This DNS over HTTP thing

[jared at puck.nether.net (Jared Mauch)]

> On Oct 1, 2019, at 9:22 AM, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> 
> On Tue, Oct 01, 2019 at 12:11:32PM +0200,
> Jeroen Massar <jeroen at massar.ch> wrote 
> a message of 101 lines which said:
> 
>> - Using a centralized/forced-upon DNS service (be that over DoT/DoH
>> or even plain old Do53
> 
> Yes, but people using a public DNS resolver (of a big US corporation)
> over UDP is quite an old thing and nobody complained. I really wonder
> why there was so little reaction against OpenDNS or Google Public DNS
> and suddently a lot of outcry against DoHâ?¦

I get people not wanting to use 8.8.8.8 1.1.1.1 4.2.2.1 or even their local DNS resolver because various people have tried to treat it as a revenue stream at times.  There needs to be more middle ground here than people have drawn with their battle lines.

>> Noting that many ISPs are deploying both DoT and DoH next to Do53.
> 
> Fact-checking: could you name some? (I do not know even one.)

Iâ??ve gone and enabled DoTLS on my server and (wow, the number is finally non-zero!) havenâ??t seen a lot of TLS adoption.  I see a lot more IPv6 than TLS at my authority server.

num.edns=433691276
num.ednserr=96
num.udp=299934993
num.udp6=154946379
num.tcp=820001
num.tcp6=292693
num.tls=15
num.tls6=0
num.answer_wo_aa=1117887
num.rxerr=0
num.txerr=6
num.raxfr=49
num.truncated=1420526
num.dropped=86596

- Jared