|
|
|
|
|
|
by tptacek
1266 days ago
|
|
|
It wouldn't be tamperproof even with DNSSEC for most of that ISP's customers, because DNSSEC is server-to-server, and collapses down to a single "yep, we checked DNSSEC" bit in the response header. This is a big part of why nobody does DNSSEC, and why the browsers adopted DNS-over-HTTP to solve this particular problem. |
|
|