Skip Abstract Section
Abstract
DNS queries and responses are visible to network elements on the path between the DNS client and its server. These queries and responses can contain privacy-sensitive information, which is valuable to protect.
This document proposes the use of Datagram Transport Layer Security (DTLS) for DNS, to protect against passive listeners and certain active attacks. As latency is critical for DNS, this proposal also discusses mechanisms to reduce DTLS round trips and reduce the DTLS handshake size. The proposed mechanism runs over port 853.
Cited By
- Lenders M, Amsüss C, Gündogan C, Nawrocki M, Schmidt T and Wählisch M (2023). Securing Name Resolution in the IoT: DNS over CoAP, Proceedings of the ACM on Networking, 1:CoNEXT2, (1-25), Online publication date: 28-Sep-2023.
- Bronzino F, Schmitt P, Ayoubi S, Kim H, Teixeira R and Feamster N (2021). Traffic Refinery, Proceedings of the ACM on Measurement and Analysis of Computing Systems, 5:3, (1-24), Online publication date: 14-Dec-2021.
Index Terms
- RFC 8094: DNS over Datagram Transport Layer Security (DTLS)
Index terms have been assigned to the content through auto-classification.
Please enable JavaScript to view thecomments powered by Disqus.