At the moment I am having problem with mikaela.info being in HSTS
preload list and when I begun this list, I was hoping to use something
conflict free and thought that mikaela.info would be the least bad
choice while reading the reserver domains.
Now I have searched on the issues more and encountered .internal TLD
that seems to be what I am after and I hope it will become official.
https://github.com/wkumari/draft-wkumari-dnsop-internal
I think I can change these addresses safely as I am not using them
anywhere as I worry about accidentally sending them to the internet and
that opening new problems. This will mainly benefit me with web
browsers, I hope.
I will still have to link other people to direct IPv6 addresses that
won't change with the platforms I use or mikaela.info will not be in the
HSTS preload lists at time I need it. I wouldn't memorize IPv4 addresses
though or start telling them someone in quick chat.
It took me some time a few days ago to figure out this (and notice that
port 80 was already used by automatically installed Apache that was
doing nothing).
I have understood that ports 443 (Orport) and 80 (Dirport) are the best
for users behind strict firewalls especially if they aren't needed for
anything else on the system running Tor relay.
I don't think I like this very much, but it's supposed to be easier on
eyes and maybe I will get used to it especially after some migraine
light sensitivity attacks...
* Comment that the fastest server is automatically picked.
* Explicitly don't filter AAAA requests.
* Require provider to not do filtering
* which is implied by DNSSEC which would get broken.
* Use Google DNS B as fallback resolver and explain what it does in
comment.
* Add commented options for using Tor.
Polipo is no longer maintained and it seems that I am doing the same
thing with Privoxy except censoring accept-language which I need to
investigate. I think Privoxy warned about changing headers possibly
making ones fingerprint more unique and thus trackable? But aren't those
also going inside https so maybe there is no point?
Dnscrypt-proxy appears to handle multiple servers by itself nowadays and
does it in the config file. The servers listed may also be down.
Ref: #92 where I remembered these files still being here.
It appears that I have been doing locales wrong for years and only now
something has decided to not accept the incorrect versions?
Alternatively Debian has decided to stasrt doing it somehow different
from others, but I don't think so.
keyserver is not needed with GPGv2, I have no idea what some of those
options do and thus have suspect that they make my GPG more insecure and
I have used MATE for years and don't have eog available.
I have no idea why I even have this file :(
I guess the number four has something to do with Windows as resolv.conf
actually doesn't take more than three, am I preparing for situation
where there is no network, but ISP DNS is down or something? Why? When has
that actually happened?
I think apt has fixed it and this has started being more problem than
solution.
This just breaks my nice gpg signed streak :(
Signed-off-by: Mikaela Suomalainen <mikaela+git@mikaela.info>
Nowadays I am mainly on laptop which the 11px is very small and
uncomfortable to look at. I don't know if it's just that or that I have
gotten older (hah).
I hope that this doesn't look bad in other environments.
