Bug 2127270

Summary: [RFE] Include DNS over HTTPS in systemd-resolved as an option like DNS over TLS
Product: Red Hat Enterprise Linux 8 Reporter: Mike Ralph <mralph>
Component: systemdAssignee: systemd maint <systemd-maint>
Status: NEW --- QA Contact: Frantisek Sumsal <fsumsal>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 8.6CC: dtardon, fkrska, systemd-maint-list
Target Milestone: rcKeywords: FutureFeature, Triaged
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Story
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mike Ralph 2022-09-15 19:09:29 UTC 
1. Proposed title of this feature request?
  Include DNS over HTTPS in systemd-resolved

3. What is the nature and description of the request?
  DNS over HTTPS is one of the DNS encryption methods required under a US memorandum. 

4. Why does the customer need this? (List the business requirements here)
  Due to the recent US memorandum, M-22-09, all DNS traffic must be encrypted by the end of FY2024.

5. How would the customer like to achieve this? (List the functional requirements here)
  Customer would like the ability to enable the option to do DNS over HTTP.

6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
  Testing can be done through normal QE process.

7. Is there already an existing RFE upstream or in Red Hat Bugzilla?
  No. 

8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL8, RHEL9)?
  Before end of year

9. Is the sales team involved in this request and do they have any additional input?
  No

10. List any affected packages or components.
  systemd, systemd-resolved

11. Would the customer be able to assist in testing this functionality if implemented?
  possibly