this post was submitted on 04 Mar 2025
8 points (100.0% liked)

Privacy

1831 readers
199 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No reposting of news that was already posted
  4. No crypto, blockchain, NFTs
  5. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 5 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
8
DNSSEC vs DOH (lazysoci.al)
submitted 1 month ago by sabreW4K3@lazysoci.al to c/privacy@lemmy.dbzer0.com
5 comments fedilink hide all child comments
 

Which is better and why?

Is there an indication of superiority based on the fact Android has somewhat implemented DOH whereas they ignore DNSSEC completely? Or are they ignoring it because it's so good. That said, NextDNS also ignore DNSSEC.

top 5 comments
sorted by: hot top controversial new old
[–] Xanza@lemm.ee 6 points 1 month ago (2 children)

DNSSEC and DoH aren't the same thing. I feel like this post explains it best.

[–] sabreW4K3@lazysoci.al 1 points 1 day ago

Thanks for that.

[–] bigDottee@geekroom.tech 2 points 1 month ago

That’s a pretty good post. Makes sense and sounds like, just ipv6, we’ve got a long time before the internet starts making vast changes.

[–] 9tr6gyp3@lemmy.world 4 points 1 month ago (1 children)

You can have both. One offers encryption, the other offers verification to avoid spoofing. Most domains have not implemented it with their dns settings and domain registrar though. As a result, NextDNS doesn't enforce it for compatibility reasons. They would block 99% of the web if they required it.

[–] sabreW4K3@lazysoci.al 1 points 1 day ago* (last edited 1 day ago)

Thank you for taking the time to explain