[Cryptography] Products that prevent DoH?
Udhay Shankar N
udhay at pobox.com
Wed Mar 11 21:46:22 EDT 2020
On Thu, Mar 12, 2020 at 4:45 AM Jan Schaumann <jschauma at netmeister.org>
wrote:
This only works for the case of the default opt-in to
> DoH, not for a client that explicitly enabled DoH via
> their configuration.
>
> I'm making this point here again because it is such a
> common misconception, and I only recently got Mozilla
> to update the description to make this somewhat more
> obvious by adding the note:
>
> "Note: The canary domain only applies to users who
> have DoH enabled as the default option. It does not
> apply for users who have made the choice to turn on
> DoH by themselves."
>
They make this point more explicitly here:
https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
Udhay
--
((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200312/dd9deec5/attachment.htm>
More information about the cryptography
mailing list