Browse Source

add some text about DoH

main
John-Mark Gurney 10 months ago
parent
commit
11aa2e291c
1 changed files with 3 additions and 1 deletions
  1. +3
    -1
      README.md

+ 3
- 1
README.md View File

@@ -1,7 +1,9 @@
Privacy for recursive DNS
=========================

DNS is currently unsecured, and the IETF have only just started attempting to solve this problem, [Signaling That an Authoritative DNS server offers DoT](https://datatracker.ietf.org/doc/draft-levine-dprive-signal/). DoH doesn't actually solve the problem, it just moves it around.
DNS is currently unsecured, and the IETF have only just started attempting to solve this problem, [Signaling That an Authoritative DNS server offers DoT](https://datatracker.ietf.org/doc/draft-levine-dprive-signal/).

DoH doesn't actually solve the problem, it just centralizes it. Currently most [all] of the DoH providers have not undergone a third party audit, so there is no way to verify their claims that they are not logging or sending data somewhere. Even then, if they receive an NSL or other demand from a government, you will never know about the request. Most companies do not even notify you about a subpoena to let you have the option to quash it, so DoH just centralizes things making it easier for monitoring.

Even when Authoratative DoT is a thing, there will be plenty of domains that will take years, if not decades before it'll be rolled out.



Loading…
Cancel
Save