Last month Mozilla announced the introduction of DNS over HTTPS (DoH), which will default to DoH instead of traditional DNS. Compared with traditional DNS, working with cloud service providers to issue DNS requests over HTTPS has little impact on uncached DNS queries. Most queries are only about 6 milliseconds slower, but weigh security and protect private data. From a perspective, Mozilla believes this is an acceptable cost. And in some cases, even hundreds of milliseconds faster than traditional DNS. This may be a good improvement for the average user, but all users need to go through third-party cloud vendors (Mozilla’s chosen partner is Cloudflare), which may also have privacy and data security issues. Users are worried that their data will be exploited, which has recently led to many negative speculations about Mozilla.
So, Mozilla recently updated the FAQ page to solve some of the issues related to its DoH project, which related to the issue of Cloudflare’s cooperation, Mozilla wrote:
How did Mozilla choose Cloudflare as a trusted resolver?
Cloudflare was able to meet the strict policy requirements that we currently have in place. These requirements are backed up in our legally-binding contract with Cloudflare and have been made public in a best in class privacy notice that documents those policies and provides transparency to users.
Is Mozilla getting paid to route DNS requests to Cloudflare?
No money is being exchanged to route DNS requests to Cloudflare.
Does Mozilla or Cloudflare monetize this data?
No, our policy explicitly forbids monetizing this data. Our goal with this feature is to provide important privacy protections to our users and to make it harder for existing DNS resolvers to monetize users’ DNS data.