Quad9 DOH HTTP/1.1 Retirement, December 15, 2025
13 comments
·December 3, 2025londons_explore
stingraycharles
I think you’re severely underestimating the complexity of http/1.1. It’s definitely much simpler than http/2, but it’s a lot of code that needs to be maintained.
londons_explore
To write the code from scratch, sure.
But I'm thinking a few lines of nginx config to proxy http 1.1 to 2
werdl
probably not - it can be quite poorly defined in places and the edge cases can be very fiddly. by pushing for http/2 it encourages more users to pick it up imo
cenamus
http/2 surely not simpler?
JoshTriplett
Having to support http/1.1 and http/2 is definitely not simpler.
dev_l1x_be
I never understood DOH over DOT. It makes sense if you want to hide DNS lookups so that people cannot block the DNS queries to ad and other scam networks.
wongogue
My ISP (my area is serviced by 1 more but they offer lower speeds) blocks the DoT port. They cannot block 443. If they start blocking popular DoH domains, I can use any of the mirrors or run my own over https://wongogue.in/catpics/
itopaloglu83
DOH prevents malicious network providers from blocking DOT traffic to enforce their own DNS services for “efficiency” reasons.
Most ISPs just want to sell your data and with encrypted client hello and DOH they’re losing visibility into what you’re doing.
zamadatix
DOT picked an odd port, DOH uses 443. Otherwise they both have the benefits of TLS.
junon
It's both. In oppressive countries (Iran, China, Russia) where all traffic is filtered, DOH is supposed to help keep things concealed, too.
temp0826
NextDNS has a DOH3 (as in, http/3) endpoint but afaict it doesn't seem to always use http/3.
5d41402abc4b
HTTP/1.1 is still heavily used in embedded system.
I think code to implement http/1.1 in whatever software stack they use would have been shorter than the blog post...