This is an old revision of the document!
Networking - DNS - Stubby
Stubby acts as a local DNS Privacy stub resolver (using DNS-over-TLS).
Stubby encrypts DNS queries sent from a client machine to a DNS Privacy resolver increasing end user privacy.
Stubby uses only DNS-over-TLS to provide privacy, it does not implement DNSCrypt.
NOTE: DNSCrypt is a method of authenticating communications between a DNS client and a DNS resolver.
It prevents DNS spoofing.
It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered with (the messages are still sent over UDP).
As a side effect it provides increased privacy because the DNS message content is encrypted.
It is an open specification but it has not been standardized by the IETF.