Apple recently announced that future versions of iOS and macOS will include support for handling encrypted DNS communications. In a presentation at WWDC 2020, the company said that when iOS 14 and macOS 11 launch this fall, both operating systems will support DNS over HTTPS (DoH) and DNS over TLS (DoT). When a user visits a website, his browser sends DNS (DNS) queries to DNS servers, which translate domain names into IP addresses. Traditionally, these requests are not encrypted and are sent in clear text, which has allowed third parties and even Internet Service Providers (ISPs) to spy on the websites users visit online. With DoH or DoT, web browsers and applications can make DNS queries and receive DNS responses in an encrypted format, preventing unwanted online tracking.
Encrypted DNS
Apple will add new features and functionality to its application development frameworks to allow developers to create new applications or update their existing applications to use DoH or DoT to encrypt DNS traffic. According to Apple software engineer Tommy Pauly, who presented, developers can create applications to apply DoH or DoT settings to the entire operating system, to individual applications, or to selected network requests from an application. . Developers will also be able to write "rules" to allow support of encrypted DNS communications only in certain situations or contexts. For example, encrypted DNS can be enabled when a user leaves your corporate network and switches to mobile data when out of the office or traveling. If, for any reason, a network provider decides to block encrypted DNS communications on its network, Apple plans to warn users with a message explaining the names of websites and other servers that their device accesses. The network could be monitored and logged. Adding encrypted DNS is great news for iPhone, iPad, and Mac users, though Apple is coming a bit late at night, as Mozilla, Google, and Microsoft already support encrypted DNS communications in their respective software. Via ZDNet