Google Public DNS now supports Ed25519

691 views
Skip to first unread message

Adolfas Lapsys

unread,
Sep 4, 2018, 1:53:51 PM9/4/18
to public-dn...@googlegroups.com
We are pleased to announce that Google Public DNS now supports authentication of DNS data using Ed25519 keys and signatures (as specified in RFC 8080).

Try it out for yourself by running the following:
dig +dnssec -t AAAA ed25519.nl @publicdns.goog

You should see AD (Authenticated Data) bit set in the response flags:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12655
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

If your current DNS resolver is Google Public DNS, you can also verify this by going to the automated DNSSEC test at https://rootcanary.org/test.html and waiting for the ED25519 column to turn green:

Screen Shot 2018-09-04 at 1.27.02 PM.png

Happy Secure Browsing,
Google Public DNS Team
Reply all
Reply to author
Forward
0 new messages