DNS over HTTPS

DNS over HTTPS (DoH) is a protocol developed for encrypting plaintext Domain Name System (DNS) traffic to prevent malicious parties, advertisers, ISPs and others from being able to interpret sensitive data. User privacy and security is increased and man-in-the-middle attacks are prevented by using the HTTPS protocol to encrypt data between the DoH client and DoH-based DNS resolver. It was introduced as a standard in October 2018 by the Internet Engineering Task Force (IETF).

DNS is essentially a fundamental address book. It helps computer networks attach information to each web domain. DoH encrypts DNS queries, which are disguised as normal HTTPS traffic. Once the query is sent to the resolver, It is resolved inside a DoH request and the user is given a reply, also in an encrypted manner. 

Benefits of DNS over HTTPS 

In addition to increased security, using DNS over HTTPS improves performance. Testing of ISP DNS resolvers shows that response times are often slow, due in part by the need to resolve many hostnames when loading a single web page.

DoH ensures that malicious parties cannot forge or alter DNS traffic. DoH traffic looks like other HTTPS traffic to a network administrator, meaning it appears as normal, user-driven interactions with websites and apps. 

Deployment for DNS over HTTPS 

There are multiple usage scenarios for DoH:

  • Using a DoH implementation within an application: For US-based users, Mozilla Firefox introduced DNS over HTTPS by default in February 2020. Shortly after, Google Chrome rolled out the option to enable DoH support. Other major browsers have plans to implement DoH, but there is not yet widespread support in operating systems.
  • Installing a DoH proxy on the name server in the local network: Client systems use traditional DNS to query the name server in the local network. DoH servers in the Internet are reached by gathering necessary replies via DoH. This method is transparent to the end user.
  • Installing a DoH proxy on a local system: Operating systems are configured to query a locally running DoH proxy. The proxy needs to be installed on each system using DoH. 
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...

Nimble CRM

Nimble CRM is a social CRM (customer relationship management) with sales and marketing...

What is Insightly CRM?

Insightly CRM is customer relationship management (CRM) software that focuses on an intuitive,...

Indicators of Compromise

When a system administrator finds anomalous or malicious behavior within network...