On Thu, 1 Sep 2005, Harald Tveit Alvestrand wrote: > > LLMNR allows me to treat names in a different way than mDNS does. > If I have a name that I'm certain I own (this box is, with high certainty, the > only one in the world named HALVESTR-W2K02.emea.cisco.com), LLMNR allows me to > assert that name on a LAN even when the DNS is not available, or when that > name is not currently asserted in the DNS. This kind of naming is not possible for ad-hoc networks without Internet connectivity and without any domain name registration. On the other hand, even centrally-managed naming is vulnerable to LLMNR breakage. I have evidence (from MTA EHLO hostnames) that it is fairly common for organizations to make up domain names for their internal networks that do not currently exist but which may be delegated in the future, such as orgint.com or organization.int. This is pretty stupid, but it isn't disrecommended by Microsoft. http://support.microsoft.com/?id=254680 If a future product uses LLNMR instead of dynamic DNS they'll have a lot of unhappy customers who find their internal domain has been delegated since they chose their naming structure. > If we separate the concept of "name ownership" from "name assertion > mechanism", and regard the DNS as just one mechanism of name assertion, then > the problem reduces to "how do I prove that I have rights to the name", rather > than "what name should I assert". The delegation structure of DNS proves the right to a name. Tony. -- f.a.n.finch <dot@xxxxxxxx> http://dotat.at/ BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR GOOD. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf