[LINK] Secure DNS

Kim Holburn kim at holburn.net
Thu Jan 16 18:13:39 AEDT 2020



> On 2020/Jan/16, at 5:54 pm, David <dlochrin at aussiebb.com.au> wrote:
> Even with some form of secure & encrypted DNS from clients to trusted servers, ISPs could still see each web-page URL with the host name replaced by its resolved address.  

That'd be very bad security.  As I understand it, the encrypted stream is established first, then the URL sent encrypted.  To do it the other way would be a security breach.

> So the security agencies could still monitor an agent of interest, but selling users' browsing history would probably involve too much work to be worthwhile.


A sensible "agent of interest" would be using a VPN no?

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 






More information about the Link mailing list