An alternative to DoT which provides enhanced security of name resolution is DNS over HTTPS (DoH). Both solutions provide encrypted communication, but they use different ports. And as trivial as that might sound, it has led to a deep rift between expert groups. While DNS over TLS uses its own port, DoH uses Port 443, which is used for all other HTTPS connections and means that a DNS request cannot be distinguished from other traffic when surfing the web.
With regard to data protection, this has some serious benefits. If DNS requests aren’t recognized, others cannot attempt to prohibit them. Some network administrators, however, are worried that they could lose control of network traffic and wouldn’t be able to properly manage communication.
The solutions are supported by two camps. The IETF – an organization concerned with the continued development of the Internet – supports DoT. The IETF develops standards that in many cases can be taken up by other actors online. DNS over HTTPS, on the other hand, is supported by various other companies and organizations including the Mozilla Foundation and Google.