Apple Adds Encrypted DNS Support to iOS 14, macOS 11

Slide from encrypted DNS WWDC20

A WWDC20 presentation by Tommy Pauly, Internet Technologies Engineer at Apple, shows how Apple is adding support for encrypted DNS to iOS 14 and macOS 11.

Encrypted DNS Support

The new operating systems will support both DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT). Network communications sent through encrypted DNS means that an attacker won’t be able to snoop on what you’re doing. This support means that developers update their apps to support either of these DNS protocols. Mr. Pauly explains:

There are two ways that encrypted DNS can be enabled. The first way is to choose a single DNS server as the default resolver for all apps on the system. If you provide a public DNS server, you can now write a NetworkExtension app that configures the system to use your server.

Or, if you use mobile device management, MDM, to configure enterprise settings on devices, you can push down a profile to configure encrypted DNS settings for your networks. The second way to enable encrypted DNS is to opt in directly from an app.

Encrypted DNS warning WWDC20

Additionally, if a network provider blocks encrypted DNS on its network, users will see a privacy warning.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.