wordpress blog stats
Connect with us

Hi, what are you looking for?

Clouldflare, Apple unveil new DNS standard to shield users from prying ISPs

Cloudfare, along with Apple and Fastly, have developed a new DNS (Domain Name System) standard that can potentially make it difficult for internet service providers (ISP) from tracking what websites their users visit. In a blog post, the companies unveiled the Oblivious DNS (ODoH) protocol, that will will add a layer of encryption to shield the DNS queries not just from interception by external actors but also by ISPs.

A bit of background on how websites work: When a user enters a website address (say medianama.com) into a browser, a DNS resolver converts the text to machine-readable IP address (ISPs decide which DNS resolvers are used on their networks, which users seldom change). In a simple set-up, the DNS queries are not encrypted, meaning both the DNS resolver, and third parties who may intercept them, can read them. There are newer protocols like DNS-over-HTTPS (DoH) and DNS over TLS (DoT), which prevent interception, modification and redirection by third parties. However, the concern of resolvers being able to read DNS queries still remains.

The ODoH will supposedly address this concern. Along with adding a layer of encryption to the queries, it will add a proxy layer between users and the target website. This will, according to Cloudflare, ensure that (i) the DNS resolvers will only know what website is being requested (ii) while only proxies know the identity of the user. Due to the encryption layer, the proxy itself will have no visibility into the DNS messages. Only the intended target website can read the query. The company also announced that PCCW Global, SURF and Equinix have been brought on as partners for the ODoH launch.

Cloudflare claims that the ODoH will not result in downgraded performance, in spite of the addition of a proxy layer. The additional cost of a proxied query and response was less than 1 millisecond in most cases, the company claimed.

Nick Sullivan, Cloudflare’s head of research, told TechCrunch that a few partners are already running proxies, allowing for early adopters to use ODoH through Cloudflare’s existing ( DNS resolver. However, the publication speculated the ODoH will gain mass adoption only after it is certified by the Internet Engineering Task Force.


Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Amazon has cut off Parler from its cloud hosting service for failing to effectively deal with a “steady increase in violent content” and due...


In the wake of the January 6 US Capitol storming, tech companies have taken unprecedented steps against a sitting president of the United States...


Traceability, or the ability track down the originator of a particular piece of content or message, is at the center of India’s debate around...


There is no clarity on which ministry or Indian government representative signed the international statement on end-to-end encryption (E2E) and public safety — that...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ