Open-Xchange awarded grant to further develop privacy and trust enhancing technologies

May 5, 2020

industry_news_blog

Open-Xchange is committed to a borderless internet that is open, safe and free, allowing users to protect their data and privacy. To achieve this, we develop tried and trusted, open source-based products that can be used by the community, as well as form the basis of our commercial solutions for the world’s leading service and hosting providers as well as telco companies. In this way, they can, for example, run DNS services with the necessary data privacy benefits for their customers. Now, Open-Xchange has been awarded a grant as part of the European Next Generation Internet initiative (NGI) by the Dutch NLnet Foundation for the implementation of a number of privacy enhancements.

The NLnet Foundation awards these grants as part of the European Next Generation Internet initiative for organizations that come up with solutions that contribute to an ‘open information society’ – in this particular case, NLnet focused on privacy and trust enhancing technologies. With this in mind it called for contributors that help making the internet, and technologies built with and for the internet, more privacy friendly. Many of those technologies play an important part in all our daily lives but weren’t designed primarily with privacy and data security in mind.

Open-Xchange applied for this grant with the goal of enhancing the availability of open, trustworthy, privacy respecting DNS resolvers in such a way that it allows any DNS provider, operator, or user to provide encrypted DNS services. By doing so, Open-Xchange allows every user to choose a DNS resolver they trust and is located in their own jurisdiction. This includes the development of important privacy enhancing features of DNSdist and PowerDNS resolvers that encrypt the entire DNS-chain (from client, to caching-resolver, to authoritative nameserver). In this way, we can ensure that both the PowerDNS community versions, as well as the commercial PowerDNS solutions, will be ready for implementation by network operators and (third-party) DNS providers, allowing them to offer privacy-respecting DNS services based on an open source ecosystem.

A critical part of this project focuses on further optimizing the DNS over HTTPS (DoH) and DNS over TLS (DoT) capabilities of DNSdist. In addition, we are planning for the PowerDNS resolver to support even more privacy features. It already comes with malware filtering, as well as dynamic protection against subscriber originated issues, runaway traffic from high-bandwidth customers and denial-of-service (DoS) attacks. In the course of this initiative, we will add Qname minimization to prevent leakage of extraneous query information to authoritative servers. We are also developing EDNS(0) padding, both for answers towards the authoritative server as well as for answers back to the client. Finally, in line with the DNS encryption measures mentioned above, PowerDNS recursors will be able to encrypt outgoing queries towards authoritative servers.

If you would like to know more about this initiative and our plans for more secure and privacy-friendly internet services, please get in touch. We can also provide further details about PowerDNS and DNSdist, if you would like to learn more.

About the author

The Editorial Team

The Editorial Team

Open-Xchange news and announcements

Related Articles

Open-Xchange launches partnership with Nextcloud

Collaborate to deliver enterprise-grade email backend support option to the wider Roundcube community Roundcube’s enterprise...

Chris Holder Aug 9, 2024

NEUBOX and Open-Xchange partner to deliver global AI first

Launches innovative AI-powered email services into the Mexican market. NEUBOX – the largest Hosting provider and one of the...

Chris Holder Jan 24, 2024

Customer Focus: Yvan Knapp, Chief Strategy Officer at Hostpoint

Hostpoint has been shaping the internet in Switzerland since 2001 and is now the country’s largest web hosting provider and...

Chris Holder Oct 5, 2023

PowerDNS brings encrypted DNS capabilities onto routers for the...

Helps protect confidentiality and integrity of traffic in the first mile CPE (customer premise equipment) manufacturers,...

Chris Holder Jul 5, 2023