Can someone please explain to me why DNS-over-HTTPS (DoH) is bad? Signed, someone who transitioned from BIND9 to djbdns circa 2000, learned about Curve25519 via DNSCurve, considers the latter an abject failure...https://twitter.com/kennwhite/status/1170753874279485440?s=21 …
-
-
Yup. This is the main objection I see. ISPs are afraid of being reduced to common carriers. Don’t you want their value-added DNS snooping services? They can keep your kids safe from terrorists...
-
Personal perspective: It makes it really hard to block domains. I have ~10 browser profiles across 6 browsers, and maintaining an /etc/hosts updater is a lot less work than modifying each of them (when it's possible - Firefox Focus has no about:config and no UI for DoH conf).
- 5 more replies
New conversation -
-
-
Especially since all the people with intercept equipment that installs a root cert can just MiTM the DoH provider anyway.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
