DNS and the Internet's architecture: the DoH dilemma
Impacts of DNS-over-HTTPS on how the Internet works
- Track: DNS devroom
- Room: K.4.601
- Day: Sunday
- Start: 11:20
- End: 11:50
Mozilla's announced deployment model for DNS-over-HTTPS made some properties of this protocol apparent to everyone, stirring a lot of discussion. Specifically, DoH could promote a collective switch from local resolvers to a few global public services, and make each application independent from the user's preferences in the operating system. This could provide more privacy and less censorship, or less privacy and more censorship, depending on how it is deployed and who gets to control the resolvers. What would be the advantages and disadvantages of a broad adoption of DoH by Web browsers, and its likely long-term effects?
The talk will start with a general introduction to DoH, stressing its main architectural features: hiding DNS queries inside Web traffic in an unblockable way, moving DNS resolution to the application layer, and putting application makers (especially browser makers) in charge for DNS settings.
It will then discuss all the things that are broken by mass-scale deployment of DoH under this paradigm, including DNS-based security mechanisms and access control services, local and national content filtering policies, and network monitoring tools. It will also discuss in which use cases DoH creates advantages for the user (i.e. more privacy and freedom of expression) and in which others it creates disadvantages (i.e. less privacy and more control). Finally, it will discuss the changes to the Internet's original principles that would derive from the centralization that DoH could induce, by providing an additional control point to a few of the usual big over-the-top companies from the GAFAM club.
We also look forward to a final discussion to listen to more opinions (including those that disagree with us) and allow participants to learn more about the issue and make up their mind - or, perhaps, end up with more questions than they had in the beginning.
Speakers
Vittorio Bertola |