zlacker

[return to "Why does 1.1.1.1 not resolve archive.is?"]
1. LeoNat+M3[view] [source] 2019-10-04 06:23:33
>>stargr+(OP)
This is the reason I stopped using 1.1.1.1.
◧◩
2. nobody+84[view] [source] 2019-10-04 06:30:15
>>LeoNat+M3
A very silly one at that given their reasons for not resolving archive.is are quite rational and on the contrary makes me want to swap google's DNS servers for theirs.
◧◩◪
3. cnst+E9[view] [source] 2019-10-04 07:50:04
>>nobody+84
What exactly do you use DNS for? If it's to subsequently make a HTTP and/or HTTPS request, then your full IP address (and not just a /24 subnet) will be leaked to the very same parties anyways.

Even if they eventually make DNS encrypted, even if encrypting TLSv1.3 SNI work properly (and both of these are pretty big ifs, BTW), the IP addresses will still leak, always, and with a much higher precision anyways. So, this we-don't-do-ECS-because-privacy is hardly a rational statement on Cloudflare's part in the end — it merely breaks the performance of their competitor CDNs without any real privacy angle.

[go to top]