• Darkassassin07@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    8 months ago

    It will prevent the ISP from snooping on, or tampering with, the DNS request. However when you go to use the IP you’ve retrieved via DoH/DoT; your first request establishing a TLS connection to that IP will contain an unencrypted SNI which states the domain you are trying to use. This can be snooped on by your ISP.