draft-ietf-dprive-start-tls-for-dns is a proposal before the IETF's DPRIVE WG for a way to protect the communication between DNS clients and servers, principally between stub resolvers and their upstream recursive resolvers.

Draft name was changed to draft-ietf-dprive-dns-over-tls when we dropped the upgrade-based (aka STARTTLS) mechanism from the draft.