Microsoft wants to lock your #DNS resolution to Microsoft-only and Microsoft-approved systems. https://arstechnica.com/security/2024/05/microsoft-plans-to-lock-down-windows-dns-like-never-before-heres-how/
@bortzmeyer Maybe I'm getting this article wrong, but I think you can use *any* encrypted DNS-server. And: It's optional, but it can(!) be beneficial in a corporate environment to enforce certain security guidelines.
I'm definitely not a Microsoft fan, but I think your summary here is wrong.
@JoergA The paper clearly says the opposite: you will not be able to use the DNS resolver of your choosing.
@bortzmeyer To be more specific: The client can only use a DNS resolver according to the setting of the company, but the resolver itself has not to be a Microsoft resolver.
Since this is optional and MS is aiming to business users I don't see a big problem here - at least standard (non encrypted) dns queries are bound to a specific dns server and port 53 is blocked at firewall level.