Font size:
Page background:
Letter spacing:
Images:
Disable visually impaired version close
Version for visually impaired people
News

Pros and cons of DNS over HTTPS were discussed at the Internet Governance Forum

A session entitled “DNS over HTTPS (DoH): Human Rights, Markets and Governance” was held at the 15th IGF forum. It was dedicated to the most topical issues of the day, which were related to the introduction of the DoH protocol. This technology makes it possible to encrypt data exchange between users’ devices and DNS services. Reports were delivered by Barry Leyba (Internet Engineering Task Force), Andrei Robachevsky (Internet Society), Olga Makarova (MTS), Amod Malviya (UDAAN, the largest Indian B2B e-commerce platform), Joey Salazar (ARTICLE 19, a human rights organization), and Alissa Starzak (Cloudflare).

An obvious plus of DoH technology is that it provides an additional level of protection for user privacy: encryption of DNS traffic allows users to hide the addresses of websites they visited. This reduces the possibility of identifying users and spying on them, trading their data and blocking access to certain websites by authoritarian regimes. However, like any technology, DoH has its downsides. Encrypting DNS traffic can pose a cybersecurity threat because ISPs and system administrators cannot be sure of the security websites a user visits are safe. In addition, the use of this protocol renders the use of parental controls ineffective.

Andrei Robachevsky examined various scenarios of DoH implementation. According to the speaker, a centralized model can result in a decreasing number of players on the DNS market and, after that, there are few incentives for wider cooperation. Moreover, this trend can threaten DNS as a global and agreed-upon system. A different viewpoint, that DoH is a new chapter in debates on internet neutrality, was presented by Olga Makarova. She believes the main goal of DoH is not simply to protect personal data.

“It looks like an excellent and very smart marketing plan developed by both ISPs and OTT providers in attempt to attract clients and gain a share of the market,” she said. She also shared the results of MTS’s experiment with DNS-over-TLS protocol in European Russia, which showed that the traffic doubled only due to a mere 13 percent of DoT requests, so it is necessary to change the infrastructure of DNS resolvers.

Other participants in the session talked about problems providers had to face when using DoH. For example, the use of DoH dramatically reduces the role of local providers and, on the contrary, increases the weight of large players such as Google or Cloudflare. They are already using DoH technology, and the fact that more applications, which can independently choose which DNS server they access, means the lion's share of user traffic data will be concentrated in only a few companies. The only guarantee that this data will not be used for commercial purposes is the companies’ promise.

Previous News Next news