jspωiki
DNS over HTTPS

Overview[1]#

DNS over HTTPS (DoH) is an experimental protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol.

The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by Man-In-The-Middle attacks. As of March 2018, Google and the Mozilla Foundation are testing versions of DNS over HTTPS

Mozilla and DNS over HTTPS[3][4]#

Mozilla has done work and has presented an Internet Draft DNS Queries over HTTPS (DoH).

Google DNS over HTTPS#

Google's publicly-implemented version of this protocol uses HTTP GET commands (over HTTPS) to access DNS information using an encoding of DNS query and result parameters represented in JSON notation.[2]

Resolve Example: https://dns.google.com/resolve?name=ldapwiki.com

Returns:

{
    "Status": 0,
    "TC": false,
    "RD": true,
    "RA": true,
    "AD": false,
    "CD": false,
    "Question": [
        {
            "name": "ldapwiki.com.",
            "type": 1
        }
    ],
    "Answer": [
        {
            "name": "ldapwiki.com.",
            "type": 1,
            "TTL": 3599,
            "data": "173.255.234.20"
        }
    ],
    "Comment": "Response from 216.239.38.106."
}

Or a Query for browser: https://dns.google.com/query?name=ldapwiki.com&type=ANY&dnssec=true

{
  "Status": 0,
  "TC": false,
  "RD": true,
  "RA": true,
  "AD": false,
  "CD": false,
  "Question": [
    {
      "name": "ldapwiki.com.",
      "type": 255
    }
  ],
  "Answer": [
    {
      "name": "ldapwiki.com.",
      "type": 1,
      "TTL": 3599,
      "data": "173.255.234.20"
    },
    {
      "name": "ldapwiki.com.",
      "type": 2,
      "TTL": 21599,
      "data": "ns-cloud-a1.googledomains.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 2,
      "TTL": 21599,
      "data": "ns-cloud-a2.googledomains.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 2,
      "TTL": 21599,
      "data": "ns-cloud-a3.googledomains.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 2,
      "TTL": 21599,
      "data": "ns-cloud-a4.googledomains.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 6,
      "TTL": 21599,
      "data": "ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 16 21600 3600 259200 300"
    },
    {
      "name": "ldapwiki.com.",
      "type": 15,
      "TTL": 3599,
      "data": "1 aspmx.l.google.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 15,
      "TTL": 3599,
      "data": "5 alt1.aspmx.l.google.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 15,
      "TTL": 3599,
      "data": "5 alt2.aspmx.l.google.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 15,
      "TTL": 3599,
      "data": "10 alt3.aspmx.l.google.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 15,
      "TTL": 3599,
      "data": "10 alt4.aspmx.l.google.com."
    },
    {
      "name": "ldapwiki.com.",
      "type": 16,
      "TTL": 3599,
      "data": "\"abuseipdb-verification=HUxMCU2D\""
    },
    {
      "name": "ldapwiki.com.",
      "type": 16,
      "TTL": 3599,
      "data": "\"v=spf1 include:_spf.google.com ~all\""
    },
    {
      "name": "ldapwiki.com.",
      "type": 16,
      "TTL": 3599,
      "data": "\"5uEQ_Id-0sFwG1Z9xgKyQUNDZ_LHaGbEaFeSMl2zM2U\""
    },
    {
      "name": "ldapwiki.com.",
      "type": 16,
      "TTL": 3599,
      "data": "\"keybase-site-verification=HXB1MaZNXrnPliaob5-xFHRapkMkF6kddUYBUDdD2So\""
    },
    {
      "name": "ldapwiki.com.",
      "type": 99,
      "TTL": 3599,
      "data": "\"v=spf1 include:_spf.google.com ~all\""
    }
  ],
  "Comment": "Response from 216.239.38.106."
}

More Information#

There might be more information for this subject on one of the following: