Follow up, I considered the encryption of the whole questions and not just a part of that.. maybe this is the only difference. But it is good to know whether there is limitation in this regard. how long a string can be..?
Thanks, Hosnieh From: dns-privacy [mailto:[email protected]] On Behalf Of Guangqing Deng Sent: Friday, May 09, 2014 9:43 AM To: Wes Hardaker Cc: dns-privacy Subject: Re: [dns-privacy] On behalf of Apr 1st, here is a DNSE solution. Have you ever built a prototype of this draft and done some test? If so, what is the extra time delay caused by it compared with normal DNS resolving? Maybe that is another problem. _____ Guangqing Deng CNNIC From: Wes Hardaker <mailto:[email protected]> Date: 2014-05-09 11:06 To: Guangqing Deng <mailto:[email protected]> CC: Wes Hardaker <mailto:[email protected]> ; dns-privacy <mailto:[email protected]> Subject: Re: [dns-privacy] On behalf of Apr 1st, here is a DNSE solution. "Guangqing Deng" <[email protected]> writes: > Hi, Wes, I have a minor question about this draft. It is said in > section 2.1 of this draft that the encrypted "real" request (namely > the blob "EEEEEEEE" in this draft) is taken as the left-most label of > the new synthetic domain name (namely > "EEEEEEEEE.K1.example.org"). Since the length of a domain name label > is within 64, now I am wondering is it always possible to insert an > encrypted DNS request into one synthetic domain name as the left-most > label? No, certainly there are issues in general. There are maximum lengths not just for a label, but for the number of labels. So not only is there size constraints for the size of an individual label (and there are ways around that), but there are constraints on the number of labels we can use (and there is no way around some of those issues; You always have to append a suffix which means you're always reducing the maximum label count by the suffix length. Which in the above is 2). -- Wes Hardaker Parsons
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
