Am 10.09.2019 um 07:50 schrieb Florian Lohoff <f...@zz.de>: > On Mon, Sep 09, 2019 at 03:31:37PM +0200, Bjørn Mork wrote: >> I for one, do trust my ISPs a lot more than I trust Cloudflare or >> Google, simply based on the jurisdiction. > There are tons of setups which are fine tuned for latency because they > are behind sat links etc or low bandwidth landlines. They have dns > caches with prefetching to reduce typical resolve latency down to sub > milliseconds although your RTT to google/cloudflare is >1000ms. > > Switching from your systems resolver fed by DHCP to DoH in Firefox will > make the resolve latency go from sub ms to multiple seconds as the > HTTP/TLS handshake will take multiple RTT. This will effectively break > ANY setup behind Sat links e.g. for example all cruise ships at > sea.
I can confirm (based on experiences on my day job) that this can be a real problem and affecting thousands and hundredthousands of users. Having the *option* to use DoH is maybe a good idea, but making it the default is not. -- Ciao... // http://blog.windfluechter.net Ingo \X/ XMPP: i...@jabber.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc
