This DNS over HTTP thing

• Previous message (by thread): This DNS over HTTP thing
• Next message (by thread): This DNS over HTTP thing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sep 30, 2019, at 10:25 PM, Jay R. Ashworth <jra at baylink.com> wrote:
> Is there an official name for it I should be searching for?

The IETF calls it "DoH", pronounced like "Dough". https://datatracker.ietf.org/wg/doh/about/

There are a number of such services from Google, Amazon, and others. Firefox and Chrome now reportedly use it unless you tell them not to. It is also in use by at least one botnet, per reports.

https://www.proofpoint.com/us/threat-insight/post/psixbot-now-using-google-dns-over-https-and-possible-new-sexploitation-module
https://www.zdnet.com/article/first-ever-malware-strain-spotted-abusing-new-doh-dns-over-https-protocol/
https://www.bleepingcomputer.com/news/security/psixbot-modular-malware-gets-new-sextortion-google-doh-upgrades/

One thing that bothers me about the Google implementation is that they apparently download the IANA zone and, in effect, operate as an informal root server. Not that I am protective of the root per se, but the root operators operate by an ethos described in RSSAC001 (https://www.icann.org/en/system/files/files/rssac-001-root-service-expectations-04dec15-en.pdf.). If Google wants to promote itself into those ranks, I would expect it to shoulder the ethos and responsibility implied. The articles I pointed to above would suggest that it does not.

• Previous message (by thread): This DNS over HTTP thing
• Next message (by thread): This DNS over HTTP thing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]