On Wed, Nov 06, 2019 at 11:56:13AM -0600, Michael Catanzaro wrote: > On Wed, Nov 6, 2019 at 4:54 pm, David Sommerseth <dazo@xxxxxxxxxxxx> wrote: > > Yes, TLSv1.3 with encrypted SNI will help to some degree, but still > > there IP > > addresses you connect to will still provide meta data which can be used > > to > > profile you and give an indication of what kind of sites you visit. > > Well that's the whole point right there. In combination with ESNI, it's no > longer possible to tell which domain you are visiting on a particular vhost. > It's not perfect, but that's still tremendously better than nothing. It is > why Mozilla and EFF are strongly promoting DoH. On the one hand, thats great and good. On the other hand, all your DoH is going to a single provider, bypassing everything else. In any case, I will note here that firefox in Fedora is not going to enable DoH like upstream firefox. I don't know about chromium. I think for DoH to really be useful, it needs to be in widespread use in all the various providers/ISPs. Hopefully that happens. kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
