At 02:08 PM 9/1/2005, Harald Tveit Alvestrand wrote:
--On 1. september 2005 14:14 +0100 Tony Finch <dot@xxxxxxxx> wrote:
LLMNR allows me to treat names in a different way than mDNS does.
If I have a name that I'm certain I own (this box is, with high
certainty, the only one in the world named
HALVESTR-W2K02.emea.cisco.com), LLMNR allows me to assert that name on a
LAN even when the DNS is not available, or when that name is not
currently asserted in the DNS.
This kind of naming is not possible for ad-hoc networks without Internet
connectivity and without any domain name registration.
it's certainly *possible* (if each participant has some relationship
to a domain name owner). The question is whether it's *desirable*.
I see naming as 3 parts:
- I pick a name
- I assert that the name belongs to me
- You choose to believe it (or not).
With DNS names, "I pick a name" involves seeing which names are free
in a DNS zone I have a relationship to (which may be dyndns.org, for
instance), and doing the admin steps to reserve it.
"I assert" involves me putting it into a DNS zone, and loading that
zone onto a DNS server, where you'll presumably pick it up.
These are the same issues I recall asking about when dynamic DNS was
being discussed/proposed. Any machine can make a claim they're
whomever they want to be, and that request to insert mapping gets
fired off to some distant DNS server who has no idea who the client
is. I recall being told that any authorization to use a particular
name was out of scope of the protocol. Thanking the person who told
me this, I've made it a point to disable dynamic DNS in all
envinronments since it's been available in running code. It's useless.
Now in the case of link local, it may or may not be useful for me to
claim my machine is www.paypal.com and siphon off the requests of
anyone dumb enough to listen to that. Or, perhaps, security
considerations really are worth reviewing, even in a link local environment.
"You choose" in the DNS case is because you believe (presumably) in
the chain of servers between you, the root node and the
authoritative server for my domain; in the LLMNR *or* mDNS case, it
would be "because he's here and he says so".
This could be backed up with certificates if you wanted to, of course.
The difference between LLMNR and mDNS here seems to be that mDNS
*requires* me to use two different names in the two different cases;
LLMNR, while it certainly *permits* me to do so, does not *require* it.
This is descending into a philosophical debate... "what's in a name".......
Or, "how easy is it to spoof a name, and get the guy sitting next to
me to fall for it."
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf