Abstract

A common form of optimisation of DNS name resolution is for authoritative name servers to base their replies on the source IP address of the resolver in order to improve the performance of services in that namespace.

In this paper we explore a different approach, where the querying resolver
explicitly includes a hint in DNS queries, allowing nameservers to implement
optimisations based on hints supplied by the application resolving a DNS query.
Our solution differs in purpose and approach, since it explores user handles
from the services that own the nameservers as resolution hints,
and considers the resolver as explicitly involved in this process.
In particular, we explore the case where this hint is identity-related, and
discuss the security implications of such a use case.

Information

Conference: ISCC 2011 in Corfu, Greece