Once out of beta I will probably still continue using DNSCrypt as it offers a lot more
Blocked on my network, not something I want. I already have my own DNS server, which is already using DNSSEC over DNSCrypt. AFAIK DoH doesn’t even guarantee DNSSEC. I also have my own internal infrstracture, so it wouldn’t work anyway, as none of my internal servers have external DNS entries.
For corporates it is also a non-starter as a majority of the resolution you will need during the day will be internal resources, which, again, aren’t on external DNS servers.
For people regularly using their devices over LTE or on open Wi-Fi spots, it can be useful.
If you are at home, I’d really recommend to switch your router to use DNSCrypt to a non-tracking DNSSEC capable DNS server - I use Quad9 at the moment.
1 Like
I’m not a huge advocate of DoH either. Sure, it can be useful at times, but it doesn’t really solve the privacy issue. It makes your DNS queries harder to spoof, it also prevents simple eavesdropping, but the remote end will still need to have your data, regardless of whether they are sent over an encrypted channel or not.