IETF Logo Mail Archive

Re: [dnssd] Stephen Farrell's No Objection on draft-ietf-dnssd-requirements-05: (with COMMENT)

Ralph Droms <rdroms.ietf@gmail.com> Tue, 17 March 2015 17:58 UTC

Return-Path: <rdroms.ietf@gmail.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57C1B1A8821; Tue, 17 Mar 2015 10:58:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ieie36TExYNG; Tue, 17 Mar 2015 10:58:15 -0700 (PDT)
Received: from mail-qc0-x22d.google.com (mail-qc0-x22d.google.com [IPv6:2607:f8b0:400d:c01::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFCA31A87E7; Tue, 17 Mar 2015 10:58:14 -0700 (PDT)
Received: by qcaz10 with SMTP id z10so16124401qca.1; Tue, 17 Mar 2015 10:58:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=krbJVDEjx0geIOfjFIrgZuw3kjEr6TltlB8zfq28gpU=; b=KIZdsgGyDOu3MP9GlRPtkBPfRVw6b0CtCw/sixz44iwhDbDqW22aIp/dZcIQqgvYD2 W0iORISwL5jXHDiVKSNY/ZyMkf8yt6NG60OsqDbLZSvguKZbWRvyLUyiFaP0dizmu8ND B0HSMDynYx876GIwY035496zAWKDDHgdNIwbfXeMOIC5UimazNX7aEq8iEgREd2aWb1u WYFK56Z+H1VO+Z1hVbX3/J1Dqi79TuaCItFMi6wWk8Z1Z7zaJKURuLn5tl6AZ7eqpo/P AWHVL3XvRQs4aCQ3Y+CWrUEW39KtMCrA9ZZ2lRIgG6LF12j6ldta1LmWwGPZOGOk3qh+ 9udg==
X-Received: by 10.140.150.149 with SMTP id 143mr87486792qhw.4.1426615094097; Tue, 17 Mar 2015 10:58:14 -0700 (PDT)
Received: from ?IPv6:2001:420:2c8b:1300:18e6:dc2d:e21b:8558? ([2001:420:2c8b:1300:18e6:dc2d:e21b:8558]) by mx.google.com with ESMTPSA id x10sm10068330qha.2.2015.03.17.10.58.13 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 17 Mar 2015 10:58:13 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: Ralph Droms <rdroms.ietf@gmail.com>
In-Reply-To: <80E11ACB-1AE9-479E-A36A-1610C0EF307A@gmail.com>
Date: Tue, 17 Mar 2015 13:58:11 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <AA84FD4B-1516-4CE5-BD00-5B0EC1CAC5EE@gmail.com>
References: <20150310230433.13239.32024.idtracker@ietfa.amsl.com> <83452A4F-D738-43D5-85FD-316B0DC8509F@gmail.com> <CABOxzu1Fq=O_4xtWUXFB82=fudhTE2Qd0FyD1wSRntsLaEiJiQ@mail.gmail.com> <9FC464C2-79E9-477D-9AFA-4C247F071677@gmail.com> <AAC2A111-A75E-48A5-8270-187DBBB109FB@bangj.com> <80E11ACB-1AE9-479E-A36A-1610C0EF307A@gmail.com>
To: Douglas Otis <doug.mtview@gmail.com>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnssd/LKXgic3_9uS-98yXw_s1JS0OCAg>
Cc: Kerry Lynn <kerlyn@ieee.org>, dnssd-chairs@ietf.org, draft-ietf-dnssd-requirements.all@ietf.org, dnssd@ietf.org, Chown Tim <tjc@ecs.soton.ac.uk>, The IESG <iesg@ietf.org>, Tom Pusateri <pusateri@bangj.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [dnssd] Stephen Farrell's No Objection on draft-ietf-dnssd-requirements-05: (with COMMENT)
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 17:58:19 -0000

Doug - Here is my summary of what I understand to be your concerns with draft-ietf-dnssd-requirements-05:

1) A change from link-scope mDNS SD to a larger scope may result in the existence and address of a device being made more widely available than currently expected.

2) Some devices and networks are incapable of defending themselves against unwanted access or other attacks once the address of the device to be attacked is known.

3) Use of RFC 4193 is a way to protect against attacks enabled by the increased scope of discovery envisioned by extended DNS-SD.

You expressed these concerns during WG development and review of draft-ietf-dnssd-requirements.  Tim and I judged the consensus of the WG to be in support of advancing the document to the IESG, based in part on the following analysis:

Points 1 and 2 are answered by the third paragraph of section 6.1.  For completeness, the last sentence of that paragraph might be extended to include "and protection against other forms of attack".

Point 3 tries to mandate a solution through a specific deployment mechanism and is, therefore, out of scope for a requirements document.  It may also be more broadly out of scope of the dnssd charter, which addresses just DNS-based service discovery and does not include mandating network deployment requirements as part of a solution.

If you do not agree that your concerns have been answered by this analysis, please state the basis for your continued concern, so that we can judge rough consensus on support for publication of the document.

- Ralph

v2.23.0 | Report a Bug | By Email