> When both are operated by the same company, how can you know they aren't collu... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jeroenhd 5 months ago | parent | context | favorite | on: New standards for a faster and more private Intern...

> When both are operated by the same company, how can you know they aren't colluding?

You don't. At best the client can check domain names and IP addresses, but that's hardly a guarantee.

To solve that problem, you can combine multiple parties. For example, you can use https://odoh1.surfdomeinen.nl/proxy as a proxy (operated by SURF [1]) to use the Cloudflare servers for lookup.

I think for ODoH to work well, we need a variety of companies hosting forwarding services. That could be ISPs, Google/Microsoft/etc. or some kind of non-profit.

[1]: https://www.surf.nl/en

musicale 5 months ago [–]

> That could be ISPs, Google/Microsoft/etc. or some kind of non-profit.

Or Apple[1,2].

[1] Oblivious DNS over HTTPS, https://www.ietf.org/rfc/rfc9230.txt

[2] About iCloud Private Relay, https://support.apple.com/en-us/102602

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact