We already have mechanisms called “DNS-over-HTTPS” (DoH) and “DNS-over-TLS” (DoT) to encrypt your DNS queries so intermediaries cannot eavesdrop on them. However, the DNS server you are querying still knows what you are asking for, and can tie that to the IP address that you are querying from. So the next step is called “Oblivious DNS” (“over HTTPS”?) or “ODoH” <https://arstechnica.com/information-technology/2020/12/cloudflare-apple-and-others-back-a-new-way-to-make-the-internet-more-private/>. This one interposes a proxy to relay the encrypted query and response between the client machine and DNS server. The proxy cannot decrypt the communications, and its presence hides the client’s IP address from the server, further increasing your privacy. To recap: the DNS server knows what you are asking for, but not who is asking. The proxy knows who is asking, but not what they are asking for. Given the controversy from some parties over the existing mechanisms (remember when the British Internet Service Providers’ Association dubbed Mozilla a “villain” for implementing DoH <https://www.theregister.com/2019/07/10/ispa_clears_mozilla/>?), I wonder what kind of hoo-hah this further development will trigger...