This DNS over HTTP thing

Jeroen Massar jeroen at massar.ch
Tue Oct 1 13:41:22 UTC 2019


On 2019-10-01 15:22, Stephane Bortzmeyer wrote:
> On Tue, Oct 01, 2019 at 12:11:32PM +0200,
>  Jeroen Massar <jeroen at massar.ch> wrote 
>  a message of 101 lines which said:
> 
>>  - Using a centralized/forced-upon DNS service (be that over DoT/DoH
>>  or even plain old Do53
> 
> Yes, but people using a public DNS resolver (of a big US corporation)
> over UDP is quite an old thing and nobody complained. I really wonder
> why there was so little reaction against OpenDNS or Google Public DNS
> and suddently a lot of outcry against DoH...

Those services the user decides on themselves.

It is not a default in the browser.

>> You might also want to look into this amazing thing called Tor if
>> you really want privacy.
> 
> I know it, and use it and it is awfully slow. Telling to people who
> want privacy that they need to adopt the difficult and costly (in
> performance) solutions made for iranian opponents won't help to
> improve security.

Then Tor is not for your purpose indeed.

Use a VPN, or better switch ISP so that you do not keep paying an entity that you do not trust.

>> Noting that many ISPs are deploying both DoT and DoH next to Do53.
> 
> Fact-checking: could you name some? (I do not know even one.)

https://www.as15600.net/

And there are many others who have announced it.

Greets,
 Jeroen



More information about the NANOG mailing list