DNS over TLS

E200693

DNS over TLS is a security protocol that encrypts traditional DNS queries and responses using Transport Layer Security to protect user privacy and prevent eavesdropping or tampering.

All labels observed (1)

Label Occurrences
DNS over TLS canonical 4

How this entity was disambiguated

Statements (48)

Predicate Object
instanceOf DNS privacy protocol
network security protocol
abbreviation DoT
alternativeTo DNS over HTTPS
DNSCrypt
belongsToCategory Internet protocol
application-layer protocol
canBeImplementedBy public DNS resolvers
recursive resolvers
stub resolvers
canBeUsedWith DNSSEC
canUse TLS 1.2
TLS 1.3
TLS session resumption
defaultPort 853
definedIn RFC 7858
RFC 8310
deploymentContext enterprise networks
home routers
mobile operating systems
doesNotProvide anonymity of client IP address
protection against malicious DNS data without DNSSEC
encrypts DNS queries
DNS responses
IANAServiceName dot
improves resistance to DNS manipulation on-path
resistance to DNS traffic monitoring
layer above TCP transport layer
operatesOn DNS traffic
protects user privacy
protectsAgainst eavesdropping
tampering
relatedTo DNS privacy
encrypted DNS
requires TLS handshake
X.509 certificates
support from both client and resolver
runsOver Transmission Control Protocol
surface form: TCP
secures stub resolver to recursive resolver communication
securityProperty confidentiality of DNS data in transit
integrity of DNS data in transit
standardizedBy Internet Engineering Task Force
surface form: IETF
supportsFeature optional client authentication
server authentication
supportsMode opportunistic mode
strict mode
usesPort 853/tcp
usesProtocol TLS
surface form: Transport Layer Security

How these facts were elicited

Referenced by (4)

Full triples — surface form annotated when it differs from this entity's canonical label.

DNS over QUIC (DoQ) relatedTo DNS over TLS
subject surface form: DNS over QUIC
DNS over QUIC (DoQ) securityModelSimilarTo DNS over TLS
subject surface form: DNS over QUIC
DoQ relatedTo DNS over TLS
DoQ comparedWith DNS over TLS