Specification for DNS over Transport Layer Security (TLS)

RFC 7858 defines DNS over TLS (DoT), a protocol for encrypting DNS queries and responses over a dedicated TLS connection on TCP port 853. Unlike DoH, DoT is a standalone protocol that allows network operators to observe DNS traffic volume while still protecting its content from interception.