The goal of DNS-over-TLS is to conceal both the queries and responses from eavesdroppers, which is what those ad-blockers are.
Is it harder to block than DNSSEC? With DNSSEC you can't forge NxDomain but you can see query & drop reply => timeout.
-
-
-
They can still work as long as legacy DNS remains supported but they're not going to be in a very comfortable situation anymore.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.