On 1-sep-2005, at 15:14, Tony Finch wrote:
If I have a name that I'm certain I own (this box is, with high
certainty, the
only one in the world named HALVESTR-W2K02.emea.cisco.com), LLMNR
allows me to
assert that name on a LAN even when the DNS is not available, or
when that
name is not currently asserted in the DNS.
This kind of naming is not possible for ad-hoc networks without
Internet
connectivity and without any domain name registration.
Apparently, LLMNR tries to remedy this situation by making it
possible. However, the protocol doesn't address the issue of name
ownership. We actually have protocols that assert name ownership more
or less as a by product: x.509 and the like.
An LLMNR that requires responders to have an x.509 certificate for
the name they're claiming to hold would at least solve this issue.
Obviously such a protocol would be utterly useless in any kind of
unmanaged environment where local lookups are most needed.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf