add more metadata about relays: #1 DNSSEC validation, #2 DNS server
It would be great to show relay operators more information about what they could improve on their relay configuration. In the area of exits and DNS this could be:
- DNSSEC
- do not use Google, Cloudflare, Quad9,.. DNS server
To support this we would first need two new onionoo fields before adding indicators to Relay Search. Both fields are only relevant for exit relays.
dnssec_validation: boolean True if the exit relay does validate
dns_resolver: string PTR record for the IP address used to resolve a hostname via this exit.
To collect the data you could run exitmap's dnssec and dnsenum modules once every ~12 hours.
https://github.com/NullHypothesis/exitmap/blob/master/src/modules/dnssec.py https://github.com/NullHypothesis/tor-dns/blob/master/code/resolvers-of-exit-relays/dnsenum.py
context: https://twitter.com/nusenu_/status/983302939258138626