• Darkassassin07@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      8 months ago

      It will prevent the ISP from snooping on, or tampering with, the DNS request. However when you go to use the IP you’ve retrieved via DoH/DoT; your first request establishing a TLS connection to that IP will contain an unencrypted SNI which states the domain you are trying to use. This can be snooped on by your ISP.