I think the more precise details can be found in the IETF proposed draft, or in some of the referenced docs on the net.
Based loosely on my recollection (if your question was merely high level curiosity):
The entire body of the dictionary is hashed, and then the resulting hash is split into two sections. One portion is used to identify the dictionary to be fetched (or currently possessed?), and the other portion is used when compressed data arrives and needs to reference/identify the dictionary that compressed it. I *think* this strategy was used to minimally reduce the size of the referencing strings (uuencoded hash??), at the risk of an attack (confusing a dictionary which matched only half of the hash with the "real" dictionary)... but the whole protocol (historically) was used over HTTP (not HTTPS), so there was already no real tamper-resistance on the download channel.
When things moved to TLS (recently), I think they planned to mitigate such "confused dictionary" attacks by the fact that the client makes an authenticated connection to the server (to get the dictionary, or to get compressed data). ...but I wasn't very involved with the discussion.
Please read the spec if you need the details.
Hope that helps,
Jim