%% You should probably cite rfc7858 instead of this I-D. @techreport{ietf-dprive-dns-over-tls-07, number = {draft-ietf-dprive-dns-over-tls-07}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-dprive-dns-over-tls/07/}, author = {Zi Hu and Liang Zhu and John Heidemann and Allison Mankin and Duane Wessels and Paul E. Hoffman}, title = {{Specification for DNS over TLS}}, pagetotal = 20, year = 2016, month = mar, day = 1, abstract = {This document describes the use of TLS to provide privacy for DNS. Encryption provided by TLS eliminates opportunities for eavesdropping and on-path tampering with DNS queries in the network, such as discussed in {[}RFC7258{]}. In addition, this document specifies two usage profiles for DNS-over-TLS and provides advice on performance considerations to minimize overhead from using TCP and TLS with DNS. This document focuses on securing stub-to-recursive traffic, as per the charter of the DPRIVE working group. It does not prevent future applications of the protocol to recursive-to-authoritative traffic. Note: this document was formerly named draft-ietf-dprive-start-tls-for-dns. Its name has been changed to better describe the mechanism now used. Please refer to working group archives under the former name for history and previous discussion. {[}RFC Editor: please remove this paragraph prior to publication{]}}, }