DoH will encrypt DNS traffic from clients (browsers) to resolvers through HTTPS so that users’ web browsing can’t be intercepted or tampered with by someone spying on the network. The resolvers we’ve chosen to work with so far – Cloudflare and NextDNS – have agreed to be part of our Trusted Recursive Resolver program. The program places strong policy requirements on the resolvers and how they handle data. This includes placing strict limits on data retention so providers- including internet service providers – can no longer tap into an unprotected stream of a user’s browsing history to build a profile that can be sold, or otherwise used in ways that people have not meaningfully consented to. We hope to bring more partners into the TRR program.
Kao što piše u citiranom, za USA korisnike je ova opcija od juče podrazumevano omogućena, dok ostali mogu da je omoguće u Preferences -> Network Settings -> Settings -> Enable DNS over HTTPS
Da testirate da li je pomenuta opcija omogućena: https://www.cloudflare.com/ssl/encrypted-sni/