Welcome to the DNS Privacy project home page
This site is the home of a collaborative open project to promote, implement and deploy DNS Privacy. The goals of this project include:
- Raising awareness of the issue of DNS Privacy
- Empowering users to take advantage of DNS Privacy tools and resources (client applications, DNS Privacy resolvers)
- Evolving the DNS to support DNS Privacy in particular developing new DNS Protocol standards
- Working towards full support for DNS Privacy in a range of Open Source DNS implementations including: getdns, Unbound, NSD, BIND and Knot (Auth and Resolver)
- Co-ordinating deployment of DNS Privacy services and documenting operational practices
Current contributors to this project include Sinodun IT, NLnet Labs, SalesForce and No Mountain Software.
QUICK START GUIDES
FOR END USERS
- What is the problem? Read up on why DNS Privacy is an issue.
- Clients: Meet 'Stubby' - a experimental DNS Privacy stub resolver for use on client machines.
- Test servers: See information on the current list of DNS Privacy test servers available
FOR OPERATORS
- Implementation status: See the current status of DNS Privacy (using DNS-over-TLS) implementations in various DNS software
- How to run a DNS-over-TLS server: Guides on TLS proxies and key management and tools
- COMING SOON: Guidance on data handling on DNS Privacy servers
See past DNS Privacy work
June 2020
- Comcast become the first ISP to join Mozilla's Firefox TRR program
- OONI publish a study showing 57% of well known DoT endpoints are blocking in Iran
- Apple announce DoT and DoH support and an API for apps to configure their own encrypted resolver
- Searching in the address bar can leak DNS queries on the local network in Chrome and Firefox
May 2020
- Chrome 83 ships with DoH auto-upgrade option (and manual configuration options)
- Microsoft announced DoH client available for Windows Insiders
- New drafts submitted to the IETF ADD WG on discovery
- EDDI has produced a Interim DoH Discovery Proposal for Browser and OS vendors
- US govt agencies to disable DoH until their own federal DoT/DoH service is available
- ISC publish a design document for their upcoming support of DoT and DoH
April 2020
- DNS-over-QUIC draft adopted by DPRIVE WG at IETF
- CIRA (the .ca registry) announce Canadian Sheild a free DoT&DoH service hosted in Canada
- Latest from Chrome on their DoH release plans
- Cloudflare now offer "Cloudflare 1.1.1.1 for families" with filtering options
- The Register article on the Cloudflare 1.1.1.1 audit results
Overview of DNS Privacy Status
High level overview of ongoing work on DNS Privacy with monthly updates
DPRIVE Working Group
Catch up with the latest standards being developed to support DNS Privacy: DPRIVE Working group
Reference Material
For a list of useful RFCs, Internet Drafts and presentations see the Reference Material page.
Thanks
Thanks to NLnet Foundation for a donation to support DNS Privacy work. Thanks for past support from Verisign Labs.
Contact
If you are interested in contributing to the project please contact:
- Sara Dickinson (sara@sinodun.com)
- Allison Mankin (allison.mankin@gmail.com)
- Benno Overeinder (benno@NLnetLabs.nl)
JIRA and Bitbucket Access
To submit issues in the issue tracker and contribute to the code repositories create a user account:
