Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private.

谷歌周二正式宣布支持 Android 设备的 DNS-over-HTTP/3 (DoH3) 作为 Google Play 系统更新的一部分，旨在保持 DNS 查询的私密性。

To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS (DoT), which was incorporated into the mobile operating system with Android 9.0.

为此，运行 Android 11 及更高版本的 Android 智能手机预计将使用 DoH3 而不是 DNS-over-TLS (DoT)，后者已被整合到 Android 9.0 的移动操作系统中。

DoH3 is also an alternative to DNS-over-HTTPS (DoH), a mechanism for carrying out remote Domain Name System (DNS) resolution through an encrypted connection, effectively preventing third parties from snooping on users' browsing activities.

DoH3 也是 DNS-over-HTTPS (DoH) 的替代方案，DoH 是一种通过加密连接进行远程域名系统 (DNS) 解析的机制，有效防止第三方窥探用户的浏览活动。

HTTP/3, the first major upgrade to the hypertext transfer protocol since HTTP/2 was introduced in May 2015, is designed to use a new transport layer protocol called QUIC that's already supported by major browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari.

HTTP/3是自 2015 年 5 月引入 HTTP/2 以来对超文本传输 协议的首次重大升级，旨在使用一种名为QUIC的新传输层协议，该协议已被 Google Chrome、Microsoft Edge、Mozilla Firefox 等主要浏览器支持和苹果 Safari。

The low-latency protocol, developed by Google in 2012, relies on the User Datagram Protocol (UDP) rather than the Transmission Control Protocol (TCP) to make HTTP traffic more secure and efficient, not to mention reduce the time it takes to establish connections between two endpoints.

谷歌在 2012 年开发的低延迟协议，依赖于用户数据报协议 (UDP) 而不是传输控制协议 (TCP)，使 HTTP 流量更加安全和高效，更不用说减少建立连接所需的时间两个端点之间。

"While using HTTPS alone will not reduce the overhead significantly, HTTP/3 uses QUIC, a transport that efficiently multiplexes multiple streams over UDP using a single TLS session with session resumption," Matthew Maurer and Mike Yu from the Android team said in a post.

Android团队的Matthew Maurer和Mike Yu在一篇帖子中表示：“虽然单独使用HTTPS不会显著减少开销，但HTTP/3使用QUIC，这是一种通过UDP使用单个TLS会话高效多路复用多个流并恢复会话的传输。”

DoH3 further has the advantage of maintaining stable connections even when mobile devices frequently change networks (e.g., from Wi-Fi to LTE). "With DoT, these events require a full renegotiation of the connection. By contrast, the QUIC transport HTTP/3 is based on can resume a suspended connection in a single RTT," Google noted.

DoH3 还具有即使移动设备频繁更换网络（例如，从 Wi-Fi 到 LTE）也能保持稳定连接的优势。“使用 DoT，这些事件需要对连接进行完全重新协商。相比之下，基于 HTTP/3 的 QUIC 传输可以在单个 RTT 中恢复暂停的连接，”谷歌指出。

What's more, to improve the security of the DNS resolver, the component has been implemented in Rust, enabling memory safe guarantees. It's worth pointing out that Google added Rust support to Android in April 2021.

更重要的是，为了提高 DNS 解析器的安全性，该组件已在 Rust 中实现，从而实现了内存安全保证。值得指出的是，谷歌在 2021 年 4 月为 Android添加了 Rust 支持。

"With the introduction of Rust, we are able to improve both security and the performance at the same time," Maurer and Yu said. "Likewise, QUIC allows us to improve network performance and privacy simultaneously."

“随着 Rust 的引入，我们能够同时提高安全性和性能，”Maurer 和 Yu 说。“同样，QUIC 使我们能够同时提高网络性能和隐私。”

图难于其易，为大于其细。

——《道德经.第六十三章》

本文翻译自：

https://thehackernews.com/2022/07/google-adds-support-for-dns-over-http3.html

如若转载，请注明原文地址

翻译水平有限 :(

有歧义的地方，请以原文为准 ：）