DNS over HTTPS

ѽ҉ᶬḳ℠ vtol at gmx.net
Thu Jul 26 17:06:14 UTC 2018


Hi,

understanding it is still experimental at this stage it does appear
though to gain some traction with IETF (draft), browsers (testing)
Chrome and Firefox, public resolvers Google, CF and CleanBrowsing.

One of the benefits of DoH over DoT seems that port 443 is utilized as
opposed to port 853 and thus less likely to to be blocked by firewalls.

Some are voicing their concern that it would cede control over DNS
matters to browser vendors if they were to implement their choice of TRR
as Mozilla currently does with CF.
And certainly it would require other public DNS resolvers to implement
DoH if not to stay limited to the aforementioned.

What are the thoughts of the unbound team on the subject, any plans to
implement DoH?




More information about the Unbound-users mailing list