Comment by jlaporte

> it moves the responsibility for name resolution from the operating system to each application

Browsers only took on DoH implementation directly because they were solving the cold-start problem for a new protocol. Nothing to do with the spec.

There is support for DoH in all major OSs today, but none have made it a simple box to click AFAIK (we could speculate why).

For macOS, iOS, either via Private Relay (paid) or a configuration profile. Premade profiles: * https://github.com/paulmillr/encrypted-dns

For Windows > In the Registry Editor window open: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters > Right-click within the “Parameters” folder and create a new Dword (32-bit) Value. Name this new file “EnableAutoDOH” and set its value to “2.” * https://superuser.com/posts/1764668/revisions

Linux: * https://dev.to/mfat/how-to-enable-system-wide-dns-over-https...