable legacy mode (secret starts with dd), which could solve the time skew problem (as a workaround) and residential Internet risk. I think I will keep them both opened if you don't mind. Take your time, I am already tremendously grateful for your great work on this project. |
Dear dev, thanks for this project.
I am wondering if DoH can be disabled by simply using
doh-ip = ""On the same note, the current default setup of mtg feels weird to me.
Do we expect mtg to be running in a censored environment or not?
If the answer is yes, I think faketls is more or less pointless, because stuff like GFW will only be deployed on the perimeter of a country, there won't be any censorship within the boarder. It is actually quite harmful in some cases, because if ISP finds our you have incoming https connection, they could have your internet suspended because it is illegal to run web services at home.
If the answer is no, then stuff like socks5 proxy or DoH feels pointless, because in an uncensored environment, there is simply no need for this.
The text was updated successfully, but these errors were encountered: