Re: [dnssd] Stephen Farrell's No Objection on draft-ietf-dnssd-requirements-05: (with COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 17 March 2015 20:28 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80C1F1A8893; Tue, 17 Mar 2015 13:28:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id anUFpthwjzlw; Tue, 17 Mar 2015 13:28:33 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45B101A1B6B; Tue, 17 Mar 2015 13:28:33 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 09911BE35; Tue, 17 Mar 2015 20:28:32 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v5hTY6o6kGmg; Tue, 17 Mar 2015 20:28:30 +0000 (GMT)
Received: from [10.87.48.73] (unknown [86.46.20.71]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id C2DE7BDD8; Tue, 17 Mar 2015 20:28:30 +0000 (GMT)
Message-ID: <55088E6E.6010904@cs.tcd.ie>
Date: Tue, 17 Mar 2015 20:28:30 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Tom Pusateri <pusateri@bangj.com>
References: <20150310230433.13239.32024.idtracker@ietfa.amsl.com> <2C1D6897-BE72-4902-97A6-C5C6943B1EF7@gmail.com> <5508876F.9030904@cs.tcd.ie> <FD08CA4F-D429-4BCF-A9FE-E0BFFD62A9DD@bangj.com>
In-Reply-To: <FD08CA4F-D429-4BCF-A9FE-E0BFFD62A9DD@bangj.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnssd/71orZIZPbVvXub7bDDOogDlkduI>
Cc: dnssd-chairs@ietf.org, draft-ietf-dnssd-requirements.all@ietf.org, dnssd@ietf.org, Chown Tim <tjc@ecs.soton.ac.uk>, Ralph Droms <rdroms.ietf@gmail.com>, The IESG <iesg@ietf.org>
Subject: Re: [dnssd] Stephen Farrell's No Objection on draft-ietf-dnssd-requirements-05: (with COMMENT)
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 20:28:34 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hiya, On 17/03/15 20:25, Tom Pusateri wrote: > I'm not sure I understand your scenario. > > Clients issue searches in the form of unicast DNS queries to DNS > servers (or proxies). This is the same as with wide-area bonjour. > Only now, this may cause the proxies to issue their own multicast > queries on a local network in order to ensure their cache is > current. The original client's searches are never broadcast further > than they were before. A bad actor would have to intercept the > unicast queries from the client (which may be TLS encoded). To do > this, the bad actor must have compromised some network device to do > this. So I don't think the above is clear from the requirements draft, which is all I've so far read. It may be clear later that there's no significant new threat in this respect due to a specific design having been adopted, and if so that's good. S. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVCI5uAAoJEC88hzaAX42if+kH/162SKw51bx/T1hp25ey5aQ2 pJm9GRCnVjEuvF4UqOmaybeG6GE/CfI+r3cpH8xpxBbBT64HTw89/Ww1hzYX9suu nEDaOjocCADuPIOYItG0m+LoPWpx4NOVwiu7/MC/8wXBH25SbhNjGm/PwCmTVhrA uI6vQLoQryS+M1IxZIqAYoRM9TEFjrMnOWm6XwsrYzzheRiKFTUO/u33c9W1Ic+B tljQTWQ4sDhVPLHnJ1d4NH1to2RN8WSt1tedgtwfRK9ZCC6YuRTf/Qo33AW5wDJW tWV74yeIMANRR4Lp48KXuUV/AaiQTw5/CNDt1Ug9hNQ3dLJqA25A5zI5oq3nZ+s= =CK7A -----END PGP SIGNATURE-----
- Re: [dnssd] Stephen Farrell's No Objection on dra… Douglas Otis
- Re: [dnssd] Stephen Farrell's No Objection on dra… Ralph Droms
- Re: [dnssd] Stephen Farrell's No Objection on dra… Ralph Droms
- Re: [dnssd] Stephen Farrell's No Objection on dra… Tom Pusateri
- Re: [dnssd] Stephen Farrell's No Objection on dra… Tom Pusateri
- Re: [dnssd] Stephen Farrell's No Objection on dra… Douglas Otis
- Re: [dnssd] Stephen Farrell's No Objection on dra… Tom Pusateri
- Re: [dnssd] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [dnssd] Stephen Farrell's No Objection on dra… Tom Pusateri
- Re: [dnssd] Stephen Farrell's No Objection on dra… Ralph Droms
- Re: [dnssd] Stephen Farrell's No Objection on dra… Stephen Farrell
- Re: [dnssd] Stephen Farrell's No Objection on dra… Douglas Otis
- Re: [dnssd] Stephen Farrell's No Objection on dra… Douglas Otis
- Re: [dnssd] Stephen Farrell's No Objection on dra… Douglas Otis
- [dnssd] Stephen Farrell's No Objection on draft-i… Stephen Farrell
- Re: [dnssd] Stephen Farrell's No Objection on dra… Douglas Otis
- Re: [dnssd] Stephen Farrell's No Objection on dra… Kerry Lynn