|
|
|
|
|
|
by HerraBRE
2166 days ago
|
|
|
This is neat! DoH/DoT over Tor will provide stronger security and privacy guarantees across the board, but a well run .odns (anycast, good caches) could probably provide better performance. The .odns anonymity is strictly weaker than DoH-over-Tor because the .odns operator can see which recursive resolver is in use, and not all such resolvers serve large enough audiences to provide strong anonymity. The .odns requests are also very easy to identify, monitor and block, and it's likely that metadata (query size, timings) will still leak a fair bit of information, especially if correlated with other network activity. |
|
|