The Internet Engineering Task Force (IETF) is experimenting with a new DNS protocol called DANE. The new protocol will be able to hide the email addresses in the DNS records.
DANE, or DNS-Based Authentication of Named Entities, is a new protocol originally developed to allow TLS / SSL certificates to be associated with DNS (Domain Name System Security Extensions) DNS records.
When it was first introduced, DANE was supposed to help browsers verify if a certificate TLS/SSL contained a valid CA certificate by checking a special field of the DNS record.
The protocol, which is still in an experimental stage and under constant development by the IETF, seems to add an additional feature privacy policy that will allow domain providers to hide email addresses.
As the Register reports, the team του IETF αποφάσισε να προσθέσει αυτή τη δυνατότητα στο πλάνο εργασίας του πρωτοκόλλου DANE, κάτι που σημαίνει ότι μόλις κυκλοφορήσει οι διευθύνσεις ηλεκτρονικού ταχυδρομείου θα εμφανίζονται σε hashed μορφή ()κρυπτογραφημένα) στα Results DNS records.
This reduces the chance of hijacking the domain as it will not display an email address in plain text format to the attacker.
Let's say of course that the hashed email can still be violated and reveal the actual e-mail, but the attacker should have the skills and knowledge to do it. So the new protocol is adding another safety valve to our privacy.
But we have to wait for development and testing to be completed.
