During the third quarter of Last year, Mozilla announced the introduction of DNS over HTTPS in Firefox, this in order to encrypt all the web queries of its users for their privacy and this change was reflected in the versions released during the last semester of last year.
The DoH Providers Offered in Firefox are selected according to the requirements for reliable DNS resolvers, according to which the DNS operator may use the received data to resolve only to ensure the operation of the service, you should not store logs for more than 24 hours and you cannot transfer data to third parties and are obliged to disclose information about data processing methods.
The service must also give the obligation not to censor, not filter, not interfere and not block DNS traffic, with the exception of situations stipulated by law.
The DNS over HTTPS protocol has emerged to give web browsers the ability to hide DNS queries and responses from normal-looking HTTPS traffic to make a user's DNS traffic invisible. At the same time, it compromises the ability of third-party network watchers (such as ISPs) to detect and filter your customer traffic. In theory, the large-scale implementation of this technology would also allow more effective fighting against eavesdropping and DNS manipulation through man-in-the-middle attacks.
Of the agreements that Mozilla has reached with third-party DNS providers in addition to HTTPS (DoH, DNS over HTTPS) for Firefox, are with DNS CloudFlare and NextDNS, services that can be selected within the browser settings.
But now a new service has been added to the browser list, thus Firefox takes another step in the implementation of its Trusted Recursive Resolver (TRR) program.
The new service is Comcast, which is partnering with Mozilla to implement encrypted DNS lookups in the Firefox browser, according to a joint announcement Thursday by the two companies.
Comcast's version of DNS over HTTPS (DoH) will be enabled by default for users Firefox on the net Comcast broadband, but people will be able to switch to other options like Cloudflare and NextDNS.
According to Mozilla, Encrypting DNS data with DoH is the first step.
"A necessary second step is to require that the companies that process this data have appropriate policies, such as those outlined in Mozilla's TRR program."
The program TRR aims to standardize requirements in three areas: limit the collection and retention of data, ensure the transparency of any data retention that occurs and limit the blocking or modification of content.
For any Mozilla partner companies, the publisher expects them to comply with modern privacy and security standards for our users.
Comcast is the first ISP to join the Firefox TRR program and has taken significant steps to comply with TRR standards, Mozilla said in a blog post Thursday.
By joining the Mozilla program, Comcast agreed not to 'store, sell, or transfer to third parties (unless required by law) personal information, IP addresses or other user identifiers or models of user queries of DNS queries sent by the Firefox browser ', as well as other requirements.
This deal comes after ISPs, including Comcast, have fought against plans to implement DNS over HTTPS in browsers.
As soon as Comcast's Encrypted DNS starts, eThe change should be automatic for users, Unless they've chosen another DoH provider or completely disabled DoH, according to the article.
In a statement, Comcast said that
"Firefox users on Xfinity should automatically use Xfinity resolvers from Mozilla's Trusted Recursive Resolver program by default, unless they have manually chosen another resolver, or if DoH is disabled."
Source: https://blog.mozilla.org