The first thing I did while picking out an encrypted DNS resolver from PrivacyTools’ list was filter out all of the DNS providers that log traffic and the DNS providers that have servers in the US.
That leaves me with five DNS providers – BlahDNS, CZ.NIC, LibreDNS, PowerDNS, and Snopyta. PowerDNS has servers in the Netherlands, a member of the Nine Eyes, and BlahDNS and LibreDNS have servers in Germany, a member of the Fourteen Eyes.
If I were to filter out BlahDNS, LibreDNS, and PowerDNS I would be left with CZ.NIC and Snopyta. The problem with those two is that they don’t have public source code, but the alternative would be using a provider based in either the Nine Eyes or the Fourteen Eyes. Which should I prioritise – the public availability of source code or server locations?
Furthermore, how important is QNAME minimisation, filtering, and the resolver’s hosting provider? Does the type of provider (commercial, nonprofit, informal collective, etc.) matter at all? Is there anything else I should be considering when deciding on an encrypted DNS resolver?