Stubby
A local DNS Privacy stub resolver using DNS-over-TLS
Stubby is an open source project to develop a DNS stub resolver for use on client devices which will provide DNS Privacy for end users by implementing DNS-over-TLS (RFC 7858). This service will provide encrypted first-hop access to DNS services protecting users’ DNS queries from eavesdropping at any point along the path between their device and a privacy-enabling DNS server.
More information about DNS-over-TLS: https://tools.ietf.org /html/rfc7858
- The project's own website: https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby
Why does this actually matter to end users?
We use DNS every day, but most of us never realise that the lack of transport layer security this discovery protocol has brings along a significant liability from a security perspective. DNS-over-TLS aims to fix that - but what is a privacy protecting internet technology like it worth, if it isn't in the hands of actual end users protecting them?
With main stream software developers and operating system vendors erring on the side of caution (to put it friendly), users that want to benefit from technologies like DNS-over-TLS need suitable tools to replace native functionality..
An experimental implementation of Stubby (developed by the getdns team as part of the DNS Privacy project) is already available. The project now aims to mature Stubby and significantly improve usability, thereby gaining valuable experience with the new standard and increasing uptake of Stubby among non-technical users.
Run by Sinodun
This project was funded through the Internet Hardening Fund, a fund established by NLnet with financial support from the Netherlands Ministry of Economic Affairs and Climate Policy.
