top | item 44217594

(no title)

Usually.

Some middleboxes inspect the TLS session setup (e.g., SNI sniffing) and in some corporate environments they even decrypt the traffic (this relies on the endpoints having a root certificate installed that allows this functionality, which is something you'd see in a corporate environment).

discuss

meindnoch|8 months ago

Ok, but at that point there's zero benefit to DoH anyway.

jen20|8 months ago

There might be: even if my employer can decrypt traffic, there's no reason for either of my scumbag internet service providers to be able to.