Donate
DPRIVE experimental service debuts @ IETF 99 Thumbnail
‹ Back
Deploy360 24 August 2017

DPRIVE experimental service debuts @ IETF 99

Kevin Meynell
By Kevin MeynellManager, Technical and Operational Engagements

TLS badgeThe IETF is not only a place to discuss the development of Internet protocols, but also offers a place for developers and operators to ‘eat their own dog food’ on the meeting network. And given that the IETF DPRIVE Working Group has published some RFC specifications over the past year, the most recent IETF 99 in Prague provided a timely opportunity to run an experimental DNS-over-TLS service.

DNS queries and responses are currently transmitted over the Internet entirely in the clear, and whilst DNSSEC is able to authenticate a response from a DNS server, it does not actually encrypt the transmitted information. The aim of DPRIVE is therefore to add mechanisms to provide confidentiality to DNS transactions and address concerns about pervasive monitoring using TLS or DTLS to encrypt queries and responses between DNS clients and servers.

Some information about how the experimental DNS-over-TLS service was set-up on the IETF network can be found on the IETF99 Experiments page, but the DNS Privacy Project offers a list of experimental servers supporting both IPv4 and IPv6 if you want to try this out yourself. You also can check out their up status.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more
Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more
Improving Technical Security12 April 2018

Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more

There was an important development this month with the launch of Cloudflare's new 1.1.1.1 DNS resolver service. This is a significant...

Rough Guide to IETF 103: DNSSEC, DNS Security and DNS Privacy
Rough Guide to IETF 103: DNSSEC, DNS Security and DNS Privacy
Domain Name System Security Extensions (DNSSEC)2 November 2018

Rough Guide to IETF 103: DNSSEC, DNS Security and DNS Privacy

As happened earlier this year at IETF 102 in Montreal, DNS privacy will receive a large focus in the DNSOP,...

Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more
Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more
Deploy36012 April 2018

Cloudflare launches 1.1.1.1 DNS service with privacy, TLS and more

There was an important development this month with the launch of Cloudflare's new 1.1.1.1 DNS resolver service. This is a significant...

Join the conversation with Internet Society members around the world