DNS over HTTPS
DNS over HTTPS (DoH) has become the new talk of the town these days and hitting the headlines in 2019.
When it comes to the world of enterprise security.
This is a new internet protocol that is ready to bring a cyber-security revolution.
Companies like Microsoft, Mozilla, and Google are pushing forward with this internet protocol.
This technology is going to improve online privacy and security.
What is DNS?
DNS, also known as Domain Name System is the internet-wide service that translates the fully qualified hostnames like www.google.com into an IP address.
This system was developed so as it’s much easier for the users to remember the domain names rather than the IP address.
Back in 1983, when DNS was launched, DNS requests and responses were sent over the web in a clear text and they were still the same.
Now, with so much insecurity over the web, there is an additional need to encrypt the DNS traffic.
DNS server has never got an upgrade, unlike HTTP or FTP.
DNS over HTTPS & How It Works
Currently, the IETF DOH working group is going to standardize the DNS over HTTPs protocol.
This protocol is of major interest especially for the businesses, but regular users will also be impacted by the same.
This protocol first emerged in 2017 and the modern web browsers like Chrome now mark the sites using standard HTTP as not secure.
DNS over HTTPS is an internet security protocol that communicates the DNS information in an encrypted and more secure way over HTTPs connections.
So, are you ready for this cyber revolution?
Once it will be in a good flow, it can make the network communications more secured.
This kind of encryption will ensure that no one can tamper with any web page while working on it online.
Until now, DNS lookups were not secure and haven’t been encrypted.
Actually, DNS over HTTPS is a protocol for performing the encrypted DNS queries over an HTTPs connection.
There were many problems with DNS including that DNS queries were sent unsecured in the plain text.
This means that anyone listening like your ISP may look at all your queries.
Therefore, DoH is the best option that secures the communication between the user and its DNS server which brings a number of benefits to the users.
Benefits of DNS over HTTPS protocol
With DoH, the queries or requests are sent over HTTPS which is a secure protocol commonly uses for securing the websites.
This is going to be the future of web privacy.
Therefore, most popular sites nowadays are using HTTPS to encrypt connections.
Moreover, to protect the sensitive information of users from malicious attacks such as credit/debit card details, net banking logins, and passwords, etc.
This will help to stop the hackers from receiving the records. Some of the positive outcomes of using DNS over HTTPS are:
- Protects against the DNS spoofing
- Guaranteed confidentiality
- Never share information with third parties
Who will support it?
Google and Mozilla are already working on it in Google Chrome and Mozilla Firefox and will include this soon in their future versions.
And, soon Microsoft would also adopt it in the Windows networking stack.
According to Google, they will enable it for 1% of users by default starting in Chrome 79 which has to release in December 2019.
While Mozilla says, it is enabled for everyone in 2019.
In the current stable version of Firefox, you can go to
Menu>options>general scroll down, and click on settings under network settings options and activate “Enable DNS over HTTPs”.
How chrome will include DoH?
For now, the Google team is working on it and will include a limited number of users for now.
In this trial period, it will help them fix any kind of errors or issues with this and figure out how to deploy it for all.
The testers will test it in the future version of Chrome which is not yet available.
In order to activate or deactivate it on the latest version of Chrome, use the link: //flags/#dns-over-https.
How Mozilla will include it in the future?
Mozilla has already been working on this implementation for a long time than Chrome.
Including DoH in Mozilla Firefox is easier even for the non-technical users.
How implementing DNS over HTTPs will be beneficial for organizations?
DNS over HTTPs protocol will make the DNS traffic communications more secure and encrypted.
However, which will further bring about more privacy for businesses and organizations.
As DoH is still new, many organizations across the world are anxious about implementing it due to its compatibility issues.
Here are some top benefits of early adoption of DoH that ensure a smooth transition:
- If implemented right, you will gain more data security and privacy
- You will also get to test out how it will integrate with your organization network ahead of time and will fix any potential issues before DoH becomes live for all
- It will help you to test out the compatibility of DoH with your DNS traffic filter
Apart from its benefits, there are some demerits of the same including:
- If your system administrator is not experienced, there are chances that you may end up with some blocked queries and false security
- This could be ineffective if your DNS traffic filtering solution has not worked to integrate with DNS over HTTPs
Like any IT revolution, DoH may pose some challenges at first, until everyone becomes used to it.
But once it will come into daily use by all, its benefits will be amazing in the long run.