Privacy Guides
Remove DOH recommendation from a VPN #337
-
|
Along with my other post about removing DOH/DOT from the recommendations, I think you should never use DOH/DOT with a VPN unless it is the VPN's provider's DNS servers. Even with eSNI, the VPN provider can figure out what the user is visiting based on the IP anyways. All what it does is increasing the number of parties to trust. If you cannot trust a VPN provider, suspecting them of doing DNS spoofing, then you shouldn't be using that VPN provider in the first place. And if there is DNS spoofing going on, your browser will catch that if you are using https. If you are not using https, then there are other ways for an adversary to attack you anyways, DNS spoofing is not even necessary. Doing DOH/DOT while using a VPN is pointless and potentially harmful. |
Beta Was this translation helpful? Give feedback.
Replies: 0 comments 1 reply
-
|
|
Beta Was this translation helpful? Give feedback.
I will make a PR for this now.