Mozilla Company
Recall that in Firefox 77, a DNS over HTTPS test was enabled with 10 test requests sent by each client and automatic selection of a DoH provider. This check had to be disabled in the release
The DoH providers offered in Firefox are selected according to
Of the events related to DNS-over-HTTPS, one can also note
Recall that DoH can be useful for preventing leaks of information about requested host names through the DNS servers of providers, combating MITM attacks and DNS traffic spoofing (for example, when connecting to public Wi-Fi), countering blocking at the DNS level (DoH cannot replace VPN in the area of bypassing blocking implemented at the DPI level) or for organizing work in case it is impossible to directly access DNS servers (for example, when working through a proxy). While normally DNS requests are sent directly to the DNS servers defined in the system configuration, in the case of DoH, the request to determine the host IP address is encapsulated in HTTPS traffic and sent to the HTTP server, on which the resolver processes requests via the Web API. The current DNSSEC standard uses encryption only to authenticate the client and server, but does not protect traffic from interception and does not guarantee the confidentiality of requests.
Source: opennet.ru