Yah, naming a DNS protocol DOX and then releasing it on the worst day of the year on the internet might not have been a great idea… I suppose we should have seen this coming :)
You trust whatever server you query. That might be server one, or it might be server one and server two. It's a federated network, so you make requests through your own server.
> And will XMPP server 2 have my IP address?
No. It's a federated network, like email, so it just gets your XMPP address (historically referred to as a "Jabber ID" or "JID").
XMPP is not e2ee, the second server gets your JID (but not your IP, supposing your client doesn't leak it): you need to trust the servers (1, 2 and the resolver).
Also; you don't get virtual circuits, but the performance should be superior. Tor only supports A, AAAA and PTR; DoX supports every record type.
There's an awful lot of "why not?" here. Remember, this is an Experimental XEP. The XMPP Council saw no reason to actively block it, but that doesn't mean we're all mad keen that everyone should rush out and do it.
There was an intense debate on whether it ought to be published as Standards Track or Humorous...
I'm sure there are valid reasons, but I also think there's a law that no matter how comprehensive your application protocol, it will eventually get turned into a transport for a higher-level (sometimes shoddier) application protocol.
Purely curious, what advantages does this give you in a corporate sort of scenario where your login is probably authing against Active Directory? Does this protocol offer any leverage for developers in a multi-forest setup via API to programmatically choose domain controllers?
It seems DoX would fit in there perfectly!