summaryrefslogtreecommitdiff
path: root/network/dnscrypt-proxy/dnscrypt-proxy.default
diff options
context:
space:
mode:
Diffstat (limited to 'network/dnscrypt-proxy/dnscrypt-proxy.default')
-rw-r--r--network/dnscrypt-proxy/dnscrypt-proxy.default6
1 files changed, 6 insertions, 0 deletions
diff --git a/network/dnscrypt-proxy/dnscrypt-proxy.default b/network/dnscrypt-proxy/dnscrypt-proxy.default
index b1b70406be..a1b62d82f9 100644
--- a/network/dnscrypt-proxy/dnscrypt-proxy.default
+++ b/network/dnscrypt-proxy/dnscrypt-proxy.default
@@ -36,6 +36,12 @@ RESOLVERSLIST[0]="/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv"
#PROVIDERNAME[0]="2.dnscrypt-cert.opendns.com"
#PROVIDERKEY[0]="B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79"
+# By default, queries are always sent with the same public key, allowing
+# providers to link this public key to the different IP addresses you
+# are using. Enabling ephemeral keys requires extra CPU cycles, but
+# mitigates this by computing an ephemeral key pair for every query.
+#EPHEMERALKEYS[0]="no"
+
# Transparently add an OPT pseudo-RR to outgoing queries in order to enable
# the EDNS0 extension mechanism. The payload size is the size of the largest
# response we accept from the resolver before retrying over TCP. This feature
generated by cgit v1.2.3 (git 2.26.2) at 2024-12-12 13:08:04 +0000