DNS Privacy

What is DNS Privacy?

The  Domain Name System (DNS) was originally developed without any kind of considerations for user privacy and may therefore leak information about DNS queries and responses that can be correlated to specific network activity (e.g. applications employed, web sites visited, people communicated with, etc.). Since pervasive monitoring became a major concern in protocol development, a number of efforts have aimed improve the privacy properties of important Internet protocols. “DNS Privacy” refers to the privacy improvements recently made to the Domain Name System .

Basics

• Introduction to DNS Privacy
• DNS Privacy Frequently Asked Questions (FAQ)

Specifications

• RFC 7816: DNS Query Name Minimisation to Improve Privacy
• RFC 7858: Specification for DNS over Transport Layer Security (TLS)
• RFC 8094: DNS over Datagram Transport Layer Security (DTLS)
• RFC 8484: DNS Queries over HTTPS (DoH)

DNS Privacy Implementations

• DNS-over-TLS in Linux (systemd)
• DNS-over-HTTPS (DoH) Support in Mozilla Firefox

Additional Information

• DNS Privacy Project