Re: Should we block DoH by default?

Am 2020-03-03 16:55, schrieb Tapani Tarvainen:

Perhaps I should also note that Firefox allows you to choose your own DoH server, you don't have to use Mozilla or Cloudflare or whatever, and at some point it might be good to have DoH server built into IPFire.

No. Because DoH is a crappy protocol (BASE64 encoded DNS packets) and browsers will not accept self signed TLS certificates.

HTTPS cannot verified without working DNS so the Idea to tunnel DNS over HTTPS is strange...