The European Commission intends to support an in-house DNS resolver project, a first, to strengthen cyber security for users and offer Europe an alternative to the giants in the sector, Cloudflare and Google.
What if Europe had its own DNS resolver? It is in the interest of the European Commission, which a few days ago launched a call for projects aimed at financing the deployment of a service infrastructure that would be offered to end users of the Internet in the area, that they are companies or individuals. Its aim would then be to increase protection against cyber threats, at a time when Europeans are increasingly using DNS resolvers operated far from European borders.
DNS resolver: an essential element for browsing
Let us first recall, to see where Brussels is coming from, what a DNS is. The DNS, or Domain Name System, for Domain Name Systemallows you to translate the domain names that you know, such as www.clubic.com, into a machine-readable physical IP address, such as 192.0.0.0 (this is an example). The DNS system is a bit like the directory that manages the mapping between names and numbers, whose relationship then takes the form of a query.
But then there are two types of DNS servers. First there is the so-called “official” DNS, which is the server that stores the data retrieved using the DNS protocol. And then – and this is what interests us – we have the so-called “recursive DNS”, more commonly known as “DNS resolver”. The official DNS is also required to respond to the DNS resolver.
The DNS resolver has indispensable functions. It is responsible for responding to your query and finding the name server (DNS server) or DNS cache that holds the query result. It is said that if the DNS resolver goes down, the internet goes down. In general, the user requests the resolver provided directly by the ISP. Except that some will configure public resolvers, such as Cloudflare, Google or OpenDNS (which depends on Cisco), all of American origin. And this is what saddens the European Commission.
Data processing and protection, URL filtering, security… A multifunction resolver
Tomorrow, Brussels wants the European Union to have its own European resolver, which will initially be legally constrained by the GDPR, but which will be installed on European soil. DNS4EU, that is its code name, will have the task of stemming the progression of public DNS resolvers among users, the Commission deploring a ” consolidation of DNS resolution in the hands of a few companies, which leaves the resolution process itself vulnerable in the event of major events affecting a major provider “.
The made in EU resolver will have a particularly important role in the navigation of users of the area, touching on many projects such as accessibility, security, data processing and protection, or the legal filtering of URLs leading to content illegal. It must guarantee the processing of personal data in Europe and their non-monetization. In addition to a simple configuration requirement (tutorials should be offered to any non-expert user), its main mission will be to strengthen global cybersecurity and fight against threats such as phishing, malware and others.
As such, the resolver must support the latest security and confidentiality standards (HTTPS, DNSSEC), not to mention DNS encryption (DNS over TLS, DNS over HTTPS), with an infrastructure that must be IPv6-compliant, warns the Committee.
It will probably take a lot of education with Internet users to facilitate the adoption of this future DNS resolver. In the meantime, Brussels is giving itself until March 22, 2022 to welcome the best proposals.
Source: European Commission
24