This week, Microsoft announced plans to implement HTTPS (DoH) DNS in Windows 10 to ensure as secure as possible user traffic.
Helping DoH for Windows already means encrypted DNS queries in Chrome and Firefox that effectively close plain-text domain names transmissions in common web traffic, contributing to a safer overall Internet ecosystem.
DNS authentication does not require DNS centralisation, Microsoft reports, if the adoption is wide between operating systems and providers of Internet services alike.
While it does not split the current system management configurations to ensure encrypted DNS support, Microsoft said that Windows DNS should be as private and stable a standard as possible and that users and administrators should be able to access DNS settings easily for improved privacy protection.
The Company states, in addition, that Windows users and administrators must be able to quickly and easily upgrade their DNS settings without any specialist knowledge and specifically allow fallback to unencrypted DNS when Windows is set up.
“As a framework, Windows Core Networking aims to allow users to use any of the protocols they need, so in the future we will be open to other choices like DNS over TLS (DoT). For the time being, we prioritize DoH funding as the most likely to give us immediate value, “Microsoft said.
DoH, the technology giant points out, allows the current HTTPS network to be re-used, and the first step towards using the DoH protocol for the DNS servers that Windows is already designed to use.
Most public DNS servers will automatically migrate to DoH when you are using DoH and Windows.
One of the main advantages of this strategy, said Microsoft, is that there will be no modifications to the DNS server Windows that the client or network uses. This should not affect the settings of content filtering used to block specific websites by users or admins.
It also provides users and applications with confidentiality advantages even if they do not recognize DNS and do not require action. It also ensures that DoH use on network connections is implemented which should surface disruptions in advance of wider implementation.
The company will then try more privacy-friendly ways for users to discover and render DoH-aware settings for Windows ‘ DNS settings, so that they can directly configure DoH servers.
“With more attention being paid to encrypted DNS, we felt it was important to make clear our intentions as early as possible. We don’t want our customers to question whether or not their trustworthy system is going to adopt modern standards of confidentiality, “says Microsoft.