Centrality of DNS article and DoH/DoT to root resolvers

Whilst encryption, least as of TLS version 1.3, is currently deemed relatively safe from 3rd party content snooping/manipulation there is no way to prevent the ISP from profiling/filtering/blocking DoT or DoH traffic, or any other traffic (pattern) for that matter.

Lucky enough if one gets a liberal ISP/legislation that does not interfere with the user’s DNS business. Unlucky if one does not.

With the right DPI tools any traffic can be profiled/blocked, never mind whether encrypted/encapsulated.