I was interested in kagi, but it's not private at all. Your search term is right in the url, meaning the nsa can monitor your search terms. As an intellectually curious person, I search for things I shouldn't. I don't care if someone sees my local history, but I don't want to get put on a watch list for searching for production techniques for Compound B.
This is not correct. ISPs cannot see the actual URL being requested. Your DNS provider can see the hostname. The ISP may be able to see the hostname unless encrypted SNI is in place. The ISP can see the IP address you are connecting to.
You seem to know more about this than I do, but my layperson's takeaway from the Snowden revelations is that the NSA records every url we browse. Are you saying that's incorrect?
The only way NSA can record the URL without having infiltrated Kagi's datacenter, is for them to have broken the encryption algorithms behind TLS/HTTPS.
If that's the case, nowhere on the regular Internet is safe.
Snowden revealed that NSA has infiltrated all the major industry players (Apple, Microsoft, Google, etc.), also ISPs. But the only way NSA can know what your plaintext HTTPS URL is either by having access to your PC, or having access to Kagi's servers. Or as I said, that they've cracked encryption schemes everyone assumes to be safe.
You can POST it, and some privacy oriented web tools do that instead of GET, but the reason, as explained elsewhere, is not to hide it from NSA (GET parameters and POST are equally easy/hard to intercept), but to protect against other persons who has access to ones unencrypted computer (spouse, kids, colleagues).
The part after the domain is not visible to anyone between you and kagi as long as you access it over working https/tls.
The reason some privacy oriented sites hide it is because of local snooping on your end point, i.e. if someone has access to your device when you are not there and can look through your logs and by extension search logs.
