On 1-sep-2005, at 20:08, Harald Tveit Alvestrand wrote:
I see naming as 3 parts:
- I pick a name - I assert that the name belongs to me - You choose to believe it (or not).
With DNS names, "I pick a name" involves seeing which names are free in a DNS zone I have a relationship to (which may be dyndns.org, for instance), and doing the admin steps to reserve it. "I assert" involves me putting it into a DNS zone, and loading that zone onto a DNS server, where you'll presumably pick it up. "You choose" in the DNS case is because you believe (presumably) in the chain of servers between you, the root node and the authoritative server for my domain; in the LLMNR *or* mDNS case, it would be "because he's here and he says so".
What I'm missing in this story is how the application finds out who said so. So either you need to allow "Harald said so" for all applications or for none of them. That is not good.
This could be backed up with certificates if you wanted to, of course.
Actually, it couldn't, as there is no provision for this in LLMNR.
The difference between LLMNR and mDNS here seems to be that mDNS *requires* me to use two different names in the two different cases; LLMNR, while it certainly *permits* me to do so, does not *require* it.
This is descending into a philosophical debate... "what's in a name".......
Here's a philosophical question for you: is it right to force a philosophy on people? The trouble with LLMNR is that it has lots of repercussions for applications that don't want it, links that don't want it (that one is true for mDNS as well) and even server operators that don't want it.
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf