Some problems with DoH!

With recent announcements from Mozilla about wanting to use DNS-over-HTTPS by default and partnering with Cloudflare to at least test this, I’ve been giving the matter of DoH quite a bit of thought. This is therefore the first of two possibly three articles dealing with various aspects of DNS over HTTPS. For those that are unaware the idea behind DNS-over-HTTPS ( henceforth DoH ) is that DNS isn’t by default secure or private so let tunnel it over HTTPS so that those pesky firewalls don’t get in the way and secure it that way. This will allegedly make DNS faster, more private and just all round better. Personally I think it will do few if any of those things and that the problems it will create will far out weight any perceived benefits. As Bert Hurbert said this looks a lot more like a land grab by CDN and browser… Continue reading