On Sep 1, 2005, at 15:17, Harald Tveit Alvestrand wrote:
--On torsdag, september 01, 2005 20:30:56 +0200 Iljitsch van Beijnum
<iljitsch@xxxxxxxxx> wrote:
"You choose" in the DNS case is because you believe (presumably) in
the chain of servers between you, the root node and the
authoritative server for my domain; in the LLMNR *or* mDNS case, it
would be "because he's here and he says so".
What I'm missing in this story is how the application finds out who
said
so. So either you need to allow "Harald said so" for all
applications or
for none of them. That is not good.
Yep.
In the DNS case, "the DNS server I asked said so".
In the LLMNR and mDNS case, "the machine that answered my multicast
said so".
Flight of imagination: DNSSEC-Signed records (with the SIG/KEY chain
in additional data?) would seem to be one possibility to "prove" that
the data being presented was "legitimate" under DNS delegation rules,
even when you don't have a present connection to the Internet.
My imagination doesn't fly far enough at this time of night to figure
out any relationship beteen a ".local" name and the term "legitimacy".
But it's late in the evening, so my imagination is not flying very far
- perhaps mDNS works because they deliberately abandoned the idea of
name ownership.
the TBDS work presumed a shared, common name space (the DNS as we know
it today) - where each node is "imprinted" with its FQDN
and is tagged w/ an x509 cert. The DNS delegations are signed. a
change w/ TBDS is that each node runs a DNS server, not just a
stub resolver. so it can ask questions and cache answers.... and when
it (the node) runs "into" an authoritative server for something
"higher"
in the heirarchy, it can "flush" the more specific data in favor of
the authoritative stuff. This does not prevent random nodes from
trying to
spoof being who they are not, but w/ the extra data (signed
delegations & x509 certs) the receiving node does have somewhat more
data
on which to evaluate the "viability" of any given reply ... With
TBDS, it is also possible to assert extensions to the namespace, but
they would
only be honoured by parties that share the same security/trust "hooks"
e.g. if we both know the "secret password" then our use of the
.piglet TLD
works.... for us. Others ignore these queries. mDNS seems to have
taken this idea but restricted it to a single extention, e.g. .local
(and yes, there are many fine minefields here, but the project ran
out of funding)
YMMV.
Harald
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf