this post was submitted on 04 Mar 2025
5 points (77.8% liked)

Privacy

1189 readers
372 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be nice, civil and no bigotry/prejudice.
  2. No tankies/alt-right fascists. The former can be tolerated but the latter are banned.
  3. Stay on topic.
  4. Don't promote proprietary software.
  5. No crypto, blockchain, etc.
  6. No Xitter links. (only allowed when can't fact check any other way, use xcancel)
  7. If in doubt, read rule 1

Related communities:

founded 3 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
5
DNSSEC vs DOH (lazysoci.al)
submitted 5 hours ago by sabreW4K3@lazysoci.al to c/privacy@lemmy.dbzer0.com
3 comments fedilink hide all child comments
 

Which is better and why?

Is there an indication of superiority based on the fact Android has somewhat implemented DOH whereas they ignore DNSSEC completely? Or are they ignoring it because it's so good. That said, NextDNS also ignore DNSSEC.

top 3 comments
sorted by: hot top controversial new old
[–] Xanza@lemm.ee 4 points 5 hours ago (1 children)

DNSSEC and DoH aren't the same thing. I feel like this post explains it best.

[–] bigDottee@geekroom.tech 1 points 4 hours ago

That’s a pretty good post. Makes sense and sounds like, just ipv6, we’ve got a long time before the internet starts making vast changes.

[–] 9tr6gyp3@lemmy.world 2 points 5 hours ago

You can have both. One offers encryption, the other offers verification to avoid spoofing. Most domains have not implemented it with their dns settings and domain registrar though. As a result, NextDNS doesn't enforce it for compatibility reasons. They would block 99% of the web if they required it.