Technical Summary
This document defines a protocol for performing DNS Queries over an HTTPS
connection. This protocol offers similar security benefits to DNS-over-TLS
(RFC 7858), and also allows integration with HTTP-based systems and
services.
Working Group Summary
The document has been reviewed thoroughly within the working group,
including extensive commentary by noted standards experts and large-scale
implementors in DNS and HTTP.
Document Quality
Implementation has begun, with a large-scale deployment by Cloudflare,
experiments by Mozilla and Google, and many independent implementations:
doh-proxy (an IETF hackathon output), Go DNS, dnscrypt-proxy,
doh-php-client, jDnsProxy, rust-doh, and dns-over-https. The maintainers of
Stubby, CURL, and PowerDNS’s dnsdist have developed working prototypes.
This draft has a single IANA consideration (defining the
“application/dns-message” media type). There has been extensive review of
this media type.
Personnel
The document shepherd is Benjamin Schwartz <bemasc@google.com>
The responsible area director is Adam Roach <adam@nostrum.com>