EasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler

Innovation and Laboratory Area in ElevenPaths    1 October, 2019

A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a new resolving paradigm that shakes network foundations. Secondly, because the support of having RFC combined with the interest shown by browsers (greedy for the power granted by this) has led them to begin its implementation in record time.

DoH (DNS over HTTPS) is really simple. Instead of going to port 53 of a server (for instance, the well-known and requesting for a domain through an UDP or TCP package, DoH standardizes the construction of a GET or POST to a HTTPS domain, so the answer will be the A and AAAA records (the RFC doesn’t specify other records) with the IP. Of course, it has more details, such as the clever solution of turning the cache-control heading into the TTL. Everything carefully encrypted, of course.

Firefox has joined Cloudflare with the aim of becoming the trusted resolver. In fact, Firefox’s DoH is known as TRR (Trusted Recursive Resolver). It promises not to use the little user data that it may need. For instance, Cloudflare is fully committed to deleting that sending of the first three octets used in a DNS query. Firefox is the one that has more decidedly implemented DoH but its interface is still not so intuitive. That is the reason why for this extension.

DoH, ‘easy’ for Firefox: we have developed an extension

This extension is quite simple. EasyDoH is a Firefox extension that allows you to easily choose between different DNS over HTTPS servers. Currently, Firefox works with Cloudflare as its default DoH server, and allows to modify it by using some confusing configuration parameters. EasyDoH makes this configuration simpler and shows more alternatives to using different DoHs depending on your needs.

Some of the parameters are hidden within about:config menu. Thanks to EasyDoH, such parameters are just one click away. You can choose to use only DoH, the fastest server between DoH or regular DNS, etc.

One last thing: just a script file is needed. Since Firefox extensions do not allow file modification, we need a little script to achieve this and change DoH’s internal configuration. No worries, source code is here.

The extension is available from the official Mozilla repository: https://addons.mozilla.org/es/firefox/addon/easydoh/

Leave a Reply

Your email address will not be published.