> One of the benefits of DoH over DoT seems that port 443 is utilized as > opposed to port 853 and thus less likely to to be blocked by firewalls.
since may DoT servers also run on 443 this should not be a reason for using DoH instead of DoT > > Some are voicing their concern that it would cede control over DNS > matters to browser vendors if they were to implement their choice of TRR > as Mozilla currently does with CF. > And certainly it would require other public DNS resolvers to implement > DoH if not to stay limited to the aforementioned. > > What are the thoughts of the unbound team on the subject, any plans to > implement DoH? there is a ticket for DoH already, but I believe at this point implementing the connection-reuse functionality for DoT is more important than implementing DoH. also note that from a user privacy perspective DoT is preferred over DoH since it does not introduce all the privacy problems of HTTP to DNS (like user-agent and other headers that can be used to fingerprint the DoH client) -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
signature.asc
Description: OpenPGP digital signature