server
Tips

Your Guide to DoH

The world of internet protocols can be a somewhat confusing and complex place for the uninitiated, but understanding the differences between the different protocols, along with their pros and cons, can help you make the right choices in your own life, both personally and professionally. To that end, this guide will take a look at one of the newest internet protocols, DNS over HTTPS, also known as DoH.

What Is DNS over HTTPS (DoH)?

We’ll begin with a clear and simple definition of what exactly DoH is, but in order to fully understand it, we have to first know what DNS is and how that works. DNS stands for Domain Name Server, and it essentially serves as a ‘phonebook’ for the internet, allowing computer networks to communicate effectively with one another.

When you want to visit a certain website, you’ll usually type the URL or domain name into your browser bar and hit enter. Humans are good at remembering these domain names, as they often have catchy names that we can connect to. Machines are better with numbers, and this is where the DNS comes in. 

When you type something like ‘Google.com’ into your browser and send the request to visit that part of the web, the DNS essentially ‘translates’ what you’ve written into a numerical code, known as an IP address, to help the relevant devices connect. From this, we can see how the DNS plays a major role in allowing us to access and use the internet and its various services.

Now let’s move on to DoH. Basically, DoH is a new standard that allows DNS protocol to work across HTTPS connections. HTTPS is a more secure version of HTTP, so DoH is essentially aimed at being a more secure method for DNS resolutions to take place, protecting users against possible cyber-attacks which target the DNS by making use of the encrypted HTTPS standard.

The Need for DNS Over HTTPS

The DNS was invented way back in the early 1980s, back before the concept of the internet had really taken off in any meaningful way. Back then, the idea of having connected devices in every home and office was simply a fantasy, but these days, it’s very much a reality, and this is where the need for DNS over HTTPS comes from. 

When DNS was first created, it wasn’t really designed with future-proofing in mind. Few people back then expected this kind of technology to take off so rapidly and at such a grand scale as it actually has, and in today’s world of advanced cybersecurity threats and millions of cyber-attacks taking place every day, the DNS in its original form just isn’t strong enough to keep up.

Even over the years, as other key protocols like HTTP received security upgrades, DNS has mostly been left untouched, with big security gaps that can be exploited by hackers and cyber-criminals. DoH aims to bring that much-needed security to the system, but it’s still a very young form of technology, with a lot of growth and evolution ahead of it.

Pros and Cons of DoH

Even though the reasoning behind the creation of DoH is sound and there are some clear advantages it has to offer over older DNS standards, there are some problems with DoH to counter-act its benefits. Below, we’ll outline some basic pros and cons of this technology.

Pros

  • Security – Obviously, the biggest benefit to DoH is that it is able to offer enhanced security, especially proving effective in defending against man-in-the-middle attacks, which are frequently used when targeting the DNS.
  • Speed – DoH is also able to assist with speed and efficiency. It centralizes all DNS traffic to just a few servers that have been equipped with DoH technology, so this can speed up load times in many instances.
  • Potential – There’s also the simple fact that DoH offers potential for the future. Even if this technology has some issues at the moment, it’s still young, with a lot of room to grow and improve.

Cons

  • Security – Unfortunately, even though DoH is designed with security in mind, it can actually impair your security efforts in some ways. Since it encrypts all DNS queries, any companies making use of DNS monitoring will suddenly be unable to see and use certain pieces of data, which could make it easier for bad actors to sneak into the system without detection.
  • Compatibility – DoH isn’t widespread enough to be compatible with certain other systems and technologies. It doesn’t work well with DNS filtering or monitoring, and it can affect browser usage too.

Final Word

It’s clear to see why people are excited about the possibilities of DoH, and this technology certainly has potential, but for now, it’s important for any early adopters to be aware of the issues and risks they might incur when using DoH.