Create placeholder page, reorder, and adjust Encryption index

Author: RebeccaTamachiro

src/content/docs/1.1.1.1/encryption/dns-over-https/index.mdx

@@ -4,6 +4,7 @@ title: DNS over HTTPS
 slug: 1.1.1.1/encryption/dns-over-https
 sidebar:
   label: About DoH
+  order: 5
 ---
 
 import { DirectoryListing } from "~/components"

src/content/docs/1.1.1.1/encryption/dns-over-tls.mdx

@@ -2,6 +2,8 @@
 pcx_content_type: concept
 title: DNS over TLS
 slug: 1.1.1.1/encryption/dns-over-tls
+sidebar:
+  order: 4
 ---
 
 By default, DNS is sent over a plaintext connection. DNS over TLS (DoT) is one way to send DNS queries over an encrypted connection. Cloudflare supports DNS over TLS on standard port 853 and is compliant with [RFC 7858](https://tools.ietf.org/html/rfc7858). With DoT, the encryption happens at the transport layer, where it adds TLS encryption on top of a TCP connection.

src/content/docs/1.1.1.1/encryption/dnskey.mdx

@@ -5,7 +5,8 @@ head:
   - tag: title
     content: Supported DNSKEY signature algorithms
 slug: 1.1.1.1/encryption/dnskey
-
+sidebar:
+  order: 7
 ---
 
 [DNSSEC is a protocol](https://www.cloudflare.com/learning/dns/dns-records/dnskey-ds-records/) that adds a layer of security to the domain name system (DNS). DNSSEC does this by providing authentication through public signing keys using two DNS records: DNSKEY and DS. They can be used to verify DNSSEC signatures in [RRSIG records](https://www.cloudflare.com/dns/dnssec/how-dnssec-works/).

src/content/docs/1.1.1.1/encryption/index.mdx

@@ -12,8 +12,12 @@ slug: 1.1.1.1/encryption
 
 Traditionally, DNS queries and replies are performed over plaintext. They are sent over the Internet without any kind of encryption or protection, even when you are accessing a secured website. This has a great impact on security and privacy, as these queries might be subject to surveillance, spoofing and tracking by malicious actors, advertisers, ISPs, and others.
 
-To prevent this and secure your connections, 1.1.1.1 supports [DNS over TLS (DoT)](/1.1.1.1/encryption/dns-over-tls/) and [DNS over HTTPS (DoH)](/1.1.1.1/encryption/dns-over-https/), two standards developed for encrypting plaintext DNS traffic. This prevents untrustworthy entities from interpreting and manipulating your queries.
+To prevent untrustworthy entities from interpreting and manipulating your queries, 1.1.1.1 supports different standards to encrypt plaintext DNS traffic and improve DNS privacy:
+
+- [DNS over TLS (DoT)](/1.1.1.1/encryption/dns-over-tls/)
+- [DNS over HTTPS (DoH)](/1.1.1.1/encryption/dns-over-https/)
+- [Oblivious DNS over HTTPS (ODoH)](/1.1.1.1/encryption/oblivious-dns-over-https/)
 
 You can also [configure your browser](/1.1.1.1/encryption/dns-over-https/encrypted-dns-browsers/) to secure your DNS queries.
 
-If you need to secure connections in your smartphone, refer to 1.1.1.1's [iOS](/1.1.1.1/setup/ios/) or [Android](/1.1.1.1/setup/android/) apps.
+If you need to secure connections in your smartphone, refer to 1.1.1.1 [iOS](/1.1.1.1/setup/ios/) or [Android](/1.1.1.1/setup/android/) apps.

src/content/docs/1.1.1.1/encryption/oblivious-dns-over-https.mdx

@@ -0,0 +1,10 @@
+---
+pcx_content_type: concept
+title: Oblivious DNS over HTTPS
+slug: 1.1.1.1/encryption/oblivious-dns-over-https
+sidebar:
+  order: 6
+  label: Oblivious DoH
+---
+
+As announced on [our blog](https://blog.cloudflare.com/oblivious-dns/), since late 2020, Cloudflare supports Oblivious DNS over HTTPS (ODoH).