Reply to post: would https even matter?

Citizen Lab says Sandvine network gear aids government spyware

Nate Amsden

would https even matter?

I mean if you are in a position to intercept the application traffic quite likely you can intercept the DNS traffic as well. Use DNS to route the traffic to a proxy on http, and optionally use https on the backend to connect to the original urls.

As for encryption for DNS, I have hosted my own domains for about 21 years now and have never used DNSSEC though according to this interesting blog post I came across https://sockpuppet.org/blog/2015/01/15/against-dnssec/

"DNSSEC doesn’t secure browser DNS lookups.

In fact, it does nothing for any of the “last mile” of DNS lookups: the link between software and DNS servers. It’s a server-to-server protocol."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon