Home » Glossary » DNS-over-HTTPS

DNS over HTTPS (DoH) is a protocol for performing DNS resolution over an HTTPS connection. It is designed to improve the privacy and security of DNS queries by encrypting them and making them harder to intercept or tamper with.

In general, DoH is considered to be a secure protocol, as it uses HTTPS, which is a widely-used and trusted security protocol for encrypting internet traffic. HTTPS uses Transport Layer Security (TLS) to establish an encrypted connection between the client and the server and to verify the identity of the server. This helps to protect the privacy of users and to prevent attackers from intercepting or tampering with the DNS queries.

However, it is worth noting that DoH is not foolproof and can still be vulnerable to certain types of attacks, such as man-in-the-middle attacks or server spoofing. It is also important to note that DoH relies on the security of the underlying HTTPS connection, which means that it may be affected by vulnerabilities in TLS or by issues with the certificate authority (CA) system.

In general, DoH is not considered to be suspicious, as it is a widely-used and accepted protocol for improving the privacy and security of DNS queries. DoH is supported by a number of web browsers, including Firefox and Google Chrome, and is also available as a standalone service that can be used with any device that supports HTTPS.

However, it is worth noting that some internet service providers (ISPs) and governments may view the use of DoH as suspicious, as it can make it more difficult for them to monitor or censor internet traffic. In some cases, ISPs or governments may block or restrict access to DoH servers or may try to intercept or tamper with DoH traffic.

Overall, DoH can provide an additional layer of security and privacy for DNS queries, but it is not a replacement for other security measures, such as using a VPN or keeping your software up to date.