In June this year,Google announces that its DNS Over HTTPS (DoH) service is officially available。 DoH packages domain name queries into DNS servers with secure, encrypted HTTPS connections, thus preventing eavesdroppers from accessing queries. It is one of several emerging Internet protocols designed to narrow the gap between online communication security and privacy. Both Google and Mozilla Foundation are testing the agreement, and Mozilla just said two days ago that it would be at the end of this month.Launch DoH to Firefox users.
The experimental service will soon appear in Chrome browsers, officially on the Chromium blog.AnnouncementSaid Chrome 78 was experimenting with DoH..
The Google experiment will check whether DNS vendors for Chrome 78 users belong to one of the following six DoH compatible providers: Cleanbrowsing,Cloudflare,DNS.SB,Google,OpenDNS and Quad9. If included, Chrome switches from standard D / NS to DoH. using the same service provide
In this way, Google avoids the problem of Mozilla's way of providing DoH: forcing Firefox users to change the DNS vendor they chose for Cloudflare.
This experiment involves only a small number of Chrome users and will run on all supported platforms (except Linux and iOS). If you want to exit the experiment from Chrome 78, you can disable tags on chrome://flags/#dns-over-https.
For users who use Android 9 or later and have a DNS-over-TLS (DoT) provider set up in private DNS settings, Chrome may try to use DoH, and if it fails, it will fallback to the DoT setting.
Paul Vixie, CEO of Farsight Security and contributor to DNS protocol design, argues that DoH limits the autonomy of network administrators.
He wrote in twitter,
What do you think of this controversy?