Technical Summary
This document describes the use of TLS to provide privacy for DNS. In addition, this document specifies two usage profiles for DNS-over-TLS and provides advice on performance considerations to minimize overhead from using TCP and TLS with DNS.
Working Group Summary
This document was heavily reviewed and discussed int the working group, and the community is strongly behind this document. The authors made sure that all issues raised during the process were addressed. Additionally, there is a complementary design moving through the working group (draft-ietf-dprive-dnsodtls), and both sets of authors worked together to ensure the issues raised between the drafts were resolved. Both groups of authors have worked exceptionally well together.
Document Quality
This is a well structured document with several vendors signalling intent to implement and support. A current implementation is offered from NLNetLabs (unbound).
The workgroup performed well in bringing forth this document. The draft lists 6 authors, and the AD is in support of that number, a note has already been sent to the RFC-Editor.
Personnel
Document Shepherd: Tim Wicinski
Area Director: Terry Manderson
IANA Note
IANA was requested to add the following value to the "Service Name and
Transport Protocol Port Number Registry" registry in the System Range for the TCP port.
Additionally, there is an IANA request to reserve the same port number over over UDP for the forthcoming proposed DNS-over=DTLS protocol draft-ietf-dprive-dnsodtls
Service Name domain-s
Port Number 853
Transport Protocol(s) TCP/UDP
Assignee IETF DPRIVE Chairs
Contact Paul Hoffman
Description DNS query-response protocol run over TLS/DTLS
Reference This document
This is a *temporary* assignment and expires on 2016-10-08.