this post was submitted on 01 Jun 2024
1064 points (98.6% liked)
Technology
59549 readers
3560 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It's not up to Chrome.
The day they do their own DoH in-browser it is definitely up to them. It's already opt-in if you want to see how well your pi-hole won't work with it enabled.
Next step is to do DoH by default, and finally making it compulsory.
Chrome already does have DoH enabled by default from what I can tell.
https://support.google.com/chrome/answer/10468685
They can do it all they want but it won't work...
If I "opt in" it falls back to non doh immediately because using doh on my network is not up to Chrome.
use-application-dns.net + nxdomain for any known doh provider
I don't use pihole but doh blocking works great on my network. It should work on a pihole tho it's pretty basic stuff.
If you can't resolve the domain you can't validate the TLS certificate.