Welcome to the DNS Privacy project home page
This site is the home of a collaborative open project to promote, implement and deploy DNS Privacy. The goals of this project include:
- Raising awareness of the issue of DNS Privacy
- Empowering users to take advantage of DNS Privacy tools and resources (client applications, DNS Privacy resolvers)
- Evolving the DNS to support DNS Privacy in particular developing new DNS Protocol standards
- Working towards full support for DNS Privacy in a range of Open Source DNS implementations including: getdns, Unbound, NSD, BIND and Knot (Auth and Resolver)
- Co-ordinating deployment of DNS Privacy services and documenting operational practices
Among the many contributors to this project are Sinodun IT, NLnet Labs, SalesForce, Surftnet, NLnet Foundation, OTF, Stephane Bortzmeyer and No Mountain Software.
See past DNS Privacy work
February 2021
- BIND9 add support for DoH and XoT (XFR-over-TLS) in development release 9.17.10!
- Quad9 public domain name service moves to Switzerland for maximum internet privacy protection
- And becomes the first large scale recursive operator to publishing an RPS: a privacy policy based on RFC8932 (BCP232): Recommendations for DNS Privacy Service Operators: quad9.net/privacy/policy/
- CENTR hold a webinar on deploying DoH
January 2021
- EU NISA Directive may require anyone running a 'DNS privacy service' to register - even if running your own resolver!
- NSA report on use of encrypted DNS - warns against use of third-party DoH resolvers and recommends blocking known DoT/DoH endpoints in many scenarios
- Microsoft confirm Windows 10 21H1 will include DoH
- Mozilla comment period for TRR Consultation extended to 20th Jan
December 2020
Overview of DNS Privacy Status
High level overview of ongoing work on DNS Privacy with monthly updates
IETF Working Groups
Catch up with the latest standards being developed to support DNS Privacy in the DPRIVE Working group
Work on adaptive discovery mechanisms for DNS is happening in the ADD Working Group
Reference Material
For a list of useful RFCs, Internet Drafts and presentations see the Reference Material page.
Support
Thanks to NLnet Foundation, OTF and the Comcast Innovation Fund for donations to support DNS Privacy work. Thanks for past support from Verisign Labs.
Contact
If you are interested in contributing to the project please contact:
- Sara Dickinson (sara@sinodun.com)
- Allison Mankin (allison.mankin@gmail.com)
- Benno Overeinder (benno@NLnetLabs.nl)
We now have a twitter account: and a YouTube channel
Comments, JIRA and Bitbucket Access
After a spate of spam comments we have reluctantly change permissions so that commenting on pages requires a user account. An account also provides access to submit general privacy issues in the issue tracker and contribute to the code repositories create a user account (note that Stubby has it's own issue tracker in github):
1 Comment
Marcin Cieślak