On Tue, Oct 01, 2019 at 09:55:54AM +0200, Jeroen Massar <jer...@massar.ch> wrote a message of 26 lines which said:
> > (Because this canary domain contradicts DoH's goals, by allowing > > the very party you don't trust to remotely disable security.) > > The goal is centralization of DNS Hmmm, no, read RFC 8484 (section 1). > While the 'connection to the recursor' is 'encrypted', the recursor > is still in clear text... one just moves who can see what you are > doing with this. As with any cryptographic protocol. Same thing with VPNs, SSH and whatever: the remote end can see what you do. What's your point?