RS Oct 5, 2019
"DNS over HTTPS will make it harder for ISPs to monitor or modify DNS queries."
Well, maybe it ISP's hadn't been snooping AND MODIFYING requests there would have been no need to do this. They're cut out of the loop now and net.neutrality is being restored. It's none of their damn business.
Why big ISPs aren’t happy about Google’s plans for encrypted DNS
DNS over HTTPS will make it harder for ISPs to monitor or modify DNS queries.
Joel B Levin Mozilla is moving to DOH (DNS over HTTPS) as well.
Richard Sexton Interesting.
We looked at this in 96 but discounted it immediately as it only works with web. Mail, irc, ftp etc won't work.
I suppose somebody could write a small shim....
Joel B Levin Richard That's true. There are a lot of things that don't go through a browser, though they could - ftp (almost gone), mail (I have a web version of all the mail I still use pop3 and smtp for), etc., plus I feel fairly sure that they probably account for well under 5% of internet traffic (well, if you don't include email).
Richard Sexton It works for 95% of the net is not a compelling argument though.
Of course they have their own network of root servers and can flip their A root in a heartbeat. This get this going last century.
What's needed is a shim for a self primarying root. DJB pointed this out years ago.
dnsroot - D. J. Bernstein
cr.yp.to › dnsroot
tcpclient dns.vrx.net 53 axfr-get . root.orsc root.orsc.tmp and then fed root.orsc through cleanup to obtain data. Unfortunately, the root zone changes over time, ...
You've visited this page many times. Last visit: 16/02/19
John Whitlock vrx.net is listed for sale?
Richard Sexton Oh yeah, I sold it years and years go. Wasn't worth the yearly renewals. I got rid of all my domains that needed renewals.
There are domains you don't need to renew :-)
Stephen Pushak Correy Kowall
Correy Kowall This will derelict 'big ears' all over this planet.
Phil Karn Yup, that’s precisely the idea.