Engineers at Apple and Cloudflare, a web infrastructure company providing content delivery network services, announced today that they have collaboratively developed a new internet protocol focused on privacy.
TechCrunch reports today that the new protocol, dubbed Oblivious DNS-over-HTTPS (ODoH), will “shore up one of the biggest holes in internet privacy that many don’t know even exists” by making it way more difficult for Internet providers to track your website visits.
“What ODoH is meant to do is separate the information about who is making the query and what the query is,” said Nick Sullivan, Cloudflare’s head of research.
Every time you go to visit a website, your browser uses a DNS resolver to convert web addresses to machine-readable IP addresses to locate where a web page is located on the internet. But this process is not encrypted, meaning that every time you load a website the DNS query is sent in the clear. That means the DNS resolver — which might be your internet provider unless you’ve changed it — knows which websites you visit. That’s not great for your privacy, especially since your internet provider can also sell your browsing history to advertisers.
ODoH promises to solve those woes by decoupling DNS queries from the user by using encryption. The query is then passed through a proxy server that prevents the DNS resolver from seeing who sent the query to begin with.
In other words, ODoH ensures that only the proxy knows the identity of the internet user and that the DNS resolver only knows the website being requested. Sullivan said that page loading times on ODoH are ‘practically indistinguishable’ from DoH and shouldn’t cause any significant changes to browsing speed.
Of course, ODoH will need to be supported by major web browsers and operating systems before it can be used commercially. On top of that, the Internet Engineering Task Force will need to certify ODoH as a new standard, which may take months or even years.