I know that we are not doing new services right now, but the Password Manager thread inspired me to start a thread on this, to find out if this is something folks are interested in doing.
DNS over HTTPS is a newish protocol that is now supported by Chrome and Firefox. Instead of using traditional unencrypted DNS queries, domain lookups are wrapped in the same encryption as encrypted web traffic itself.
In one sense it could be a privacy win because it stops casual snooping of DNS queries which are not encrypted.
But the way that it has been rolled out is a privacy issue, because everything is getting centralized into Cloudflare and Google, meaning the queries are safe against casual observers, but available to those companies.
What if we ran a DoH resolver, and didn’t log people’s queries? And then encouraged our members to use it?
It seems like a service that we can actually claw back from Google that would be a painless switch for our members, just instructions on how to set and forget.
It would also be another public server, like our name servers or our SKS key server, because I’m not sure you can limit it.
I will admit to not having looked into how to do this, but I would be happy to look into it, if folks are interested in us doing this. I just didn’t want to go that far down that rabbit hole before floating this idea.