On Tue, Nov 05, 2019 at 02:09:31PM +0100, Marius Schwarz wrote:
> DoH is IMHO a waste of resources and as Browsers implement it, useless
> at best, but mostly a centralization of control of users under a false
> protection umbrella.
>
> Any modern Browser will do this sequence:
>
> User enters URL
> Browser checks for domainnames
> Browser sends DNS request ( over which path doesn't matter )
> Opens connection to the target host
>
> If ( HTTPS ) {
> sends the domainname, he has found in the URL as SNI in plain! in
> his TLS request
This is not true, SNI is encrypted:
https://eff.org/pl/deeplinks/2018/09/esni-privacy-protecting-upgrade-https
--
Tomasz Torcz ,,If you try to upissue this patchset I shall be seeking
xmpp: zdzichubg@xxxxxxxxx an IP-routable hand grenade.'' -- Andrew Morton (LKML)
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
