DNS Queries over HTTPS (DoH)
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/entity//" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/entity//Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/entity//)Use the native HTML custom element.
P. Hoffman, P. McManus · 2018-10
Abstract
RFC 8484 defines DNS over HTTPS (DoH), a protocol for sending DNS queries and receiving responses over HTTP/2 using HTTPS on port 443. DoH provides the same privacy benefits as DoT while blending DNS traffic with regular web traffic, making it resistant to port-based filtering.
Why This RFC Matters
DoH sparked one of the most contentious debates in recent internet policy history. By tunneling DNS inside HTTPS on port 443, DoH makes it cryptographically impossible for ISPs and network operators to intercept or block DNS without breaking all HTTPS traffic. Browser vendors (Mozilla, Google) embraced DoH for its privacy benefits; ISPs and enterprise security teams objected that it bypasses their filtering and monitoring infrastructure. The IETF's publication of RFC 8484 accelerated a fundamental shift in who controls DNS resolution — from network operators toward application vendors — with implications for censorship resistance, corporate security, and parental controls that are still being worked out today.