DNS Privacy Project

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 35 Next »

Experimental DNS Privacy Recursive Servers

The following servers are configured to support TLS on port 853 for testing purposes.

Note that they are experimental offerings with no guarantees on the lifetime of the service or service level provided. 

Also note that the single SPKI pins published here for many of these servers are subject to change (e.g on Certificate renewal) and should be used with care!!

Hosted byIP addressesHostname for TLS
authentication
Base 64 encoded (and hex) form of SPKI pin for TLS
authentication (RFC7858)

Supports

RFC7766 fully

SoftwareNotes
getdnsapi.net

185.49.141.38

2a04:b900:0:100::38

getdnsapi.net

foxZRnIh9gZpWnl+zEiKa0EJ2rdCGroMWm02gaxSc9S=
(7e8c59467221f606695a797ecc488a6b4109dab7421aba0c5a6d3681ac5273d4)

NoUnbound
Surfnet

145.100.185.15

2001:610:1:40ba:145:100:185:15

dnsovertls.sinodun.com

62lKu9HsDVbyiPenApnc4sfmSYTHOVfFgL3pyB+cBL4=
(EB694ABBD1EC0D56F288F7A70299DCE2C7E64984C73957C580BDE9C81F9C04BE)

No, but does do concurrent
processing of queries.

Supports TFO

HAProxy + BINDOnly listening on TLS on port 853
Surfnet

145.100.185.16

2001:610:1:40ba:145:100:185:16

dnsovertls1.sinodun.com

cE2ecALeE5B+urJhDrJlVFmf38cJLAvqekONvjvpqUA=
(704D9E7002DE13907EBAB2610EB26554599FDFC7092C0BEA7A438DBE3BE9A940)

No, but does do concurrent
processing of queries
Nginx + BINDOnly listening on TLS on port 853
dkg

199.58.81.218

dns.cmrg.net

3IOHSS48KOc/zlkKGtI46a9TY9PPKDVGhE3W2ZS4JZo=

(DC8387492E3C28E73FCE590A1AD238E9AF5363D3CF283546844DD6D994B8259A)

No, but does do concurrent
processing of queries.

Knot Resolver
OARC

184.105.193.78

2620:ff:c000:0:1::64:25

tls-dns-u.odvr.dns-oarc.net

pOXrpUt9kgPgbWxBFFcBTbRH2heo2wHwXp1fd4AEVXI=
(A4E5EBA54B7D9203E06D6C411457014DB447DA17A8DB01F05E9D5F7780045572)

NoUnboundSee OARC website
Yeti

2001:4b98:dc2:43:216:3eff:fea9:41a

dns-resolver.yeti.eu.org

VftYcSCtgKdaHJI/P2mtcBjOt9rRc8KSjNh+cejCEwU=
(55FB587120AD80A75A1C923F3F69AD7018CEB7DAD173C2928CD87E71E8C21305) 

NoUnboundSee https://dns-resolver.yeti.eu.org/
  • No labels