Comment by ignoramous

3 years ago

> Most phones nowadays should have DoT support built-in nowadays.

DoT does help even if it can be trivially blocked (more than one way to do so, but blocking TCP on port 853 would do the trick)... DoT cannot help bypass SNI-based censorship (unless apps implement domain-fronting).

1 comment

ignoramous

Reply
josephcsible  3 years ago

> DoT does help even if it can be trivially blocked (more than one way to do so, but blocking TCP on port 853 would do the trick)...

Indeed, and this is exactly why DoH is better than DoT.

> DoT cannot help bypass SNI-based censorship (unless apps implement domain-fronting).

TLS ECH will. I can't wait for it to become mainstream.