I wrote a summary of the DNS over TLS vs DNS over HTTPS debate (without going too much into the drama).
It also contains an introduction to my proposed solution, and why it’s better than either.
@eqe by default it will fall back for non-public hosts, but if you don’t want those sent to CF you can also just disable DoH.
Generalistic Mastodon instance for open-minded people. Instance Mastodon généraliste pour personnes ouvertes d'esprit.