Prof. Norbert Pohlmann (Institut für Internet-Sicherheit)
Initial position: DNS Encryption is good!
With more than 1,100 member companies, eco is the largest association of the Internet industry in Europe, representing all sectors from network infrastructure, Internet service providers (ISPs), content delivery networks (CDNs), service and application providers, to cyber security and legal experts. A group of members have taken the opportunity to make the most of this source of broad and diverse expertise to discuss the emerging use of the DNS over HTTPS (DoH) protocol and the impact of its implementation on different environments.
It is probably safe to say that the introduction of the DoH protocol has created more controversy than its initiators and early adopters were anticipating.
One objective pursued in the development of the DoH protocol was to increase user privacy and security by preventing eavesdropping and manipulation of DNS data, e.g. by Man-in-the-Middle attacks (MITM). Throughout the history of the Internet, traditional Domain Name System (DNS) traffic has largely been unencrypted. In this scenario, every party between the user’s device and the DNS resolver is able to look into DNS queries and responses, or even to modify them. Furthermore, the monetisation of DNS data, e.g. for marketing purposes, is a potential and realistic privacy issue.
In the early phases of implementation, DNS over HTTPS (DoH) was a topic of intense discussion and considerable controversy. First-movers in this space were largely not traditional network operators and ISPs – who have until now been largely responsible for the provision of DNS services – but rather application developers, content delivery networks, and distributed DNS providers, in order to offer users easy access to encrypted DNS and greater choice in the provision of DNS services. Initiatives in this context have created a strong impetus for other operators of DNS resolvers to also become active in the provision of encrypted DNS services like DNS over HTTPS.
This offers the potential for the protocol to emerge out of a niche status and become more widely deployed by all kinds of DNS providers, allowing it to make a significant contribution to the provision of encrypted DNS.
Encrypting DNS improves user privacy and security. This is why the
contributors to this paper strongly support the concept of provisioning over-the-top encrypted DNS. As DoH is relatively new, it is not yet universally deployed, and many ISP resolvers still lack support. However, increasing adoption can be observed. This is to be encouraged, in order to ensure a rich and varied global ecosystem of encrypted DNS provision.
Despite this, the sometimes-heated discussion around DoH has highlighted a tangled range of questions and ambiguities. The aim of this paper is to identify what needs to be teased out in order to understand what stems from the protocol itself, and what relates to possible implementation models and/or deployments of the DoH protocol, and what action needs to be taken within the industry to, on the one hand, ensure the protection of user privacy through the DoH protocol, and on the other hand, ensure user choice and digital self-determination.
This paper will attempt to unravel some complexities of the DoH discussion, try to provide as neutral as possible an industry perspective on the pros and cons discussed in this context, and make them comprehensible for readers for whom an understanding of DoH is relevant. It makes recommendations for the deployment and implementation of DoH in a privacy-enhancing manner.
As a first statement of positioning, the contributors to this paper fundamentally support the encryption of DNS information.
Encryption of DNS has the advantage of improving user privacy and security, for example, by preventing malicious actors from listening in to DNS traffic e.g. in order to perform Man-in-theMiddle attacks.
However, the contributors also concede that there are contexts where certain stakeholders – for example, operators of a corporate network, or Internet service providers – may have concerns regarding potential downsides of certain implementations for encrypting DNS information. The concerns generally do not relate to the DoH protocol itself, but to the deployment model chosen by the applications, especially web browsers.