May 10 – 11, 2014
Sofitel Warsaw Victoria
Europe/Warsaw timezone

IETF work on DNS privacy

May 10, 2014, 2:30 PM
Opera (Sofitel Warsaw Victoria)


Sofitel Warsaw Victoria

11 Królewska Street 00-065 Warsaw
Public Workshop


Mr Stéphane Bortzmeyer (AFNIC)


At the IETF 88 meeting in Vancouver, the first one which took into account the Snowden revelations, there was a lot of enthusiasm on action to improve the privacy on the Internet This was summarized in a press release claiming that "all of the working groups that considered the topic have started planning to address the threat using IETF tools that can mitigate aspects of the problem". Now, what is actually done in the DNS field?


There are several actions already under way:

  • work on a future RFC on "DNS privacy problem statement". Two Internet-Drafts cover this. The work started in the perpass working group and will soon formally move to dnsop.

  • work on "QNAME minimization", a simple and deployable technique to minimize the amount of data sent to authoritative name servers.

  • work on encryption of DNS traffic. There are existing solutions (IPsec, DNScrypt) and possible new techniques (an Internet-Draft suggests a new method).

This talk will describe these actions, their current state after IETF 89 in London and the discussions they trigger.

Primary author

Presentation materials