DNS Privacy Project

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 45 Next »

Implementation Status

This table lists the current status of DNS-over-TLS related features in the latest stable releases of a selection of commonly used DNS software. 

Client/Server

Client - Stub 

Client - Recursive

Server - RecursiveServer - Auth
Software

ldns

(drill)

digit

getdns

BIND

(dig)

getdns*

UnboundBIND

Unbound

BINDNSDBIND
Port based TLS (tick)(tick) (tick)(tick) (tick)   
TCP fast open** (tick)

(tick)

 

P

      
Connection reuse (tick)

(tick)

(tick)WIPWIP (tick)(tick)(tick)(tick)

Pipelining***

n/a(tick)

(tick)

n/a   (tick)(tick)(tick)(tick)
OOOP***n/a (tick)

(tick)

n/a   WIP(tick)  
TLS authentication  (tick)  2016 (tick)   
EDNS0 Padding  (tick)        
EDNS0 Keepalive  (tick)  2016     

 

KEY:

  • Green square (tick) - indicates latest release already supports this functionality
  • Blue square - indicates that a patch is available in our git repo. See here for details: DNS-over-TLS patches
  • Yellow square - indicates work in progress
  • 2016 - indicates patches planned for 2016
  • P - Requires building against a patched version of libunbound

*    getdns uses libunbound in recursive mode
**  not available on Windows 
***  Pipelining and OOOP are not applicable for synchronous applications

 

  • No labels