%% You should probably cite draft-arkko-dns-confidential-02 instead of this revision. @techreport{arkko-dns-confidential-01, number = {draft-arkko-dns-confidential-01}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-arkko-dns-confidential/01/}, author = {Jari Arkko and Jiri Novotny}, title = {{Privacy Improvements for DNS Resolution with Confidential Computing}}, pagetotal = 22, year = ** No value found for 'doc.pub_date.year' **, month = ** No value found for 'doc.pub_date' **, day = ** No value found for 'doc.pub_date.day' **, abstract = {Data leaks are a serious privacy problem for Internet users. Data in flight and at rest can be protected with traditional communications security and data encryption. Protecting data in use is more difficult. In addition, failure to protect data in use can lead to disclosing session or encryption keys needed for protecting data in flight or at rest. This document discusses the use of onfidential Computing, to reduce the risk of leaks from data in use. Our example use case is in the context of DNS resolution services. The document looks at the operational implications of running services in a way that even the owner of the service or compute platform cannot access user-specific information produced by the resolution process.}, }