Replies: 3 comments 2 replies
-
|
DNS can use any transport protocol, and it's easy to come with a new DNS-over-something, but the result is not always very useful in practice. There's already DNSCrypt that mostly uses UDP. And DoH, that already uses QUIC with HTTP/3 that Doing just DNS over QUIC without HTTP doesn't have any of these properties. It's trivial to block, can't be cached using HTTP caches, can't anonymize client IPs, yet requires a ginormous amount of code and thus possible vulnerabilities compared to DNSCrypt. I'd rather wait for the next DNS-over-something. In the meantime, DoOH is more likely to catch up, so this is the one that will be implemented next. |
Beta Was this translation helpful? Give feedback.
-
|
However, I would argue that DNS-over-QUIC without HTTP/3 still has some potential benefits. For example, it could be faster than DNSCrypt or DoH. |
Beta Was this translation helpful? Give feedback.
-
|
Not really. |
Beta Was this translation helpful? Give feedback.
-
|
I think cookies and overhead are main disadvantages of DoH/3, but the most concerning aspect of DoQ is one described as "can be tied to client device". How is that? Is it because DoQ is rarely used or is it something in packets that gives away more information than DoT does? |
Beta Was this translation helpful? Give feedback.
-
|
+1 for DNS Quic. Adguard DNS Proxy supports it and it's working great! |
Beta Was this translation helpful? Give feedback.
-
Adding support for DNS-over-QUIC to dnscrypt-proxy.
Beta Was this translation helpful? Give feedback.
All reactions