Back in September, Google announced a DNS-over-HTTPS (DoH) program to enhance the privacy and security of Chrome, but it has caused confusion among some users about the statement. To clarify the relationship, Google published a new blog post. It reads that there are some misleading and confusing questions about the target approach and whether DoH will affect the existing content and control provided by current Internet service providers (ISPs).
(Photo from ZDNet, via Beta News)
First, Google dismissed the notion that DoH was redirecting domain name resolution service (DNS) traffic to its own site, or other DoH partners.
Because the final option and control remain in the user’s hands, Google is not forcing users to change their DNS service providers.
Today, ISPs meet the DNS needs of about 97% of users, but there are many independent DNS service providers.
Google wants these DNS service providers to maintain a diverse ecosystem by continuing to meet the needs and focus of users.
Second, Google will only let Chrome enable connection support if the user selects a DNS provider that supports DoH services.
Chrome checks the user’s DNS service provider for DoH compatibility lists. If the answer is yes, DoH support is enabled.
If your DNS service provider is not in the list, Chrome do not enable DoH connectivity and business as usual.
But as DoH adoption rates increase, Google hopes that more and more DNS service providers will be added to its DoH-compatible list.
Third, there is a misconception that secure DoH connections are available in the belief that this would limit the control of home-security content provided by some ISPs. Google also denies this.
In fact, any existing content controls, including child protection tools, from the user’s DNS service provider, remain active.
DoH is responsible for engaging in secure connections only when URL data is passed between the browser and the DNS service provider.
So the protection and parental controls of the software can continue to work as usual, as CleanBrowsing can do the same in DoH and unencrypted regular DNS classes.
Finally, Google is optimistic about the future of DoH. However, the company also pointed out that they would adopt a step-by-step approach to promotion.
“Our current plan is to enable DoH support only for 1% of users, but only if they’re already using DoH-compatible DNS service providers,” says Kenji Baheux, Chrome’s product manager.