Quick question about DNS and DoH that I thought about after reading this post:
https://packmates.org/@silvereagle@furry.engineer/111176886781705659
Wouldn’t it make sense for Firefox or another third party to bundle and transparently forward all DoH requests to cloudflare so that:
A) Cloudflare doesn’t know who made what request due to not knowing the origin
B) Firefox doesn’t know who made what request due to TLS
Just an fyi. DoH is a fucking nightmare for network management. For example, if you use a pihole on your network, you 100% do NOT want devices using encrypted DNS.
Is it possible for devices to ask the pihole without doh, and the pi-hole to forward the request with doh if the domain isn’t in the cache?
I’m not an expert but I’m pretty sure no.
Not using Cloudflare as a DNS resolver would be an even better solution.
I’ve just started using their Zero trust stuff and so far I like it. Why should I not use them? What other options are better?
I meant Cloudflare DNS, I don’t understand why Firefox uses Cloudflare DNS when there are so many other great options like NextDNS. The reason why many people in the privacy community dislike Cloudflare or CDNs in general is because they are often hostile to VPN or TOR users, and they centralize the web.