How is the implementation of DNS-over-HTTPS

How is the implementation of DNS-over-HTTPS

Let’s talk about the developers of the browsers that use the new Protocol. Tell us why against this initiative are Internet service providers and regulators in the U.S. and the UK.

How is the implementation of DNS-over-HTTPS, image # 1

Who implements

The developers of Mozilla test DNS-over-HTTPS since the summer of 2018. In February this year, the company did DoH Protocol by default for all users in the United States. Its support is automatically enabled when you install the browser. In the future this practice will spread to other countries. Interestingly, the developers have chosen pretty aggressive the policy of introducing new items. Firefox will automatically change the DNS provider for the user, if the current operator does not support encryption of requests to the domain name system.

DoH implements and other vendor browsers — Google. Test Protocol started in version of Chrome 78. Full support added public release 83, which was released a month ago. In contrast to the colleagues, Google has taken a softer approach to the implementation of the new Protocol. Browser the Corporation shall include the DoH only if the provider user is in the compatible list. Otherwise the browser will work without encryption of DNS queries.

The new Protocol activated and in Opera — encrypted traffic is sent via a DNS service one of the foreign cloud providers. Plan to implement DoH and authors Brave, but can not yet name the exact date of implementation.

Who opposes

Against DNS-over-HTTPS advocated by some Western Internet service providers. According to them, the new Protocol prevents the work of system administrators. Because traffic is encrypted, it is more difficult to block potentially malicious sites in the corporate and private networks. The Protocol also complicates the search for the virus attacks that have already learned to encapsulate the traffic in DoH and use it to their advantage. For example, last summer, specialists from Netlab found virus Godlua. The malware used the DoH to receive text records (TXT) domain name and removed the URL command and control servers.

Representatives of telecommunication companies also notethat DoH users to configure parental control — because traffic can be discerned. However, the developers of the browsers offer solution to the problem. For example, Firefox automatically shut off DoH, if the user activated the parental controls feature.

How is the implementation of DNS-over-HTTPS, image # 2

American telcos are also concerned that large companies such as Google, can use their influence in the market and convince users to connect to the DNS servers of the company. This situation may lead to a centralization of traffic. At the end of last year, Internet service providers, even prepared a presentation on this subject, presented to members of Congress. Now the us regulator plans to check up, whether will damage a DNS-over-HTTPS for network security and healthy competition in the market.

Their concerns regarding the DoH, said the UK regulator. There providers use DNS to implement filter prohibited content, the settings of which regulated law. Encryption of traffic in DoH may interfere with their work. However, in Mozilla already notedthat will not be activated DNS-over-HTTPS on the territory of the country. Despite this, British Telecommunications still perform in support of the new Protocol in the company believethat encryption of DNS queries will increase the safety of the users.

In any event, the question of mass distribution of DNS-over-HTTPS is still open, despite the initiative of browser developers. But when the Protocol will start to use more people will become clear, in what direction will continue to develop the regulation.




0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments

Do NOT follow this link or you will be banned from the site!
Would love your thoughts, please comment.x

Spelling error report

The following text will be sent to our editors: