Hello, welcome to the Thursday, September 1st, 2022 edition of the Sands and at Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

I wrote a brief diary earlier today about a little bit newer DNS feature QName minimization.

Typically, when one thinks about recursive DNS servers,

and that's probably what I sort of learned in school,

they will first send a query for the host name.

They're trying to resolve to the root or top-level domain servers,

but, well, these servers do not really need the full host name.

In 2016, RFC 7816 was introduced and last year we got an update for it, RFC 956.

The process described by these RFCs is called DNS query name or short Q name minimizations.

DNS servers will no longer send the entire host name to the higher up name service.

Instead, they're sending the name in part only and are replacing the host name with an underscore.

Underscores, of course, have often been sort of used as a placeholder, more or less,

because they're not actually valid in host names.

This obscures the full name from these root and top-level DNS servers.

In the past, we have had cases where ISPs and such operating these name servers did collect data in front of in particular some of the root name servers, also security companies and such.

I've seen Bind use this for a bit now.

It also helps with some caching efficiency. Other DNS servers

are possibly implementing it too, so if you see these queries, they're perfectly normal. Let me

know what name servers you do see implementing this. And Apple today released iOS 1256. iOS 12 is the latest version of iOS

supported by iPhones 6 and older, as well as iPads of the same generation. This update fixes

the already exploited WebKit vulnerability, CVE 2022-894.

...