[Cryptography] Certificates and PKI

Christian Huitema huitema at huitema.net
Mon Dec 29 21:52:21 EST 2014

On 28 December 2014 at 15:05, Viktor Dukhovni <cryptography at dukhovni.org>
> On Sat, Dec 27, 2014 at 12:22:21PM -0500, Paul Wouters wrote:
>> As someone told me offline, qname minimalization actually solves this
>> problem.
> This had occured to me, but there are some issues:
>     * With "_<port>._<proto>.mxhost.example.com" one might
>       now need to make 5 queries instead of 3, unless there
>       is way to "tune" minimization.  I am concerned about the
>       impact on latency.

There is indeed a way to tune QName minimization, which is to "follow the
zone cuts." From

   To do such minimisation, the resolver needs to know the zone cut
   [RFC2181].  There is not a zone cut at every label boundary.  If we
   take the name www.foo.bar.example, it is possible that there is a
   zone cut between "foo" and "bar" but not between "bar" and "example".
   So, assuming the resolver already knows the name servers of .example,
   when it receives the query "What is the AAAA record of
   www.foo.bar.example", it does not always know if the request should
   be sent to the name servers of bar.example or to those of example.
   [RFC2181] suggests a method to find the zone cut (section 6), so
   resolvers may try it.

Implementations could assume that algorithmically derived names like
"_<port>._<proto>.mxhost.example.com" are in the same zone as
"mxhost.example.com." The cost of being wrong is not all that high. The
protocol ID will leak, but that can in most cases be already inferred from
the host name.

-- Christian Huitema

More information about the cryptography mailing list