Windows 10 Windows 10 21H1 - Adds TLS 3.1 and DoH

Gandalf_The_Grey

Level 43
Verified
Trusted
Content Creator
Apr 24, 2016
3,237
Microsoft has quietly confirmed that Windows 10 21H1 would be the next feature update and it will arrive in early 2021, as previously rumoured.

There have been clues over the past few months that Microsoft is shifting to a new ‘minor-major’ update cadence in 2021 to focus on the development on Windows 10X, which was originally supposed to launch in December 2020.

Microsoft had hinted that it would still look to release Windows 10 feature updates twice a year, but this is the first time Microsoft has given any sort of confirmation.

In a new support document, Microsoft has confirmed that the next update after version 20H2 would be ‘Windows 10 21H1’. Microsoft has also updated older support documents to highlight support for Transportation Layer Security (TLS) 1.3 in version 21H1.

This new security layer will reduce the latency, improve performance and security of the web connections made to Windows 10.

As you may be aware, Windows 10 test builds are no longer tied to specific feature updates. As a result, we don’t know when and what features are definitely coming to Windows 10 in the next twelve months.

In version 21H1, you can expect minor improvements and features. For example, it will add dark more to the result pages in Windows Search. Likewise, Microsoft is bringing DNS over HTTPS (DoH) to Windows 10 for increased privacy and security.

DoH would be disabled by default in Windows 10, but you’ll be able to configure it via the Networks tab in the Settings. Or you can also directly enable this feature in your favourite web browsers, such as Chrome, Edge or Firefox.

According to sources, Microsoft would begin testing Windows 10 21H1 (Build 19043) with testers in the Release Preview Channel in January or February 2021. While the plans are always subject to change, version 21H1 is currently expected to begin rolling out as an enablement package by May 2021.

 

Gandalf_The_Grey

Level 43
Verified
Trusted
Content Creator
Apr 24, 2016
3,237
so what is the Security advantage of DoH?
Thanks to the success of projects like Let’s Encrypt and recent UX changes in the browsers, most page-loads are now encrypted with TLS. But DNS, the system that looks up a site’s IP address when you type the site’s name into your browser, remains unprotected by encryption.

Because of this, anyone along the path from your network to your DNS resolver (where domain names are converted to IP addresses) can collect information about which sites you visit. This means that certain eavesdroppers can still profile your online activity by making a list of sites you visited, or a list of who visits a particular site. Malicious DNS resolvers or on-path routers can also tamper with your DNS request, blocking you from accessing sites or even routing you to fake versions of the sites you requested.

A team of engineers is working to fix these problems with “DNS over HTTPS” (or DoH), a draft technology under development through the Internet Engineering Task Force that has been championed by Mozilla. DNS over HTTPS prevents on-path eavesdropping, spoofing, and blocking by encrypting your DNS requests with TLS.
 
Top