The recording of my talk on DNS encryption (2020 update) is now online
@cstrotm After listening to the talk I ask myself if it's really a good idea to involve literally 8 servers into a single DNS request and calling that an improvement. Considering how many people fail to deploy proper DNS already when it comes to more than just an A record.
Shouldn't we try to make things less not more complex? And also things like why does a device vendor have a say in what DoH resolvers should be used/are trusted?
>> And also things like why does a device vendor have a say in what DoH resolvers should be used/are trusted? <<
that is not a feature of the protocol, but of the modern (commercial) operating systems.
Linux/BSD might use this as well to securely resolve the addresses and configuration data about their package repositories.
I see nothing wrong with that.
The original server operated by the Mastodon gGmbH non-profit