DHS CISA to provide DoH and DoT servers for government use

DHS

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced today that it intends to run DoH (DNS-over-HTTPS) and DoT (DNS-over-TLS) DNS resolution servers for official government use, however, it advises agencies to disable DoH and DoT support on employees’ browsers until official CISA servers are available.

The agency issued a memorandum [PDF] today to remind government agencies of their legal requirement to use the EINSTEIN 3 Accelerated (E3A) DNS server as the primary DNS resolver for any government workstations and communications.

CISA said the E3A server comes with a sinkholing capability “which blocks access to malicious infrastructure by, in effect, overriding public DNS records that have been identified as harmful.”

“The vast majority of agencies already do this, but particularly in light of increased telework, we felt it worth reiterating,” the agency said in a press release.

CISA fears that government workers or system administrators might be tempted by DoH and DoT’s features and switch from the approved E3A DNS server to an unsanctioned DoH/DoT-capable system.

The agency said it does not endorse the use of third-party DoH or DoH resolvers, such as those provided by Google, Cloudflare, Cisco, or Quad9.

The DHS’s cyber-security agency issued the memorandum because of DoH and DoT’s rising popularity and increased usage.

Both are privacy-first versions DNS protocol that encrypt DNS queries to safeguard intended web destinations from third-party network observers.

Support for DoH is enabled by default for Firefox users in the US, while Chrome is currently experimenting with the feature. Microsoft has also announced plans to support DoH inside Windows in the upcoming future.

DoH, especially, looks like it will become a mainstay on the tech scene, with more browsers and desktop applications receiving support for using DoH as a privacy-first alternative to classic DNS.

“Until DoH and DoT resolution services are available from CISA, set and enforce enterprise-wide policy (e.g., Group Policy Objects [GPO] for Windows environments) for installed browsers to disable DoH use,” CISA said today, urging government system administrators to take action and prevent workers from taking DNS settings in their own hands.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Cryptopunkad1
Cryptopunkad2
Cryptopunkad1
Cryptopunkad1
Cryptopunkad1
Cryptopunkad1
previous arrow
next arrow

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Crypto Regulation Index
Crypto Regulation Index for 2022
October 3, 2022
What Is ZetaChain And How Does It Operate?
What Is ZetaChain And How Does It Operate?
September 27, 2022
LUNC
What is Terra Classic (LUNC)? How Does it Work?
September 26, 2022
What Is A Public Presale In Crypto?
What Is A Public Presale In Crypto?
September 22, 2022
Cryptocurrency
How Many Cryptocurrencies and NFT Collections are there in 2022?
September 21, 2022


CryptoCurrencyUSDChange 1hChange 24hChange 7d
? --- 0.00 % 0.00 %

bitcoin
Bitcoin (BTC) $ 19,535.80
ethereum
Ethereum (ETH) $ 1,321.76
tether
Tether (USDT) $ 1.00
usd-coin
USD Coin (USDC) $ 1.00
bnb
BNB (BNB) $ 286.85
xrp
XRP (XRP) $ 0.455303
binance-usd
Binance USD (BUSD) $ 1.00
cardano
Cardano (ADA) $ 0.426739
solana
Solana (SOL) $ 32.93
dogecoin
Dogecoin (DOGE) $ 0.060097