DNS, the Domain Name System, is one of the (if not ‘the’) most fundamental protocols of the internet. It’s hard to name an application that could work without the name resolution DNS provides.
However, DNS is inherently insecure: data is sent in plain text with no authentication or integrity check.
In the beginning, when the standards for DNS were created, networks were a lot different. As time went on and networks grew (and, in the case of the internet, boomed), this classic DNS protocol became too essential to be replaced, yet too dated to remain unchanged. Our new information age demands considerations of privacy and security.
Recently the IETF (Internet Engineering Task Force, the organization responsible for developing and maintaining standards for protocols such as DNS) has intensified its work on modernizing DNS. The first two DNS standards to address encryption were DoT (DNS-over-TLS) and DoH (DNS-over-HTTPS).
These first implementations of encryption were primarily driven by developers of the two major web-browsers: Mozilla and Google. However, this approach, spearheaded respectively by Firefox and Chrome, resulted in slow adoption rates and causes concerns about data collection and privacy. With both companies located in the United States, DNS data is collected centrally at US cloud providers, which many considered a step backward for user privacy on the internet. To further complicate the landscape of DNS privacy, the European Union’s GDPR and other legislative efforts around the world created a chaotic situation.
But the story is not over yet.
Apple and Microsoft appeared recently as new protagonists, introducing new and exciting ideas about DNS encryption. The IETF itself, along with other global organizations, is focusing on updating the standards of DNS to answer the challenges of a changing world.
We at Men&Mice have been in the DNS business since the early 1990s. We’ve seen DNS change while remaining unchanged, and it’s literally our business to make tools that modernize the way it’s managed in contemporary environments. Our training program has also been around for decades, offering insight into the world of DNS.
From time to time, we offer to sync our expertise and experience with yours and walk you through the field’s latest developments. This month we’re offering a free webinar on DNS encryption, covering topics such as:
- the need for DNS privacy
- the benefits and shortcomings of DoT and DoH
- the current (as of August 2020) status of DoH/DoT deployment
- the latest from the IETF ADD Working group, including Oblivious DoH (oDoH) and adaptive DNS resolver discovery
Join us online on August 19th: reserve your spot today!