I'm interested to see how the implementation performs in practice, but I don't see DNS over HTTPS as better than some of the other solutions out there. Some have been around for a while and are well-tried but failed to gain wide adoption, like DNSSEC. Others are new kids, unproven but with lots of promise on paper, like IPFS service discovery.<p>In no particular order, here are some alternative technologies. As always YMMV and the proof is not just in the technical implementation of the protocol, but also the policies and politics around the adoption. A good chunk of them overlap DNS's goals in what they aim to do, but only partially.<p>* DNSSEC - <a href="https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en" rel="nofollow">https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-...</a><p>Various Distributed Hash Table (DHT) based approaches:<p>* IPNS - <a href="https://medium.com/@yaniv_g/hosting-websites-on-ipfs-with-ipns-b94659c42b52" rel="nofollow">https://medium.com/@yaniv_g/hosting-websites-on-ipfs-with-ip...</a><p>* Telehash - <a href="http://telehash.org/" rel="nofollow">http://telehash.org/</a><p>Various cryptocurrency approaches:<p>* Namecoin - <a href="https://bit.namecoin.org/" rel="nofollow">https://bit.namecoin.org/</a><p>* DomainToken - <a href="http://www.domaintoken.io/" rel="nofollow">http://www.domaintoken.io/</a><p>* Steemit - <a href="https://steemit.com/" rel="nofollow">https://steemit.com/</a><p>If you know of others, please comment with the name and a link.
> GET <a href="https://dns.google.com/experimental?ct&dns=AAABAAABAAAAAAAAB2V4YW1wbGUDY29tAACAAE" rel="nofollow">https://dns.google.com/experimental?ct&dns=AAABAAABAAAAAAAAB...</a> HTTP/2.0”<p>I guess the stuff in the dns=bit is a query to look up the ip of dns.google.com? ;)<p>I'm not sure if I think trusting certs for ip addresses (as opposed to domain names) is a great idea. And how else would this bootstrap?
I installed doh-client from <a href="https://github.com/m13253/dns-over-https" rel="nofollow">https://github.com/m13253/dns-over-https</a> onto my EdgeOS router, then pointed dnsmasq at doh-client and, well, it works and I have nothing else exciting to report. One less thing for AT&T to snoop.
Can I use it with OpenNIC resolvers? <a href="https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/public-resolvers.md" rel="nofollow">https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v...</a>
See also this article by a Mozillian<p><a href="https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/" rel="nofollow">https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-ove...</a>
I have enabled DNS over https on Android P (it has built in system wide cpapbility) with Cloudflare.<p>Problem is that I have no idea how to test if it is really working :-)
Many of us that use local DNS (pi-hole and similar technology), this is not an option. On the other hand, I feel more secure with my local ISP than with mega ad-corporation like Google.<p>I think that DNS over HTTPS is loved by the ad-community. No local DNS that can disturb or block user generated data. Don’t get fooled people.<p>#DeleteGoogle