Following Google's announcement that DoH is widely availableMozilla decided to launch it to Firefox users in the United States starting at the end of September 2019DNS over HTTPS (DoH)。
We plan to gradually introduce DoH in the United States from the end of September. We first enable DoH for a small number of users while monitoring any problems, and then for more users. If it goes smoothly, a notice will be sent before the full promotion of DoH.
After many experiments over the past two years, the organization decided to default to DoH in Firefox. Mozilla uses third-party Cloudflare as DoH because it follows a strict privacy protocol, which means that all user traffic goes through the Cloudflare network.
In most cases, DNS requests are done in public, and monitoring the process can obtain records of sites and IP addresses. Compared with traditional DNS, DOH (DNS requests sent through HTTPs encryption) has little impact on the performance of cloud services. In most cases, it is only 6 milliseconds slow, and there is no significant difference in connection error rate. However, it is safer than DNS, and users'privacy can be better protected.
It should be noted, however, that TLS is still delivered to its destination in plain text.
Firefox allows DoH to be disabled and restored to system DNS. First look at how to enable DoH on Firefox:
Check whether Firefox uses Cloudflare DNS:
A Mozilla blog post mentions that although DoH is the default configuration after installing Firefox in the United States, some configurations can also disable it: