DNSSEC signs DNS records so you know they’re genuine and come straight from the authoritative nameservers for the domain.
DoH encrypts DNS traffic so nobody can eavesdrop on what domains you connect to, and masks it as HTTPS traffic so providers can’t block it to force you to use their nameservers.
lemmyvore@feddit.nl 1 year ago
Hold on, these are orthogonal technologies.
DNSSEC signs DNS records so you know they’re genuine and come straight from the authoritative nameservers for the domain.
DoH encrypts DNS traffic so nobody can eavesdrop on what domains you connect to, and masks it as HTTPS traffic so providers can’t block it to force you to use their nameservers.
r00ty@kbin.life 1 year ago
Actually, that's a pretty decent explanation of why they only want to use DoH. Makes sense to me now, cheers.