https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/ purports to explain DoH but really it does a good job of explaining the problem with port 53 DNS but then just does a gigantic handwave about DoH itself, and also “we’re happy to make cloudflare the default trusted resolver” like uhhhhhh.
@fluffy Pretty much, yes. Also there is no privacy once it hits the recursive server’s upstream wire.
@Kyreeth Yeah although when it gets upstream the source isn't (as) identifiable.
@fluffy Depends what’s cached and how many people are using the caching server, otherwise query generating recursion is possibly a bit more correlatable than you’d think.
@Kyreeth True. But the privacy concern that DoH supposedly handles is that of your ISP spying on you, not about the site's advertisers or whatever.
A silly instance of Mastodon for queer folk and non-queer folk alike. Let's be friends!