|RFC7626||DNS Privacy Considerations|
This document describes the privacy issues associated with the use of the DNS by Internet users. It is intended to be an analysis of the present situation and does not prescribe solutions.
|draft-ietf-dprive-dns-over-tls||Specification for DNS over TLS*|
This document describes the use of TLS to provide privacy for DNS.
|draft-ietf-dprive-dtls-and-tls-profiles||Authentication and (D)TLS Profile for DNS-over-TLS and |
|This document describes how a DNS client can use a domain name|
to authenticate a DNS server that uses Transport Layer Security
(TLS) and Datagram TLS (DTLS). Additionally, it defines (D)TLS
profiles for DNS clients and servers implementing DNS-over-TLS
and DNS-over- DTLS
|draft-ietf-dnsop-5966bis||DNS Transport over TCP - Implementation Requirements*|
This document specifies the requirement for support of TCP as a transport protocol for DNS implementations and provides guidelines towards DNS-over-TCP performance on par with that of DNS-over-UDP.
|draft-ietf-dnsop-edns-tcp-keepalive||The edns-tcp-keepalive EDNS0 Option*||This document defines an EDNS0 option ("edns-tcp-keepalive")|
that allows DNS clients and servers to signal their respective
readiness to conduct multiple DNS transactions over individual TCP sessions.
|RFC5246||The Transport Layer Security (TLS) Protocol|
|RFC7525||Recommendations for Secure Use of TLS and DTLS|
A short video is available demonstrating TCP connection re-use, pipelining, TCP Fast Open and DNS-over-TLS: DNS-over-TLS demo video
T-DNS: Connection-Oriented DNS to Improve Privacy and Security (Duane Wessels)
getdns-api implementation (Willen Toorop)
T-DNS: Connection-Oriented DNS to Improve Privacy and Security (http://www.isi.edu/publications/trpublic/files/tr-693.pdf)