@MikeInCA , To me, DNS over HTTPS could close the biggest privacy gap we have on the internet today! If we think about recent history, Lets Encrypt has some serious impact on ensuring https across the web. It’s about 80% of our surfing now. However, DNS is the next low hanging fruit to gap-fill because of a bullseye on its back. Anyone along the path between your network to your DNS resolver can collect information about which sites you visit. This means that eavesdroppers can still profile your online activity and make a list of sites you visited, or a list of who visits a particular site. Malicious DNS resolvers, or on-path routers, can also tamper with your DNS request, blocking you from accessing sites or even routing you to fake versions of the sites you requested. If you didn’t know, TWiET has spent a bunch of time on the subject. (e.g. One Example ) If you caught any of the DoH TWiET episodes, you probably remember the discussion we had about DNS over HTTPs, and how Google plans to test DNS over HTTPS in its Chrome 78 canary builds. It will help, but it means the browser will need to fall back to standard DNS routes when DoH is not supported. In fact, many ISPs/Internet service providers and participants in the standardization process have expressed strong concerns about the development of the protocol. ISPs are concerned that DoH will complicate the use of captive portals. Some countries, like the UK, use DNS to police what sites people can surf, and this would cripple their efforts. Members of civil society have also expressed concerns over plans for browsers to automatically use specific DNS resolvers, overriding the resolver configured by the operating system. Honestly, there will be tons of hurdles to get over including political and geopolitical ones.