On 15 Nov 2017 12:18, "Iain R. Learmonth" <irl@torproject.org> wrote:
Is this not what TorDNSEL does?
https://www.torproject.org/projects/tordnsel.html.en

Hi Iain!

That certainly sounds like it will give you the answer! But although it would give the right kind of answer, it is not what I am asking for.

At the scale of websites like Facebook or the New York Times, a timely response is required for the purposes of rendering a page. The benefits of solving the problem at "enterprise" scale then trickle down to implementations of all sizes.

Speaking as a programmer, it would be delightfully easy to make a DNS query and wait for a response to give you an answer... but then you have to send the query, wait for propagation, wait for a result, trust the result, debug cached versions of the results, leak the fact that all these lookups are going on, and so forth.  

This all adds adds up to latency and cost, as well as leaking metadata of your lookups; plus your local DNS administrator will hate you (cf: doing name resolution for every webpage fetch for writing Apache logs, is frowned upon.  Better to log the raw IP address and resolve it later if you need.

On the other hand: if you are running a local Tor daemon, a copy of the entire consensus is held locally and is (basically) definitive.  You query it with near zero lookup latency, you get an instant response with no practical lag behind "real time", plus there are no men in the middle, and there is no unwanted metadata leakage.

If the Tor daemon is on the local machine, then the lookup cost is near-zero, and - hey! - you are encouraging more people to run more tor daemons, which (as above) has to be a good thing.

So: the results are very close to what TorDNSEL provides, but what I seek is something with different and better latency, security, reliability and privacy qualities than TorDNSEL offers.

    - alec