DNS over DTLS

E208754

DNS over DTLS is a protocol that secures DNS queries using Datagram Transport Layer Security over UDP, providing encryption and integrity while preserving DNS’s low-latency, connectionless nature.

Try in SPARQL Jump to: Surface forms Statements Referenced by

All labels observed (1)

Label Occurrences
DNS over DTLS canonical 1

Statements (48)

Predicate Object
instanceOf DNS security mechanism
network security protocol
aimsTo improve privacy of DNS
prevent DNS traffic analysis on content
belongsTo DNS privacy technologies
canBeUsedBy recursive resolvers
stub resolvers
canCoexistWith DNSSEC
canSupport mutual authentication
canUse DTLS
surface form: DTLS 1.2

DTLS
surface form: DTLS 1.3
doesNotProvide origin authentication of DNS data like DNSSEC
encapsulates DNS messages inside DTLS records
isAlternativeTo DNS over HTTPS
DNS over TLS
isBasedOn TLS
isDefinedIn IETF draft documents
isDesignedFor securing DNS over unreliable transports
isDesignedTo minimize connection setup overhead compared to TCP-based solutions
isLessDeployedThan DNS over HTTPS
DNS over TLS
isMaintainedBy IETF community
surface form: IETF DNS and TLS communities
isSuitableFor environments where UDP is preferred over TCP
isVulnerableTo UDP-based denial-of-service issues
mayUse pre-shared keys
operatesAtLayer transport layer
preservesProperty connectionless communication
low latency
protectsAgainst on-path tampering with DNS messages
passive eavesdropping on DNS traffic
providesProperty authentication
confidentiality
integrity
requires DTLS handshake
DTLS version negotiation
certificate-based server authentication
secures DNS queries
DNS responses
stillLeaks IP header metadata
packet size information
supports client-to-recursive-resolver communication
recursive-resolver-to-authoritative-server communication
supportsFeature retransmission at DTLS layer
session resumption
usesPortTypically UDP port 853
usesProtocol DTLS
surface form: Datagram Transport Layer Security
usesTransportProtocol UDP
wasMotivatedBy need for encrypted DNS over UDP

How these facts were elicited

The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.

Instruction
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10.

# Requirements
- If you don't know the subject at all, return an empty list.
- If the subject is not a named entity, return an empty list.
- Include at least one triple where predicate is "instanceOf".
- Do not get too wordy.
- Separate several objects into multiple triples with one object.
Input
Subject: DNS over DTLS
Description of subject: DNS over DTLS is a protocol that secures DNS queries using Datagram Transport Layer Security over UDP, providing encryption and integrity while preserving DNS’s low-latency, connectionless nature.

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

DNS over QUIC (DoQ) improvesOver DNS over DTLS
subject surface form: DNS over QUIC