This DNS over HTTP thing
Jared Mauch
jared at puck.nether.net
Tue Oct 1 13:01:20 UTC 2019
> On Oct 1, 2019, at 6:11 AM, Jeroen Massar <jeroen at massar.ch> wrote:
>
> TDLR:
> - Using DoT or DoH as a protocol is fine, though the recursor still controls/views the DNS queries
> - Using a centralized/forced-upon DNS service (be that over DoT/DoH or even plain old Do53 is does not improve security or privacy...
> Getting that forced fed by the monopolies controlling the browser.... bad for the Internet.
> - Use a VPN if you do not trust your network provider.
> - Use Tor if you really want 'privacy’.
I would also be concerned about the lock-in this creates. Cloudflare (at previous DNS-OARC meetings) has said their main reason for paying Mozilla & 1.1.1.1 is to improve the performance for their customers. I think this is a great thing for their customers, but is also an issue - if you take it to the privacy extreme here it harm not only their competitors but the end-users involved as well.
I’m personally very concerned about the very extreme stance taken by some people & organizations with the overall protocols and how they will harm the internet of the future.
I for one am awaiting the DoHoToQUICo53 overlords to appear.
- jared
More information about the NANOG
mailing list