The Internet Engineering Task Force (IETF), is developing in an experimental stage a new protocol DNS called DANE. The new protocol will be able to hide email addresses in DNS records.
DANE, or DNS-Based Authentication of Named Entities, is a new protocol originally developed to allow TLS / SSL certificates to be associated with DNS (Domain Name System Security Extensions) DNS records.
When first introduced, DANE is supposed to help browsers verify whether a TLS / SSL certificate contained a valid CA certificate by checking a specific DNS record field.
The protocol, which is still experimental and under continuous development by the IETF, appears to add an additional feature protectionof privacy that will allow domain providers to hide email addresses.
As the Register says, the IETF team has decided to add this capability to the DANE protocol, which means that once the e-mail addresses are released, they will appear in hashed format () encrypted) in the DNS record results.
This reduces the chance of hijacking the domain as it will not display an email address in plain text format to the attacker.
Of course, we should mention that the hashed message e-mail can still be hacked and reveal the real e-mail, but the attacker would have to have the skills and knowledge to do so. So the new protocol comes to add another layer of security to our privacy.
But we have to wait for development and testing to be completed.
