|
|
|
|
|
|
by bubblethink
556 days ago
|
|
|
But you are giving very little to the ISP to begin with. You can use encrypted DNS and most web content has TLS. The only gap there is SNI, which we should be able to close with TLS ECH. I don't know why ECH has been so slow to roll out. |
|
|
I am not aware of any firewalls that enforce the rule 'only attempt to connect to massively-shared cloud IPs that can't be easily subject to a reverse DNS lookup'.