Ted Lemon wrote on 2019-03-22 04:14:
... I don’t think
there’s any reason to use DoH if you trust the local resolver.
i'd go further, but i won't, here.
instead i'll say, others go further, and say, centralization is nec'y
for privacy because it sends queries through a blender, so that distant
authorities or surveillers on the rdns/adns path, cannot tell where the
original question came from. this whereness of originalness is more
apparent if one uses an rdns that only serves a small pool of stubs.
i disagree, and i consider the argument absurd, but it's out there. i
expect that at someone at some point will wake up and notice that this
is also the privacy profile of ECS, which is not optional for stub users
-- their rdns either uses it on upstream cache misses, or not.
sending pii to noncontracted parties is dangerous, among other things,
to privacy (no matter how defined.)
--
P Vixie
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop