On Sun, Apr 12, 2020 at 07:33:51AM -0400, Gene Heskett wrote: [...]
> I don't either, but at some point in an https environment, it seems to me > that a dns lookup is going to have to be translated into a plain dns > lookup. No, that's not how it works. When the browser wants to resolve a name, it doesn't "do" DNS (when it's doing DOH, that is) but uses some "web-service-ish" protocol over https to some server out there (cloudflare, e.g.) which does the resolution and answers via https. Thus bypassing whatever scheme the sysadmin has set up for DNS. I don't have polite words for that. Cheers -- t
signature.asc
Description: Digital signature
