Microsoft has announced that it is planning to integrate DNS over HTTP for Windows 10 starting from November 2019. The company believes that by supporting encrypted DNS queries in Windows, one of the last remaining plain-text domain name transmission will be closed.
DNS over HTTPS to be supported on Windows 10
This is what Microsoft had to say about the implementation-
“We also believe Windows adoption of encrypted DNS will help make the overall Internet ecosystem healthier. There is an assumption by many that DNS encryption requires DNS centralization. This is only true if encrypted DNS adoption isn’t universal. To keep the DNS decentralized, it will be important for client operating systems (such as Windows) and Internet service providers alike to widely adopt encrypted DNS.”
Microsoft is now figuring out what kind of DNS encryption Windows will support and how to implement the same. The company is said to adopt the following guidelines for implementing DNS encryption on Windows.
- Microsoft is very clear that DNS needs to be functional and should also cater to users who have no idea about DNS. The new feature is aimed at helping both Windows users and administrators.
- Administrators and Windows users will also be able to improve their DNS configuration seamlessly. The experience will be designed such that Windows users who are not aware of DNS will also be able to set it up easily.
- The move to DNS will be permanent. In other words, once Windows has been configured to use encrypted DNS the system will not fall back to unencrypted DNS. This stands true even when the system doesn’t get any instructions from Windows users/administrators.
Microsoft will begin by using DoH for DNS servers. It is worth noting that a majority of public DNS servers support DoH and for newly configured servers Windows will simply use DNS without encryption for that particular server. With this milestone users and applications will be able to achieve the required privacy without having to know about DNS. Furthermore, no changes will be made to the DNS server that was chosen by users/administrators. If changed then it will likely bypass filters and other controls.
In the near future, Microsoft is aiming to offer simple ways by which users can leverage DNS settings on Windows. On the other hand, device admins and enterprise admins will be able to configure DoH servers separately.
TIP: Read: How to enable and test DNS over HTTPS in Windows 10.