I assume these still let your provider guess what TLDs you connect to by looking... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

gumby on April 10, 2018 | parent | context | favorite | on: RFC 7858: DNS over TLS (2016)

I assume these still let your provider guess what TLDs you connect to by looking where you connect. Not sure how bad a channel that is.

At least you'll have a better idea that you are getting authoritative responses.

kuschku on April 10, 2018 [–]

For authoritative responses, DNSSEC exists.

And your provider can still find out what you connect to through SNI.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact