Comment by spiffyk
9 hours ago
That's just the 443 port – the middlebox can't see anything else anyway. Were that an actual concern, we could standardize running DoT on 443 instead of the status quo 853, and negotiating the protocol via ALPN. The "dot" ALPN is already standardized and implemented in actual production DNS software, so the port number is realistically the only obstacle.
No comments yet
Contribute on Hacker News ↗