Europe does not wish to depend too much on foreign countries for access to the Internet and more particularly for browsing the web. The continent has plans to design its own DNS resolver, which can direct Internet users to the right websites when they enter an address.
We already knew about the WiFi4EU project (“Wi-Fi for the European Union”), which grants European financial aid to municipalities wishing to equip themselves with Wi-Fi in public spaces. There is now a new project, called DNS4EU, ie “DNS for the European Union”. The goal ? Have a sovereign DNS resolver, controlled by the EU.
The DNS (acronym of Domain Name System) is crucial to bring the Internet user to his destination on the web. It works like a directory, to tell which IP address is attached to this or that site. Clearly, the DNS resolver must answer a simple question: what is the path to get to this site? The resolver then consults its registers and returns the response: the IP address of the server on which the site is hosted.
Basically, computers and smartphones lock onto the DNS resolver provided by the Internet service provider of which the Internet user is a customer. But it is quite possible and legal to use an alternative service. There are several solutions, the main ones being American nationality. These include Google, Verisign, FDN, OpenNIC, OpenDNS, Cloudflare and Yandex.
A sovereign DNS resolver for Europe
It is in this context that this DNS resolver project emerges. A call for proposals was also launched on January 12, as Internet users let it be known on social networks. The project is not entirely new: it is mentioned in a document made public on December 16, 2020 on the EU cybersecurity strategy for the digital decade.
” DNS4EU will offer an alternative European service to access the global Internet. DNS4EU will be transparent, compliant with the latest security, data protection and privacy standards and rules by design and by default“, was it announced then. This will be aimed at the public, administrations and businesses.
The European Commission considers this development necessary for two reasons. The first is to have a sovereign solution, without depending on a foreign third party. ” People and organizations in the EU increasingly depend on a few public DNS resolvers operated by non-EU entities “, noted Brussels at the end of 2020.
The second reason concerns the resilience of the Internet. Clearly, this is to provide redundancy to an environment that is confronted with computer threats of various kinds, but also with occasional unavailability due to a breakdown. We also perceive what this can cause in the event of a DNS resolver failure: many Internet users find themselves in difficulty.
The ” consolidation of DNS resolution in the hands of a few companies makes the resolution process itself vulnerable in the event of major events affecting a major provider, and makes it more difficult for EU authorities to deal with possible cyberattacks attacks and major geopolitical and technical incidents “, was it added.
A first envelope of 14 million euros is planned as part of this call for proposals, led by the European Executive Agency for Health and Digital (HaDEA). A descriptive sheet lists everything that should be expected from this DNS4EU, particularly in terms of availability and performance, but also compliance with European legislation.
What does the European resolver DNS4EU promise?
Thus, this DNS4EU will have to take into account the filtering of web addresses leading to illegal content (such as the apology of terrorism, child pornography, betting sites without approval, piracy sites, etc.), “ based on applicable legal requirements in the EU or national jurisdictions (e.g. based on court decisions), in full compliance with EU rules “. These filters will be mandatory.
Other optional filters could be offered elsewhere, under the control of Internet users this time. These barriers, which can be activated on a case-by-case basis, i.e. computer by computer (or household by household, via the box), would, for example, make it possible to hide pornographic content on devices to which minors have access. Similar optional filters could be added later, on peripheral subjects (gambling, for example).
It is also requested that DNS4EU be accessible to the widest public. Clearly the interface for accessing it and configuring the DNS should be very simple, including for an audience that is not a specialist, even if it means providing written guides and accompanying videos. A dedicated site with an adequate URL must also be set up. DNS4EU must also be compatible with as many devices and operating systems as possible.
Data protection, filtering, ease of use, high availability…
Another effect of a sovereign DNS resolver is that data and metadata will be processed and stored according to EU rules, in a transparent manner. “. There will be no monetization of personal data. The potential use of aggregated data (e.g. for cybersecurity analysis) should be specified and made transparent “, is it specified.
The infrastructure will finally have to be compliant with the latest security and privacy standards, where more or less well-known acronyms like HTTPS, DNSSEC, DoT, DoT, which will not necessarily speak not to the general public, but more to specialists. Finally, DNS4EU must “be fully IPv6 compliant”. Still happy, because it’s the new web address system.
