Maybe in comming years, but I’ve never encountered an ad served explicitly through DoH/DoT. It’s certainly possible, just not actually in use yet.
You can also setup DoH front and back ends for pihole so traffic entering and leaving it is encrypted. When/if it becomes necessary I’ll probably look into https packet inspection using custom Root certs to force clients to use my local DoH services and block other traffic, or look into inspecting the SNI to apply blocking there; but again its just not needed yet and may not be for a long time. We’ll see. I’m sure the pihole/Adguard teams are also investigating solutions.
Maybe in comming years, but I’ve never encountered an ad served explicitly through DoH/DoT. It’s certainly possible, just not actually in use yet.
You can also setup DoH front and back ends for pihole so traffic entering and leaving it is encrypted. When/if it becomes necessary I’ll probably look into https packet inspection using custom Root certs to force clients to use my local DoH services and block other traffic, or look into inspecting the SNI to apply blocking there; but again its just not needed yet and may not be for a long time. We’ll see. I’m sure the pihole/Adguard teams are also investigating solutions.