I may be late to this, but here [1] is some commentary on why DoH (DNS over HTTPS) may not be as affective as it is perceived. The article also talks about DoT (DNS over TLS) mechanism which is apparently less disruptive for network monitoring tools compared to DoH.
Can some security minded folks from the community chime in about the claims made in the linked article?
The article has several good points but also some weak ones.
For example, it points out that DoH doesn't really protect privacy from ISPs because ISPs can still see what the users are doing because the ISPs route the traffic. Then, it claims that DoH weakens security because it would let users get around malware blacklists. However, this is mostly nonsense for the same reason. Malware (and other legitimate blacklisting) can and should be blocked even when hard-coded IP addresses are used.
The point about the logistics is very true, though. I won't use DoH at home because I operate my own DNS that contains intranet addresses not accessible from the outside Internet. DoH in Firefox would break those services.
Can some security minded folks from the community chime in about the claims made in the linked article?
(Disclaimer: English is my second language)
[1]: https://www.zdnet.com/article/dns-over-https-causes-more-pro...