Google Public DNS now supports Ed25519

Skip to first unread message

Adolfas Lapsys

Sep 4, 2018, 1:53:51 PM9/4/18
We are pleased to announce that Google Public DNS now supports authentication of DNS data using Ed25519 keys and signatures (as specified in RFC 8080).

Try it out for yourself by running the following:
dig +dnssec -t AAAA

You should see AD (Authenticated Data) bit set in the response flags:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12655
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

If your current DNS resolver is Google Public DNS, you can also verify this by going to the automated DNSSEC test at and waiting for the ED25519 column to turn green:

Screen Shot 2018-09-04 at 1.27.02 PM.png

Happy Secure Browsing,
Google Public DNS Team
Reply all
Reply to author
0 new messages