Last Call: <draft-ietf-dprive-dns-over-tls-06.txt> (Specification for DNS over TLS) to Proposed Standard

The IESG <> Tue, 01 March 2016 15:54 UTC

Return-Path: <>
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id 5EE401B2DEE; Tue, 1 Mar 2016 07:54:14 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <>
To: IETF-Announce <>
Subject: Last Call: <draft-ietf-dprive-dns-over-tls-06.txt> (Specification for DNS over TLS) to Proposed Standard
X-Test-IDTracker: no
X-IETF-IDTracker: 6.15.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <>
Date: Tue, 01 Mar 2016 07:54:14 -0800
Archived-At: <>
X-Mailman-Version: 2.1.15
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 01 Mar 2016 15:54:14 -0000

The IESG has received a request from the DNS PRIVate Exchange WG (dprive)
to consider the following document:
- 'Specification for DNS over TLS'
  <draft-ietf-dprive-dns-over-tls-06.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the mailing lists by 2016-03-15. Exceptionally, comments may be
sent to instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.


   This document describes the use of TLS to provide privacy for DNS.
   Encryption provided by TLS eliminates opportunities for eavesdropping
   and on-path tampering with DNS queries in the network, such as
   discussed in [RFC7258].  In addition, this document specifies two
   usage profiles for DNS-over-TLS and provides advice on performance
   considerations to minimize overhead from using TCP and TLS with DNS.

   This document focuses on securing stub-to-recursive traffic, as per
   the charter of the DPRIVE working group.  It does not prevent future
   applications of the protocol to recursive-to-authoritative traffic.

   Note: this document was formerly named
   draft-ietf-dprive-start-tls-for-dns.  Its name has been changed to
   better describe the mechanism now used.  Please refer to working
   group archives under the former name for history and previous
   discussion.  [RFC Editor: please remove this paragraph prior to

The file can be obtained via

IESG discussion can be tracked via

No IPR declarations have been submitted directly on this I-D.