mirrors/doh-server
1
0
Fork 0
mirror of https://github.com/DNSCrypt/doh-server.git synced 2025-04-03 04:57:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

Add a note on keys

Browse source
This commit is contained in:
Frank Denis 2021-06-06 22:52:54 +02:00
parent fd1081e0b0
commit eebd6b8356
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -114,6 +114,8 @@ Oblivious DoH is similar to Anonymized DNSCrypt, but for DoH. It requires relays
This proxy supports ODoH termination (not relaying) out of the box.
However, ephemeral keys are currently only stored in memory. In a load-balanced configuration, sticky sessions must be used.
## Operational recommendations
* DoH can be easily detected and blocked using SNI inspection. As a mitigation, DoH endpoints should preferably share the same virtual host as existing, popular websites, rather than being on dedicated virtual hosts.