Foundation for Applied Privacy

Foundation for Applied Privacy is a non-profit privacy infrastructure provider based in Vienna, Austria. It operates privacy-enhancing services for the general public to protect privacy, freedom of expression and digital rights, thwart commercial tracking and mass surveillance, and promote secure communication. The DNS privacy service is hosted in Europe and does not offer DNS filtering; resolvers use data only from authoritative servers to protect user privacy.

• DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) support
• Public DoH endpoint: https://doh.applied-privacy.net/query
• DoT endpoint: dot1.applied-privacy.net (IPv4 146.255.56.98; IPv6 2a02:1b8:10:234::2; ports 443/853; TLSA available)
• No logging of IPs or DNS queries
• DNSSEC validation and RFC-based privacy features (QNAME minimisation, RFC7706 root hints, EDNS0 padding, EDNS0 TCP keepalive, TLSA records, etc.)
• TLS 1.2 and TLS 1.3 only; TLS session resumption; TCP Fast Open supported on DoH
• Guidance and client examples for DoH/DoT usage (Firefox, Chrome, Android, iOS)

• Privacy-centric DNS with no IP or query logging and a commitment to minimizing data exposure
• Europe-based hosting and governance, with services hosted in Vienna, Austria (EU)
• Support for modern security standards (DNSSEC validation, TLS 1.2/1.3, TLSA, EDNS0 options) and experimental initiatives to enhance encrypted DNS adoption
• Free public service designed to diversify the DNS resolver landscape and reduce dependence on a single provider
• Transparent operational model and active development wishlist for encrypted DNS technologies

• Free of charge; best-effort public service with no formal SLA