Firefox announced a new partnership with NextDNS to provide Firefox users with private and secure encrypted Domain Name System (DNS) services through its Trusted Recursive Resolver Program.
For more than 30 years, DNS has served as a key mechanism for accessing sites and services on the web. DNS is the Internet’s directory. It translates names we know like www.firefox.com to numeric Internet addresses that a computer understands. Almost every activity on the Internet begins with a DNS request.
The Domain Name System (DNS) is one of the oldest parts of internet architecture, and remains largely untouched by efforts to make the web safer and more private. Malicious actors can spy on or tamper with users’ browsing activity and DNS providers, including internet service providers (ISPSs), can collect and monetize a user’s browsing activity.
Over the last two years, Firefox, in partnership with other industry stakeholders, has been working to develop, standardize, and deploy DNS over HTTPs (DoH). DoH aims to protect that same browsing activity from interception, manipulation, and collection in the middle of the network.
But encrypting DNS data with DoH is only the first step. Requiring the companies handling this data have rules in place – like the ones outlined in the TRR program – ensures that the access to that data is not being abused, is a necessary second.
“For most users, it’s very hard to know where their DNS requests go and what the resolver is doing with them.” said Eric Rescorla, Firefox CTO. “Firefox’s Trusted Recursive Resolver program allows Mozilla to negotiate with providers on your behalf and require that they have strong privacy policies before handling your DNS data. We’re excited to have NextDNS partner with us in our work to put people back in control of their data and privacy online.”
Mozilla's trusted recursive resolver program aims to standardize requirements for three areas: limiting data collection and retention from the resolver, ensuring transparency for any data retention that does occur, and limiting any potential use of the resolver to block access or modify content. By marrying the right technology – DoH – and strict operational requirements for those implementing it, Mozilla is improving user privacy by default by finding good partners and establishing legal agreements that put privacy first.
NextDNS launched in March 2019 providing a fully customizable, modern and secure DNS resolver. Since then the company has worked to continue to improve the service and has released DNS-over-HTTPS apps for all major platforms (iOS, Android, macOS, Windows, Linux) and routers.
NextDNS is the latest resolver to join the TRR program. Cloudflare joined the program in 2018.