A14_Future of DNS DoH / DoT_2

DoT/DoH from a security vendor perspective Matthew Stith (Spamhaus Technology)

DoH Concerns from a Security Perspective • Potential centralization of
DNS traffic • Potential massive decentralization of DNS traffic by application • Inability for companies that are responsible for user security to see potential compromise • Managing network issues and troubleshooting DNS issues • Losing the ability to filter content that is objectionable, malicious or dangerous at the DNS level

DoH Concerns from a Security Perspective • Tools used by
security companies (Passive DNS) will be impacted • Malicious DoH resolvers • Authoritarian regimes taking even more intrusive steps to monitor user activity • Network Layers being flattened • Local DNS will no longer work in the application using DoH

Questions?

Thanks for listening!

A14_Future of DNS DoH / DoT_2

A14_Future of DNS DoH / DoT_2

JPAAWG

More Decks by JPAAWG

Featured

Transcript

DoT/DoH from a security vendor perspective Matthew Stith (Spamhaus Technology)

DoH Concerns from a Security Perspective • Potential centralization of

DoH Concerns from a Security Perspective • Tools used by

Questions?

Thanks for listening!