{"draft":"draft-ietf-dprive-dnsodtls-15","doc_id":"RFC8094","title":"DNS over Datagram Transport Layer Security (DTLS)","authors":["T. Reddy","D. Wing","P. Patil"],"format":["ASCII","HTML"],"page_count":"13","pub_status":"EXPERIMENTAL","status":"EXPERIMENTAL","source":"DNS PRIVate Exchange","abstract":"DNS queries and responses are visible to network elements on the path\r\nbetween the DNS client and its server.  These queries and responses\r\ncan contain privacy-sensitive information, which is valuable to\r\nprotect.\r\n\r\nThis document proposes the use of Datagram Transport Layer Security\r\n(DTLS) for DNS, to protect against passive listeners and certain\r\nactive attacks.  As latency is critical for DNS, this proposal also\r\ndiscusses mechanisms to reduce DTLS round trips and reduce the DTLS\r\nhandshake size.  The proposed mechanism runs over port 853.","pub_date":"February 2017","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8094","errata_url":null}