DNS over TLS
Protocol to encrypt DNS queries using TLS / From Wikipedia, the free encyclopedia
Dear Wikiwand AI, let's keep it short by simply answering these key questions:
Can you list the top facts and stats about DNS over TLS?
Summarize this article for a 10 year old
DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The well-known port number for DoT is 853.
Abbreviation | DoT |
---|---|
Status | Proposed Standard |
Latest version | RFC 7858, RFC 8310 May 2016 and March 2018 |
Organization | IETF |
Authors |
|
While DNS over TLS is applicable to any DNS transaction, it was first standardized for use between stub or forwarding resolvers and recursive resolvers, in RFC 7858 in May of 2016. Subsequent IETF efforts specify the use of DoT between recursive and authoritative servers ("Authoritative DNS over TLS" or "ADoT")[1] and a related implementation between authoritative servers (Zone Transfer-over-TLS or "xfr-over-TLS").[2]