DNS over HTTPS in 2 Minutes

Показать описание

In this video we will learn about the DNS over HTTPS technology or DOH for Short and its future replacement Oblivious DoH

In order to explain DoH we need to talk about what DNS does

DNS maps a domain name to an IP address so the packets can be routed through different networks in the Internet

This is done by sending a UDP packet to the DNS resolver on port 53

However! the UDP packet is unencrypted and any in-route devices such as ISPs can see this query and know the websites the client is visiting

DNS over HTTPS establishes a Secure connection through TLS between the client and the resolver.

So the DNS query is sent encrypted with the symmetric key agreed by both the server and the client.

This STOPS anyone in the middle from sniffing the content of the DNS queries

Except! The DoH server knows the DNS query because it has to decrypt the packet and it also knows the client IP address

So bad or misbehaving DoH servers may decide to log and sell this data to the highest bidder

That is why Apple, Fastly and Cloudflare came up with a new technology called oblivious DNS over HTTPs or oDOh!

oDoH adds a proxy layer in the middle so the resolver doesn’t know the original client IP address and the entire communication is encrypted end-to-end so even the proxy doesn’t see the content of the dns query. Learn more about oDoh in my video in the info cards

Thank you so much for watching! make sure to subscribe and check out the other content of the channel I discuss all sorts of software engineering topics, news, tutorials and my content range from short videos like this one to lengthy deep dive free-form lecture style, see you in the next one stay awesome!

🎙️Listen to the Backend Engineering Podcast

🏭 Backend Engineering Videos

💾 Database Engineering Videos

🏰 Load Balancing and Proxies Videos

🏛️ Software Archtiecture Videos

📩 Messaging Systems

Become a Member

Support me on PayPal

Stay Awesome,
Hussein

Рекомендации по теме

Комментарии

These shorter videos are great! The animations are super helpful too. What software do you use to create them?

frankprogrammer

Deep dive or short, this is great content. You have a subscriber.

MichaelSharpTechniSmart

Hey man, thanks for the video I appreciate the concept 2-minute crash course! Question: does Quad9 do Oblivious DoH?

emericaCircamcchicke

wouldnt the isp just be able to capture usual tcp/udp packets u send to the website? or am i missing the point somehow?

uuuuuhhlettuce

Thank you. I would agree that this is a good security gap in current system that doesn’t support end-to-end encryption including a handful of messaging apps.

GDGET

But if someone controlls the proxy and the dns resolver they can derive your info still, right?

shm

That was some really flashy graphics, well done !

autohmae

Would it be possible to do a video on the differences of the server load/latency between regular DNS and DoH?

securerandom

Love these short ones. Can’t see the card for the video you mentioned since I’m on an iPad
;(

javilionaire

Love the animation! Wouldn't an isp or upstream observer still see the IP on is connecting to eventually and figure out from that?

whathappenedman

Didn't dns provides already could see our requests in past ? Also adding proxy to middle isn't it going to extend delay time so how is it useful ?

Quiloos

Very nice video Hussain. What are you using to create these graphics and animations?

mliyanage

Could apple use oblivious dns-over-https to make theirs telemetry much harder to be detected?

lolololowbx

Buddy your content is getting absolutely bitchin’ lately!! Great graphics and a simple explanation! Will point friends to this when they ask about DoH!

noahwilliams

Https adds overhead and now even a proxy just for the lookup of addresses. So who is monitoring the proxy then?

supportic

wish you would have talk more about it

SnakZ

So now instead the proxy owner can sell your queries to the highest bidder?

funkykong

Every other word was jargon so for a beginner it's hard to understand, a great way to get around this and still kee the video short is to use visual metaphors. Everything else was great

Nalie-kwvb

I love India and Apu from The Simpson.

jjbb

Why HTTPS for DNS? Why not DTLS for UDP? Or why not just TLS over TCP? Why include all the top heavy HTTP baggage for the request? What's the point of that? Eh?

BinaryReader

DNS over HTTPS in 2 Minutes

DNS over HTTPS in 2 Minutes

DNS Encryption explained - DNS over TLS (DoT) & DNS over HTTPS (DoH)

How to Enable DNS-over-HTTPS in Opera (Desktop)

DNS Over HTTPS: Next Step In Internet Privacy

What is DNS over HTTPS ?

How to Enable DNS Over HTTPS on Any Web Browser

Mullvad’s FREE DNS over HTTPS service is a no-brainer for these reasons

How To Change DNS Over HTTPS in Opera GX

ENG_Part 2: Explain how RouterSocks5.Net works

Enable This Setting on EVERY Web Browser

Encrypt Your DNS (STOP Your ISP SNOOPING!)

How To Change DNS Over HTTPS in Opera GX - Full Guide 2024

12 Days of Defense - Day 6: How DNS over HTTPS (DoH) Works / DNS Privacy

Jak działa DNS over HTTPS (DOH)

DNS Security II | DNS over HTTPS (DOH) | Palo Alto Firewall Training

[TUT] Was ist DNS über HTTPS / TLS? [4K | DE]

How to fix opera gx check your dns over https settings ❌(2024) (Quick and Easy)✅

DoH! DNS over HTTPS: for Attackers and Defenders - Marcus W Tonsmann

What is DNS over HTTPS (DoH)?

How to protect yourself with DNS over HTTPS

How to Enable DNS-over-HTTPS in Firefox (Desktop)

OpenWRT - Configure DNS-over-HTTPS (DoH)

Что такое DNS-over-HTTPS и как его настроить

DNS over HTTPs - What is it and how will it impact your privacy?