End-users are concerned about protecting the privacy of their sensitive personal data that are generated while working on information systems. This extends to both the data they actively provide including personal identification in exchange for products and services as well as its related metadata such as unnecessary access to their location. This is when certain privacy-preserving technologies come into a place where Internet Engineering Task Force (IETF) plays a major role in incorporating such technologies at the fundamental level. Thus, this paper offers an overview of the privacy-preserving mechanisms for layer 3 (i.e. IP) and above that are currently under standardization at the IETF. This includes encrypted DNS at layer 5 classified as DNS-over-TLS (DoT), DNS-over-HTTPS (DoH), and DNS-over-QUIC (DoQ) where the underlying technologies like QUIC belong to layer 4. Followed by that, we discuss Privacy Pass Protocol and its application in generating Private Access Tokens and Passkeys to replace passwords for authentication at the application layer (i.e. end-user devices). Lastly, to protect user privacy at the IP level, Private Relays and MASQUE are discussed. This aims to make designers, implementers, and users of the Internet aware of privacy-related design choices.

翻译：终端用户关注保护其在信息系统操作过程中产生的敏感个人数据的隐私。这既涉及为获取产品和服务主动提供的身份识别数据，也涉及相关元数据（如不必要的定位信息访问）。当互联网工程任务组（IETF）在基础层面整合此类技术时，某些隐私保护技术便应运而生。本文综述了IETF当前正在标准化的第三层（即IP层）及以上层面的隐私保护机制，包括归类于第五层的加密DNS技术——DNS-over-TLS（DoT）、DNS-over-HTTPS（DoH）和DNS-over-QUIC（DoQ），其中QUIC等底层技术属于第四层。随后，我们讨论了Privacy Pass协议及其在生成私有访问令牌和通行密钥（Passkeys）中的应用，旨在替代密码实现应用层（即终端用户设备）的身份验证。最后，为保护IP层面的用户隐私，我们探讨了私有中继（Private Relays）和MASQUE协议。本文旨在使互联网的设计者、实施者和用户了解与隐私相关的设计选择。