Modern security: We need encrypted DNS. (DoT/DoH)

Here, I want to have the option to use an encrypted DNS server. Either DNS-over-TLS or DNS-over-HTTPS…

And it should be there by default. Security should be the default, after all…

See that Firefox e.g. plans to introduce this (DNS-over-HTTPS) by default with sets of trusted resolvers. The reasons are clear: OS vendors and routers are too slow to implement it, so browsers roll out their own security mechanisms.

The obvious problem is: This does not protect the DNS of all the other applications…

That’s why I want this feature…

By default!

Note that when I say by default, I mean by default. Obviously, you can hardly provide a default server (unless you do it the Mozilla’s way), but you can offer the possibility by default, i.e. all the implementation should be ready, and I, as a user, just want to enter the URL of the DoH server to be able to use it.

It should just work then – just like it currently works with “usual” DNS, where I enter a DNS IP, I should be able to easily switch to DoH (e.g.).

How to make this happen?

I guess it needs to be integrated into NetworkManager somehow?

Where can this be reported/tracked?

Or does this request here fit into the “Applications” category then? If so, which application? gnome-control-center?

Cross-posted in the Fedora discourse community.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.