On Mon, Jul 15, 2019 at 10:18 AM Peter Saint-Andre <[email protected]> wrote:
> On 7/15/19 10:54 AM, Andrew M. Hettinger wrote: > > > Arguably there's actually a decrease in security over DoT as, rather > > then your network provider being the one who knows what DNS lookups > > you're doing, now some third party with whom you have no relationship. > > You, as a lone user, have zero leverage with your network provider. > It doesn't look like Mozilla has much leverage here. I can just pay $10 or something for a VPN. > Firefox or Chome or Safari (etc.), as the user agent for millions of > people, can exercise more leverage and also enter into contractual > agreements with trusted recursive resolvers. That seems like a promising > avenue to explore. > Is it promising? > > > Let's be clear, "some third party" is pronounced "Cloudflare." This > > isn't to bash on Cloudflare, but everyone's DNS traffic going to ONE > > company? > > Mozilla's intent is to deploy a set of trusted recursive resolvers, as > Ekr explained back in March on the DoH list: > And also to supply a domain name that disables everything? That's what the draft does, right? thanks, Rob
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
