It also seems to be conflating me using CloudFlare's DNS with me using DoH. Also, they're ironically removing my choice, because I chose CloudFlare's DNS yet I can't see the content because of that.
I spoke with the creator of archive.is a while back, he uses the location from DNS to protect archive.is against some attacks, and the Cloudflare cache breaks things for him because they return the cached result instead of a live one.
It's an unfortunate situation, but it doesn't look like an easy solution exists on either side.
Cloudflare said they filtered EDNS subnet passthrough. They did provide alternative location data, though. Given that Cloudflare has _tons_ of data centers, in all parts of the world, this granularity seems good enough for what Archive.is required.
> EDNS IP subsets can be used to better geolocate responses for services that use DNS-based load balancing. However, 1.1.1.1 is delivered across Cloudflare’s entire network that today spans 180 cities. We publish the geolocation information of the IPs that we query from. That allows any network with less density than we have to properly return DNS-targeted results. For a relatively small operator like archive.is, there would be no loss in geo load balancing fidelity relying on the location of the Cloudflare PoP in lieu of EDNS IP subnets.
> We are working with the small number of networks with a higher network/ISP density than Cloudflare (e.g., Netflix, Facebook, Google/YouTube) to come up with an EDNS IP Subnet alternative that gets them the information they need for geolocation targeting without risking user privacy and security. Those conversations have been productive and are ongoing. If archive.is has suggestions along these lines, we’d be happy to consider them.
Yes, but his reply was that they cache DNS results, so someone querying from France would get the cached result, which might be in the US. Seems a bit counterintuitive, but I'm just relaying what he told me.
