X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Securedns and encrypted sni fails when connected to Firefox Private Network.

Kuphostiwe

Securedns and encrypted sni fails when connected to Firefox Private Network.

Securedns and encrypted sni fails when connected to Firefox Private Network.
Isicaphuno

Eminye Imininingwane Yohlelo

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.1 Safari/605.1.15

Eminye Imininingwane

Ballison
  • Top 25 Contributor
  • Administrator
14 izisombululo 81 izimpendulo
Kuphostiwe

Hi RubberDucky,

When you say that Secure DNS and Encrypted SNI both failed, are you referencing Cloudflare's Browser Security Check?

Hi RubberDucky, When you say that Secure DNS and Encrypted SNI both failed, are you referencing [https://www.cloudflare.com/ssl/encrypted-sni/ Cloudflare's Browser Security Check]?
Ingabe lokhu kube usizo kuwena?
Isicaphuno

Umnikazi wombuzo

Yes I’m referring to the cloudflares browser security check.

Yes I’m referring to the cloudflares browser security check.
Ingabe lokhu kube usizo kuwena?
Isicaphuno
Ballison
  • Top 25 Contributor
  • Administrator
14 izisombululo 81 izimpendulo
Kuphostiwe

Thank you for confirming! I'm sorry about the delayed responses.

Encrypted SNI fails in that test is because a bug (1590642) is currently preventing it from functioning correctly while using a proxy service.

As for Secure DNS, is the test failing on it or is it showing inconclusive (orange circle with white question mark)? When I am running the test with FPN enabled, it shows that it is inconclusive, but didn't necessarily fail. FPN does actually support Secure DNS, so if it is showing a hard fail on the test, this could be a connectivity problem.

Could you run the test again and let me know which status you're receiving for Secure DNS on the test (pass, fail, or inconclusive as mentioned above)?

Thank you for confirming! I'm sorry about the delayed responses. Encrypted SNI fails in that test is because a bug ([https://bugzilla.mozilla.org/show_bug.cgi?id=1590642 1590642]) is currently preventing it from functioning correctly while using a proxy service. As for Secure DNS, is the test ''failing'' on it or is it showing ''inconclusive'' (orange circle with white question mark)? When I am running the test with FPN enabled, it shows that it is inconclusive, but didn't necessarily fail. FPN does actually support Secure DNS, so if it is showing a hard fail on the test, this could be a connectivity problem. Could you run the test again and let me know which status you're receiving for Secure DNS on the test (pass, fail, or inconclusive as mentioned above)?

Okulungisiwe ngu Ballison

Ingabe lokhu kube usizo kuwena?
Isicaphuno
My_Cheese_Is_Slippin'
  • Top 10 Contributor
85 izisombululo 887 izimpendulo
Kuphostiwe

Note that ESNI is not enabled in Firefox by default and it is not enabled by Firefox Private Network.

The primary goal of ESNI is to mask your activity from your ISP. Doesn't FPN do that anyway?

Maybe, enabling ESNI with FPN causes some sort of conflict, which is why FPN doesn't enable it and would explain why the ESNI Check fails when it is enabled.

As far as the Secure DNS check is concerned, I found this from Router Security: "One feature of Cloudflare DNS is encryption. The connection between your computer and their DNS server is encrypted using one of two fairly new approaches: DNS over TLS or DNS over HTTP. This is only an issue when you are not using a VPN. A VPN encrypts everything (when it is working correctly) coming and going from the computer so there is no need to pay special attention to encrypting DNS."

Try testing with https://1.1.1.1/help/ both with and without FPN enabled.

Note that ESNI is not enabled in Firefox by default and it is not enabled by Firefox Private Network. The primary goal of ESNI is to mask your activity from your ISP. Doesn't FPN do that anyway? Maybe, enabling ESNI with FPN causes some sort of conflict, which is why FPN doesn't enable it and would explain why the ESNI Check fails when it is enabled. As far as the Secure DNS check is concerned, I found this from Router Security: "One feature of Cloudflare DNS is encryption. The connection between your computer and their DNS server is encrypted using one of two fairly new approaches: DNS over TLS or DNS over HTTP. This is only an issue when you are not using a VPN. A VPN encrypts everything (when it is working correctly) coming and going from the computer so there is no need to pay special attention to encrypting DNS." Try testing with https://1.1.1.1/help/ both with and without FPN enabled.
Ingabe lokhu kube usizo kuwena?
Isicaphuno
Buza umbuzo

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.