Providing privacy enhanced resolution system in the domain name system
First Claim
1. A non-transitory computer-readable medium encoded with instructions that, when executed on a processor, perform a method of minimizing the disclosure of a domain name contained in a DNS query, the method comprising:
- determining a first label and a second label associated with a domain name included in a DNS query;
generating a false label;
querying a first nameserver for a first internet protocol address associated with the first label and the false label without revealing information related to the second label by removing information related to the second label from the DNS query, wherein the first nameserver is a root nameserver;
receiving a response from the first nameserver, the response including the first internet protocol address directing a resolver to a second nameserver; and
querying the second nameserver for a second internet protocol address associated with the first label and the second label.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus and a non-transitory computer-readable medium may perform a method of minimizing the disclosure of a domain name contained in a DNS query. The method may include: determining a first label and a second label associated with a domain name included in a DNS query; querying a first nameserver for the first label without revealing the second label to the first nameserver; receiving a response from the first nameserver directing a resolver to a second nameserver; and querying the second nameserver for the first label and the second label.
16 Citations
20 Claims
-
1. A non-transitory computer-readable medium encoded with instructions that, when executed on a processor, perform a method of minimizing the disclosure of a domain name contained in a DNS query, the method comprising:
-
determining a first label and a second label associated with a domain name included in a DNS query; generating a false label; querying a first nameserver for a first internet protocol address associated with the first label and the false label without revealing information related to the second label by removing information related to the second label from the DNS query, wherein the first nameserver is a root nameserver; receiving a response from the first nameserver, the response including the first internet protocol address directing a resolver to a second nameserver; and querying the second nameserver for a second internet protocol address associated with the first label and the second label. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium encoded with instructions that, when executed on a processor, perform a method of minimizing the disclosure of a domain name contained in a DNS query, the method comprising:
-
determining a first label and a second label associated with a domain name included in a DNS query; generating a false label; querying a first nameserver for first address information associated with the first label and the false label without revealing the second label to the first nameserver by removing information related to the second label from the DNS query; receiving a response from the first nameserver including the first address information, the first address information directing a resolver to a second nameserver; and querying the second nameserver for second address information associated with the first label and the second label. - View Dependent Claims (10, 11, 12, 13)
-
-
14. An apparatus for minimizing the disclosure of a domain name contained in a DNS query, comprising:
-
a memory; and a processor communicatively coupled to the memory, the processor being configured to; determine a first label and a second label associated with a domain name included in a DNS query; generating a false label; query a first nameserver for a first internet protocol address associated with the first label and the false label without revealing the second label to the first nameserver by removing information related to the second label from the DNS query; receive a response from the first nameserver including the first internet protocol address, the first internet protocol address directing a resolver to a second nameserver; and query the second nameserver for a second internet protocol address associated with the first label and the second label. - View Dependent Claims (15, 16, 17)
-
-
18. A non-transitory computer-readable medium encoded with instructions that, when executed on a processor, perform a method of minimizing the disclosure of a domain name contained in a DNS query, the method comprising:
-
determining a first label and a second label associated with the domain name included in the DNS query; generating a false label; querying a first nameserver associated with the first label and the false label for a first nameserver name without revealing information related to the second label by removing information related to the second label from the DNS query; receiving a response from the first nameserver, the response including the first nameserver name; and querying a second nameserver associated with the first nameserver name for a second nameserver name associated with the first label and the second label. - View Dependent Claims (19, 20)
-
Specification