[throw0101a]

It would be nice if Firefox also had DNS-over-TLS support.

I'm not against encrypted DNS, and can see where DoH can be handy for a lot of the general public, but as someone in IT, having to jump through hoops to keep our internal split-horizon DNS workings is annoying.

[marichards]

I don't have a problem with DNS-over-TLS, I don't know enough about it... but I'm afraid I want DNS from Firefox's perspective to be plaintext, transparent and easy for me to check and even change. Like the filesystem is.

Not just for me, easy for Privacy International to audit when verifying apps tracking, easy for OpSec on my work laptop and easy for my firewall tooling to intercept and manage.

I want the OS's network stack to transparently proxy that plaintext request to an encrypted one: which may well be DoH or DNS over TLS, just like filesystem drivers proxy plaintext file requests over encrypted hard disks.

Whether this is by a plain text request over loopback, using the existing plain text DNS protocol or a more efficient OS api I'll happily leave evolution to resolve: but for now the plaintext protocol might be the fastest thing to proxy.