EU wants to build its own DNS infrastructure with built-in filtering capabilities

DNS

The European Union is interested in building its own recursive DNS service that will be made available to EU institutions and the general public for free.

The proposed service, named DNS4EU, is currently in a project planning phase, and the EU is looking for partners to help build a sprawling infrastructure to serve all its current 27 member states.

EU officials said they started looking into an EU-based centrally-managed DNS service after observing consolidation in the DNS market around a small handful of non-EU operators.

“The deployment of DNS4EU aims to address such consolidation of DNS resolution in the hands of few companies, which renders the resolution process itself vulnerable in case of significant events affecting one major provider,” officials said in the DNS4EU infrastructure project revealed last week.

But EU officials said that other factors also played a role in their decision to build DNS4EU, including cybersecurity and data privacy.

DNS4EU to include powerful filtering capabilities

The EU said that DNS4EU would come with built-in filtering capabilities that will be able to block DNS name resolutions for bad domains, such as those hosting malware, phishing sites, or other cybersecurity threats.

This filtering capability would be built using threat intelligence feeds provided by trusted partners, such as national CERT teams, and could be used to defend organizations across Europe from common malicious threats.

It is unclear if DNS4EU usage would be mandatory for all EU or national government organizations, but if so, it would grant organizations like CERT-EU more power and the agility it needs to block cyber-attacks as soon as they are detected.

In addition, EU officials also want to use DNS4EU’s filtering system to also block access to other types of prohibited content, which they say could be done based on court orders. While officials didn’t go into details, this most likely refers to domains showing child sexual abuse materials and copyright-infringing (pirated) content.

The EU said the proposed DNS4EU system would also have to comply with all data processing laws, such as the GDPR, ensure that domain name resolution data is processed in Europe, and prohibit the sale or monetization of any personal data.

As for the technical details, DNS4EU would also have to support all modern DNS standards and technologies, such as DNSSEC, DoT, DoH, and also be IPv6 compliant.

Once launched, officials said the service would be available to anyone, including the private sector and home consumers, and not just for public institutions.

The company or companies that will be selected to build DNS4EU will also be tasked with creating and running a website with instructions on how users could modify their devices’ DNS settings to use DNS4EU servers for name resolutions.

The post EU wants to build its own DNS infrastructure with built-in filtering capabilities appeared first on The Record by Recorded Future.

Article Link: EU wants to build its own DNS infrastructure with built-in filtering capabilities - The Record by Recorded Future