Back in November, Microsoft announced it will use DNS-over-HTTP (DoH) in its Windows 10 platform. Furthermore, the company said the protocol will become default. This week, Microsoft announced DNS-over-HTTPS is now available for testing on the Windows Insider Program.
Insiders on the Fast Ring branch will now have the client packaged into Windows 10. Importantly, the protocol allows Windows 10 to connect with the internet while avoiding the old DNS system when communicating with domains.
If you're unfamiliar, DNS, or the Domain Name System, it allows users to type ‘winbuzzer.com' into their browser and be directed to its actual location, a series of dots and numbers known as its IP address.
DoH takes this normal DNS request and hides it inside HTTP traffic, making it an important tool for privacy.
DoH has been widely adopted, including by Mozilla and Google. However, admins and engineers criticized Google and Mozilla's decision. Traditionally, the operating system has handled DNS settings. When Google and Mozilla embraced DoH, they took control away from the OS.
By baking DNS-over-HTTP into Windows 10, Microsoft is essentially placing the control back to the OS. Both enterprise and personal users will benefit by getting added privacy when browsing in Windows 10.
DNS servers that handle DoH are called DoH resolvers. This is an open resource that searches for incoming HTTPS traffic, decrypts it, and sends it back to the user with the same HTTPS path. Of course, this happens in the blink of an eye for the user.
While there are many DoH resolvers, Microsoft says its preview is limited to three (Google, Quad9, and Cloudflare). As this is a preview, the company says the number of resolvers will increase when the tool becomes available in a stable Windows build.