Bernard Aboba <aboba@xxxxxxxxxxxxx> writes: >> We agree that home burglary is a serious problem. This is why we >> recommend that everyone hire an armed guard for their house. If your >> house is monitored by armed guards, burglary is very unlikely. Given >> that there is an effective security mechanism available, there's really >> no need to consider simple deterrants that won't provide true security. > Not sure what this has to do with a link-scope resolution protocol > supporting name partitioning and DNSSEC. LLMNR provides a simple > deterrant in the case where security is available -- restricting the > names for which queries are sent. This is *exactly* the same mechanism > used by mDNS. It was a possibly too sarcastic way of pointing out that I don't think DNSSEC is an answer to this concern. The difference between LLMNR and mDNS is one that I think is important. This is a place where a SHOULD is the least that needs to be said, and a MAY is simply not strong enough, not only for security reasons, but partly for that. If you said MAY *if* DNSSEC or TSIG is used, SHOULD otherwise, I would be somewhat less concerned, but still dubious. > The NetBIOS and DNS names spaces have coexisted for more than two > decades without requiring exact matches, because they do not overlap. If LLMNR required that the namespaces not overlap, I believe that would address many (although not all) of the concerns that were raised here. > Similarly, "exact matches" can be ensured via security schemes such as > DNSSEC while permitting overlapping name spaces. Is .com signed yet? > *Both* the mDNS and LLMNR specifications agree on this point. The only > difference is that mDNS uses ".local" for partioning, while it is > suggested (but not required) that LLMNR implementations use single-label > names. That's a very important difference to me. -- Russ Allbery (rra@xxxxxxxxxxxx) <http://www.eyrie.org/~eagle/> _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf