Promoting a discussion on DNS-over-HTTPS

Nov 23, 2018

In the last few months, we have seen a lot of community discussion around the latest development in the internet’s naming system, a new protocol called DNS-over-HTTPS.

The DNS—the mechanism through which you can actually reach any online service or website through the use of a name or a URL without knowing its IP address—is a fundamental element of the internet, and also one of its biggest points of management and control. DNS-over-HTTPS introduces significant changes in the way this mechanism works. The long term effects of this new protocol could deeply affect the future of the entire internet, contributing to its ongoing centralization into the hands of a few big over-the-top players. Concerns include depriving users, network administrators and local internet communities of choice and control, and supplying new amounts of personal information to the global data tracking, hoarding and monetization infrastructure.

This is why we have prepared a public policy briefing that collects and explains all the concerns raised by many parts of the community. We encourage you to read the short executive summary (section 2) to get the broader picture, and then refer to the rest of the document (sections 4 and 5) to get the details. The document is written for non-technical people as well; section 3 provides a quick and easy explanation of how the DNS works and why it is so fundamentally important.

We think a deeper discussion is necessary before this protocol is deployed on a mass scale, involving not only the engineers that designed it and the web companies that promote it, but also the entire DNS and security community, ISPs, governments, and internet users in general. Thus, we encourage you to read the document and spread awareness about what is happening to the DNS, and we welcome comments and questions by email. Please contact us if you share our concerns.


About the author

Vittorio Bertola

Vittorio Bertola

Head of Policy & Innovation


Related Articles

On Firefox moving DNS to a third party

DNS lookups occur for every website visited. The processor of DNS requests gets a complete picture of what a household or...

Bert Hubert 09/3/18

DNSdist 1.5.0 delivers enhancements for DoH and better...

Open-Xchange has launched the latest version of DNSdist – our unique DNS proxy and load balancer that optimizes the internet...

Alexander ter Haar 07/6/20

DoH: (Anti-)Competitive and Network Neutrality aspects

Much has already been written on how moving to centralised DNS is bad for our privacy in 2019, and on that basis alone...

Bert Hubert 12/3/19

DNS encryption in PowerDNS: where we are

Back in 2018, when the IETF introduced two standards on DNS encryption, PowerDNS was amongst the first to adopt and offer...

Alexander ter Haar 07/3/21