[artjomb]

> The authoritative server [of .odns] decrypts the session key with his private key, and then subsequently decrypts the requested domain with the session key.

So this basically means that the .odns operator is yet another entity that can scoop up some domain names. The one privacy advantages that I see in comparison with using Cloudflare or others as DoH providers is this: .odns operator can only group the domains that they see to a resolver of the ISP of the user. Cloudflare could group domains by IP address of the user.