Domain Name Servers (DNS) are responsible for translating domain names from, for example, the URL of a webpage to an IP address.
Some users change the default DNS server to a custom one, such as those offered by Google (8.8.8.8 / 8.8.4.4) or CloudFlare (1.1.1.1 / 1.1.1.2). The main reasons are to obtain greater speed or reliability, or to avoid the filtering that certain providers may perform.
Now, the European Health and Digital Executive Agency (HaDEA) proposed a DNS infrastructure built and offered by the EU, called DNS4EU.
The deployment of DNS4EU aims to address this consolidation of DNS resolution in the hands of a few companies, which makes the resolution process itself vulnerable in the event of major events affecting a large provider.
Far from being a neutral domain server, the report indicates that DNS4EU would filter illegal content hosted on dangerous domains, such as malware, phishing sites, and other cybersecurity threats. Sites banned by court order can also be added to the filter.
DNS4EU would also have to comply with GDPR, ensuring that data is processed in Europe and that personal data cannot be sold or monetized.
As for the technical details, the document says it will have to support standards like DNS-over-TLS (DoT) or DNS-over-HTTPS (DoH).
Service infrastructure must comply with the latest security and privacy enhancement standards (e.g. HTTPS, DNSSEC), including DNS encryption (e.g. DNS over TLS (DoT) and DoH) and be fully IPv6 compliant
It doesn’t look like the EU intends to make this DNS infrastructure mandatory for use in the EU, as it said that guides will be made available to users to configure it on their own device.
It doesn’t even seem like a completely public service, as there will be “premium services to increase security (eg ad hoc filtering, monitoring, 24/7 support), tailored to specific industry needs.”