i prefer DoH because it can identify a server we are talking to and the content is encrypted.
zuop...@cnnic.cn From: Stephane Bortzmeyer Date: 2019-02-12 16:39 To: zuop...@cnnic.cn CC: dnsop Subject: Re: extension of DoH to authoritative servers On Tue, Feb 12, 2019 at 03:56:04PM +0800, zuop...@cnnic.cn <zuop...@cnnic.cn> wrote a message of 546 lines which said: > I am considering extending the DoH protocal to authoritative > servers. Why DoH and not DoT? DoH is useful because 1) port 853 may be blocked at the edge of the network 2) applications running in a Web browser may need DNS data. But these two reasons do not apply to your use case 1) the resolver is often closer to the core and there is less risk that 853 is blocked 2) there is no Web browser on the resolver.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
