Cloudflare DNS resolver integrated on Firefox beta

Mozzila this week announced that will move the integration of the Cloudflare DNS resolver towards a broader set of users on Beta channel, after testing the DNS over HTTPS in Firefox Nightly.

The first test started in June on Firefox Nightly and in August Mozzila presented the results: “the slowest users show a huge improvement, anywhere up to hundreds of milliseconds, and most users see only a small performance slowdown of around 6 milliseconds, which is acceptable given the improved security,” wrote Selena Deckelmann, Senior Director Of Engineering, Firefox Runtime at Mozilla.

Mozilla says will once again work with users who are already participating in Firefox experiments, and continue to provide in-browser notifications about the experiment and details about the DoH service provider so that everyone is fully informed and has a chance to decline participation in this particular experiment. A soft rollout to selected Beta users in the United States will begin the week of September 10th.

Cloudflare created the fastest public DNS in April this year, beating Google and OpenDNS in velocity and in privacy.

DoH is DNS over HTTPS, a new protocol which uses encryption to protect DNS requests and responses

“Cloudflare has been a great partner in developing this feature and has committed to very strong privacy guarantees for our users. Moving forward, we are working to build a larger ecosystem of trusted DoH providers that live up to this high standard of data handling, and we hope to be able to experiment with other providers soon.”

Selena Deckelmann, Senior Director Of Engineering, Firefox Runtime at Mozilla

How does the Cloudflare DNS resolver work on Firefox?

Cloudflare DNS IP address

Every time a user types a web address, such as, into a web browser the web browser sends a query to a DNS resolver. Whenever a resolver receives your query it looks up the IP address associated with the web address that you entered and relays that information to your web browser. “DNS resolution” as this process is referred to, is a crucial component of your Internet experience because, without it, the web browser would be unable to communicate with the servers that host the websites since communication requires knowing the IP addresses of those websites.

For most Internet users the DNS resolver that they use is either the one that comes with the operating system running on their machines or the one that is set by their network provider.

Cloudflare says that in some cases, these resolvers leave a lot to be desired because of their susceptibility to unwanted spying and other security threats.

To counter such threats, Mozilla has partnered with Cloudflare to provide direct DNS resolution from within the Firefox browser using the Cloudflare Resolver for Firefox. Whenever a user clicks on or type a web address in the Firefox browser the DNS lookup request will be sent over a secure channel to the Cloudflare Resolver for Firefox rather than to an unknown DNS resolver, significantly decreasing the odds of any unwanted spying or man in the middle attacks.

Cloudflare Network

What information is collected by Cloudflare?

Cloudflare says any data Cloudflare handles as a result of its resolver for Firefox is as a date processor acting pursuant to Firefox’s data processing instructions. Therefore, the data Cloudflare collects and processes pursuant to its agreement with Firefox types by the Cloudflare Privacy Policy. As part of its agreement with Firefox, Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser. Cloudflare will collect only the following information from Firefox users:

All of the above information will be stored briefly as part of Cloudflare’s temporary logs, and then permanently deleted within 24 hours of Cloudflare’s receipt of such information. In addition to the above information, Cloudflare will also collect and store the following information as part of its permanent logs:

A privacy compromise

Cloudflare promises to use the information that they collect from the Cloudflare Resolver for Firefox solely to improve the performance of Cloudflare Resolver for Firefox and to assist in debugging efforts if an issue arises. In addition to limiting the collection and use of the data, Cloudflare also promises that will not retain or sell or transfer to any third party (except as may be required by law) any personal information, IP addresses or other user identifiers from the DNS queries sent from the Firefox browser to the Cloudflare Resolver for Firefox; Cloudflare will not combine the data that it collects from such queries, with any other Cloudflare or third party data in any way that can be used to identify individual end users; and Cloudflare will not sell, license, sublicense, or grant any rights to your data to any other person or entity without Mozilla’s explicit written permission.

%d bloggers like this: