Re: Summary of the LLMNR Last Call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In message <87y85swcwc.fsf@xxxxxxxxxxxxxxxxxxxxx>, Russ Allbery writes:
>Bernard Aboba <aboba@xxxxxxxxxxxxx> writes:
>
>> b. Confusion between security issues and namespace separation.  In
>> peer-to-peer name resolution protocols, it is possible for a responder
>> to demonstrate ownership of a name, via mechanisms such as DNSSEC.  It
>> is also possible for a responder to demonstrate membership in a trusted
>> group, such as via TSIG or IPsec.  If DNSSEC is available, spoofing
>> attacks are not possible, and querying for FQDNs does not expose the
>> sender to additional vulnerabilities.  Both the mDNS and LLMNR
>> specifications agree on this point.
>
>We agree that home burglary is a serious problem.  This is why we
>recommend that everyone hire an armed guard for their house.  If your
>house is monitored by armed guards, burglary is very unlikely.  Given that
>there is an effective security mechanism available, there's really no need
>to consider simple deterrants that won't provide true security.
>
DNSsec is very important for other reasons, such as the current 
pharming attacks.  The risks have been known in the security community 
since at least 1991, and publicly since at least 1995.  The long-
predicted attacks are now happening.  We really need to get DNSsec
deployed, independent of mDNS or LLMNR.  Given that there is now some 
forward progress on DNSsec, it's not at all unreasonable for either or 
both of those specs to rely on it to solve some of their particular 
security risks.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb



_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]