The DNS-over-HTTPS (DoH) protocol is not the privacy panacea that many have been advocating in recent months.
If we are to listen to networking and cybersecurity experts, the protocol is somewhat useless and causes more problems than it fixes, and criticism has been mounting against DoH and those promoting it as a viable privacy-preserving method.
The TL;DR is that most experts think DoH is not good, and people should be focusing their efforts on implementing better ways to encrypt DNS traffic -- such as DNS-over-TLS[1] -- rather than DoH.
What is DoH and a short history
The DNS-over-HTTPS protocol is a recent invention. It was created a few years back and was proposed as an internet standard last October (IETF RFC8484) It is already supported on Android, and is scheduled to roll out in both Mozilla Firefox[2] and Google Chrome[3] later this year.
The protocol itself works by changing how DNS works. Until now, DNS queries were made in plaintext, from an app to a DNS server, using the DNS settings of the local operating system received from its network provider -- usually an internet service provider (ISP).
DoH changes this paradigm. DoH encrypts DNS queries, which are disguised as regular HTTPS traffic -- hence the DNS-over-HTTPS name. These DoH queries are sent to special DoH-capable DNS servers (called DoH resolvers), which resolve the DNS query inside a DoH request, and reply to the user, also in an encrypted manner.
Because of all of the above, the companies and organizations that have DoH-capable products have been advertising DoH as a way to prevent ISPs from tracking users' web traffic and as a way to bypass censorship in oppressive countries.
But many