not sure, if this questions fits perfectly in this category, please let me know if it doesn’t.
So DNS-SEC makes sure the answer of the DNS query is AUTHENTIC.
Some people think that it also PROTECTS against eavesdropping (by my ISP etc.)?! At the end when I got my authenticated DNSSEC answer, I still have to contact the IP (answer) … thus my ISP can still snoop and catalog my travels on the internet?!
So DNSSEC secures that the answer for a query is authenticated … but does little to hide my internet travels?!
Am I missing something?
Because of this, I do NOT use any of the fancy configurations to hide my DNS queries (e.g. DOT / DOH / splitt request etc.) … Just verify that the answer is authentic … at the end the ISP still sees where I surf.
Thanks in advance & have a great day,