On Mon, Sep 09, 2019 at 03:31:37PM +0200, Bjørn Mork wrote:
> I for one, do trust my ISPs a lot more than I trust Cloudflare or
> Google, simply based on the jurisdiction.
There are tons of setups which are fine tuned for latency because they
are behind sat links etc or low bandwidth landlines. They have dns
caches with prefetching to reduce typical resolve latency down to sub
milliseconds although your RTT to google/cloudflare is >1000ms.
Switching from your systems resolver fed by DHCP to DoH in Firefox will
make the resolve latency go from sub ms to multiple seconds as the
HTTP/TLS handshake will take multiple RTT. This will effectively break
ANY setup behind Sat links e.g. for example all cruise ships at
sea.
Flo
--
Florian Lohoff f@zz.de
UTF-8 Test: The 🐈 ran after a 🐁, but the 🐁 ran away
Attachment:
signature.asc
Description: PGP signature