rokzoi@lemmy.worldtoShowerthoughts@lemmy.world•Lemmy is so good right now because there are no kids hereEnglish
31·
1 year agoHaha I don’t know what Digg is, but I came from 9gag to 8yrs of Reddit to now Lemmy.
Haha I don’t know what Digg is, but I came from 9gag to 8yrs of Reddit to now Lemmy.
Correct me if i am wrong but DNSSEC has nothing to do with encryption of your request. It is used to verify that the record you received is from the correct authority. Furthermore your DNS requests have to go through your ISP even if you don’t use their DNS server as it is your only connection to the Internet.
The only thing you could do is encrypt the traffic somehow (dns over https exists), but then you have to trust that provider instead, and your ISP can still see the IP addresses you try to reach after you know them and might be able to still do a domain lookup using DNS if it is also configured to return the domain when looking up the IP. If they would put in the effort of course.