IETF Logo Mail Archive

Re: [dhcwg] DHCP Option for CableLabs Client Configuration

Erik Nordmark <Erik.Nordmark@sun.com> Mon, 05 August 2002 05:14 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA22363 for <dhcwg-archive@odin.ietf.org>; Mon, 5 Aug 2002 01:14:29 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id BAA08955 for dhcwg-archive@odin.ietf.org; Mon, 5 Aug 2002 01:15:41 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id BAA06089; Mon, 5 Aug 2002 01:11:34 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id BAA06040 for <dhcwg@optimus.ietf.org>; Mon, 5 Aug 2002 01:11:31 -0400 (EDT)
Received: from patan.sun.com (patan.Sun.COM [192.18.98.43]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA22287 for <dhcwg@ietf.org>; Mon, 5 Aug 2002 01:10:18 -0400 (EDT)
Received: from bebop.France.Sun.COM ([129.157.174.15]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id XAA27435; Sun, 4 Aug 2002 23:11:22 -0600 (MDT)
Received: from lillen (punchin-nordmark.Eng.Sun.COM [192.9.61.11]) by bebop.France.Sun.COM (8.11.6+Sun/8.10.2/ENSMAIL,v2.2) with SMTP id g755B8g22791; Mon, 5 Aug 2002 07:11:09 +0200 (MEST)
Date: Mon, 05 Aug 2002 07:09:11 +0200
From: Erik Nordmark <Erik.Nordmark@sun.com>
Reply-To: Erik Nordmark <Erik.Nordmark@sun.com>
Subject: Re: [dhcwg] DHCP Option for CableLabs Client Configuration
To: Paul Duffy <paduffy@cisco.com>
Cc: Erik Nordmark <Erik.Nordmark@sun.com>, Josh Littlefield <joshl@cisco.com>, Thomas Narten <narten@us.ibm.com>, "Bernie Volz (EUD)" <Bernie.Volz@am1.ericsson.se>, 'Ralph Droms' <rdroms@cisco.com>, dhcwg@ietf.org, nrussell@cisco.com, pgrossma@cisco.com, Matt Osman <M.Osman@cablelabs.com>
In-Reply-To: "Your message with ID" <4.3.2.7.2.20020803003222.042cca10@funnel.cisco.com>
Message-ID: <Roam.SIMC.2.0.6.1028524151.2333.nordmark@bebop.france>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET="US-ASCII"
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: <dhcwg.ietf.org>
X-BeenThere: dhcwg@ietf.org

> >How does this relate to
> >         RFC 2826 IAB Technical Comment on the Unique DNS Root.
> 
> Erik, how exactly does a non standard DNS port violate the unique root ?

I asked that question with the hope the proponents would think about
it carefully. Seems like that failed :-)

It seems to me that the DNS as we know it operates on a well-know
port. Being able to run something using the DNS protocol but
a different port number sounds like being able to run
a different naming system with potentially a different root.

> Security is not Cablelab's primary argument here (recall it was #3 in the 
> previous email).  The primary argument is to provide flexibility to our 
> customers.

But ignoring the testing argument (which is an argument
for an experimental RFC and not a standard IMHO)
the remaining arguments are:
>2. Some MSO's may decide to deploy DNS on non standard ports.  Its a
>flexibility issue.
>3. Not using a standard port makes it slightly less prone to attack by
>script kiddies.

#2 doesn't state why folks see this need. One possibility is
definitely walled gardens and in general using a different DNS
tree than the rest of us. I've yet to see any other concrete reason
for this (and I don't buy flexibility for its own sake).

And #3 is just security through obscurity which we IMHO have no
business promoting in our standards.

  Erik


_______________________________________________
dhcwg mailing list
dhcwg@ietf.org
https://www1.ietf.org/mailman/listinfo/dhcwg

v2.23.0 | Report a Bug | By Email