@@ -575,7 +575,6 @@ The VPN service shall provide a method to force revocation, temporary or permane
#### 5.2.9.1 Requirement
Special attention to DNS queries is required, because they are usually transmitted in plaintext and could be eavesdropped on by an attacker on the wire or the DNS server itself and disclose which domains the user is trying to connect to.
Special attention to DNS queries is required, because DNS requests are usually transmitted in plaintext and could be eavesdropped on by an attacker on the wire or the DNS server itself and disclose which domains to which the user is trying to connect.
DNS leaks occur if the client does not or only partially tunnels cleartext DNS traffic through the VPN connection. This could either happen due to misconfiguration, system overwrites, or by design for example in case only partial traffic is tunnelled, so-called split tunnelling.
