Comment by DaniloDias
7 years ago
Encrypting dns is bad for end users. Please cut this shit out. You are acting like you are defending against the NSA, but in reality we will have a bunch of shitty IoT phoning data to indecipherable IP addresses without any meaningful defense of consumer privacy.
It is hostile to customers who want to troubleshoot wtf apps are doing.
Normal DNS queries aren't encrypted. It's normal queries on port 53.
Users/programs/IoT can choose to use DNS-over-TLS or DNS-over-HTTPS, but that's not Cloudflare's fault.
Nothing in his response is about encrypting DNS. Go grind your axe elsewhere.
In my country, government/ISP blocks websites and changes the DNS results of 8.8.8.8 since it is not encrypted. If ISP can create a valid certificate, that browsers trust [1], they may be able to access my Gmail or Github account.
[1] https://www.zdnet.com/article/mozilla-to-chinas-wosign-well-...