Mozilla Foundation engineers announced plans over the weekend to test the "DNS over HTTPS" (DoH) fledgling security standard in Firefox Nightly distributions.
The feature will be tested as a Firefox shield study —a browser mechanism that allows engineers to roll out and roll back experimental features at a moment's notice.
DNS over HTTPS is a web protocol that argues for sending DNS requests and receiving DNS responses via HTTPS connections, hence providing query confidentiality.
The standard is still under discussion at the Internet Engineering Task Force (IETF), and should not be confused with DNSSEC, a standard that uses encryption, but not for "confidentiality" but instead for "origin authentication" between DNS client and server.
DNSSEC was developed to combat DNS-based DDoS attacks and origin IP spoofing, while DoH was created to provide query confidentiality against third-party observers —such as ISPs.
But even if Mozilla engineers don't have a final version of the DOH standard, they have decided to test-run the protocol and see how it would fare in the real world.
"Soon we'll be launching a Nightly-based pref-flip shield study to confirm the feasibility of doing DNS over HTTPs (DoH)," said Patrick McManus, a Mozilla engineer.
"If all goes well the study will launch Monday (and if not, probably the following Monday)," he added. "It will run <= 1 week. If you're running Nightly and you want to see if you're in the study check about:studies."
If a user has been selected to participate in the Firefox shield study, a new entry will appear in the about:studies page and new preferences will show up in the about:config section.