|
|
|
|
|
|
by tptacek
2016 days ago
|
|
|
DNSSEC does nothing to address NAT interception of DNS, but DoH does: your network can't spoof a TLS certificate for your chosen DoH recurser (though, with some effort, they can just block you from the network if you don't comply with their DNS policy). |
|
|