Comcast has joined Cloudflare and NextDNS in partnering with Mozilla’s Trusted Recursive Resolver program, which aims to make DNS more trusted and secure. Neowin reports: Commenting on the move, Firefox CTO Eric Rescorla, said: “Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program. Bringing ISPs into the TRR program helps us protect user privacy online without disrupting existing user experiences. We hope this sets a precedent for further cooperation between browsers and ISPs.”
With its TRR program, Mozilla said that encrypting DNS data with DoH is just the first step in securing DNS. It said that the second step requires companies handling the data to have appropriate rules in place for handling it. Mozilla believes these rules include limiting data collection and retention, ensuring transparency about any retained data, and limiting the use of the resolver to block access or modify content. Ars Technica notes that joining Mozilla’s program means that Comcast agreed that it won’t “retain, sell, or transfer to any third party (except as may be required by law) any personal information, IP addresses, or other user identifiers, or user query patterns from the DNS queries sent from the Firefox browser,” along with other requirements.
When the change happens, it’ll be automatic for users unless they’ve chosen a different DoH provider or disabled DoH altogether. Comcast told Ars yesterday that “Firefox users on Xfinity should automatically default to Xfinity resolvers under Mozilla’s Trusted Recursive Resolver program, unless they have manually chosen a different resolver, or if DoH is disabled. The precise mechanism is still being tested and the companies plan to document it soon in an IETF [Internet Engineering Task Force] Draft.”
of this story at Slashdot.
Source:: Slashdot