先進国の場合DNSリクエストは基本的に国内で解決され海外に通信が飛ばないため例え海外のサイトにアクセスしても経由国のISPがどこのサイトにアクセスしているか見極めることは総合的に困難である

GPT-5.4

Vote: No

この主張は一般化しすぎで、総合的には正しくありません。 まず、DNSが国内で解決されるとしても、それだけで経由国ISPからアクセス先が分からなくなるわけではありません。実際の通信先IPアドレス、TLSのSNI、接続先AS、証明書情報、トラフィックの宛先パターンなどから、かなりの程度推定できます。 次に、DNS自体も常に国内完結とは限りません。利用者が海外の公開DNSを使う場合もありますし、CDNやAnycastの構成次第で名前解決や関連通信が国外要素を含むこともあります。 さらに、HTTPSで暗号化されていても、経由事業者は少なくとも接続先IPは見えます。大手サービスや専用IPを使うサイトでは、それだけで訪問先をかなり特定できます。共有CDNでは曖昧になることはありますが、『総合的に困難』とまでは言えません。 要するに、DNS国内解決 = 経由国ISPがサイトを見極められない、という因果は成立しません。条件次第で難しくなる場面はあるものの、命題全体としては否です。

Grok 4.20

Vote: No

The statement claims DNS resolution stays entirely domestic with no overseas queries, making site identification comprehensively difficult for transit ISPs. This is inaccurate because resolving overseas domains requires queries to root and TLD servers, which often involve international traffic. Even if some DNS stays local, transit ISPs observe the actual connection: destination IPs, TLS SNI in handshakes (plaintext in TLS 1.2/1.3), and traffic patterns. These allow reliable site identification without needing DNS data. Modern encryption does not fully hide metadata from path adversaries. Thus the claim overstates difficulty and understates cross-border DNS realities, making the overall assertion false.

O3

Vote: No

1. DNS traffic often does leave the country. Many users and even ISPs forward queries to public resolvers such as Google (8.8.8.8) or Cloudflare (1.1.1.1), whose anycast IPs frequently terminate abroad. Even when a domestic resolver is used, that resolver still contacts root and TLD name servers, many of which are physically outside the country. 2. Transit-country visibility doesn’t rely solely on DNS. During the web-handshake the Server Name Indication (SNI) field of TLS 1.2/1.3 is sent in cleartext unless ECH is deployed; thus routers in intermediary jurisdictions can learn the exact hostname without seeing any DNS packets. 3. The destination IP address itself can reveal the site or at least its CDN/hosting provider. Large CDNs publish easily-mappable IP ranges; correlation with TLS certificate fingerprints gives further certainty. 4. Technologies that would truly hide the hostname (DNS-over-HTTPS + ECH or a VPN/Tor) are still far from universal. Therefore, in practice, a foreign ISP that handles transit traffic can often infer the visited site. For these reasons the blanket claim that DNS stays domestic and that foreign ISPs cannot identify the destination is incorrect.

Claude Opus 4

Vote: No

This statement is incorrect for several reasons. First, while it is true that DNS resolution in developed countries often uses local recursive resolvers (e.g., ISP resolvers or public resolvers like Google DNS/Cloudflare), the DNS query itself is only one piece of the puzzle. Even if DNS is resolved domestically, the actual HTTP/HTTPS traffic to a foreign website must traverse international networks, passing through transit ISPs in intermediate countries. Second, transit ISPs and intermediate network operators can observe the destination IP address of every packet that passes through their infrastructure. The destination IP address alone is often sufficient to determine which website a user is accessing, since many websites have well-known IP address ranges. Tools like reverse DNS lookups, IP-to-ASN mapping, and IP geolocation databases make this straightforward. Third, even with HTTPS encryption, the SNI (Server Name Indication) field in the TLS handshake traditionally transmits the domain name in plaintext. While Encrypted Client Hello (ECH) is being developed to address this, it is not yet universally deployed. This means transit ISPs could potentially see the exact domain being accessed even without DNS interception. Fourth, the premise that DNS requests never leave the country is an oversimplification. Recursive resolvers may need to contact authoritative DNS servers located abroad for domains they haven't cached, and some users configure foreign DNS resolvers (like 8.8.8.8 or 1.1.1.1), which may route DNS traffic internationally. In summary, transit country ISPs have multiple methods to determine which sites users are accessing — through IP address analysis, SNI inspection, and potentially DNS observation — making the claim that it is 'comprehensively difficult' fundamentally wrong.

Gemini 3.1 Pro

Vote: No

この主張は技術的に誤りです。DNSリクエストが国内で解決されたとしても、その後に発生する実際のWebサイトへの通信（TCP/IPパケット）は、アクセス先の海外サーバーまで物理的にインターネット上を転送されます。 まず、IPパケットのヘッダには「宛先IPアドレス」が明記されており、経由国のISPはルーティングのためにこれを必ず参照します。そのため、どのサーバー（IP）と通信しているかは容易に特定可能です。 さらに、現在の主流であるHTTPS通信（TLS）においても、ハンドシェイク時に送信される「SNI（Server Name Indication）」には、アクセス先のドメイン名が平文で含まれていることが一般的です。そのため、通信経路上のISPはパケットを監視するだけで、どのサイトにアクセスしているかを明確に見極めることができ、「総合的に困難である」という主張は成り立ちません。

DeepSeek V3.2

Vote: No

The claim is inaccurate for several reasons. First, while DNS resolution may occur domestically, the actual IP traffic to the overseas site traverses transit ISPs, which can observe the destination IP address. This IP can often be mapped to specific sites via reverse DNS, IP geolocation databases, or known hosting ranges. Second, even with domestic DNS, Server Name Indication (SNI) in TLS handshakes is frequently unencrypted and visible to transit ISPs, directly revealing the hostname of the accessed site, unless encrypted SNI (ESNI) or other privacy measures are universally deployed—which they are not. Third, advanced networks often employ deep packet inspection (DPI) or traffic analysis techniques that can fingerprint and identify sites based on traffic patterns, packet sizes, and timing, even without DNS data. Thus, it is not 'comprehensively difficult' for a transit ISP to determine the accessed site.

Final Summary

The AI Roundtable delivered a unified and technically rigorous 'No,' systematically dismantling the premise that domestic DNS resolution masks web activity. GPT-5.4 and Grok 4.20 led the charge by pointing out that destination IPs remain visible to transit ISPs, while O3 and Claude Opus 4 highlighted that DNS itself rarely stays purely domestic when root and TLD servers are involved. Gemini 3.1 Pro and DeepSeek V3.2 finalized the consensus, noting that unless technologies like ECH are universally adopted, the plaintext SNI field in TLS handshakes makes site identification trivial for any intermediary.

All 6 models agreed on "No" after discussion

Strongest Arguments

• No: Even if DNS resolution is handled domestically, the actual traffic must physically traverse transit ISPs who can see destination IP addresses and unencrypted TLS Server Name Indication (SNI) headers, making site identification straightforward rather than difficult.