nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: This DNS over HTTP thing

From: Jared Mauch <jared () puck nether net>
Date: Tue, 1 Oct 2019 09:01:20 -0400



On Oct 1, 2019, at 6:11 AM, Jeroen Massar <jeroen () massar ch> wrote:

TDLR:
- Using DoT or DoH as a protocol is fine, though the recursor still controls/views the DNS queries
- Using a centralized/forced-upon DNS service (be that over DoT/DoH or even plain old Do53 is does not improve 
security or privacy...
  Getting that forced fed by the monopolies controlling the browser.... bad for the Internet.
- Use a VPN if you do not trust your network provider.
- Use Tor if you really want 'privacy’.


I would also be concerned about the lock-in this creates.  Cloudflare (at previous DNS-OARC meetings) has said their 
main reason for paying Mozilla & 1.1.1.1 is to improve the performance for their customers.  I think this is a great 
thing for their customers, but is also an issue - if you take it to the privacy extreme here it harm not only their 
competitors but the end-users involved as well.

I’m personally very concerned about the very extreme stance taken by some people & organizations with the overall 
protocols and how they will harm the internet of the future.

I for one am awaiting the DoHoToQUICo53 overlords to appear.

- jared
Previous By Date Next
Previous By Thread Next

Current thread: