Re: Summary of the LLMNR Last Call

Margaret Wasserman <margaret@thingmagic.com> Mon, 19 September 2005 00:12 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EH9Gb-0003nz-Gi; Sun, 18 Sep 2005 20:12:17 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EH9GY-0003nr-Ed; Sun, 18 Sep 2005 20:12:14 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA03874; Sun, 18 Sep 2005 20:12:13 -0400 (EDT)
Received: from [204.9.221.21] (helo=thingmagic.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EH9M3-000626-Kh; Sun, 18 Sep 2005 20:17:56 -0400
Received: from [66.30.121.250] (account margaret HELO [192.168.2.2]) by thingmagic.com (CommuniGate Pro SMTP 4.1.8) with ESMTP-TLS id 523123; Sun, 18 Sep 2005 20:13:38 -0400
Mime-Version: 1.0
Message-Id: <p06200722bf53b19e14e4@[192.168.2.2]>
In-Reply-To: <20050918225529.3CE34324002@relay5.apple.com>
References: <20050918225529.3CE34324002@relay5.apple.com>
Date: Sun, 18 Sep 2005 20:12:00 -0400
To: Stuart Cheshire <cheshire@apple.com>, <ietf@ietf.org>
From: Margaret Wasserman <margaret@thingmagic.com>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc: namedropers@ops.ietf.org, iesg@ietf.org
Subject: Re: Summary of the LLMNR Last Call
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

At 3:55 PM -0700 9/18/05, Stuart Cheshire wrote:
>mDNS takes the approach
>that local lookups should be distinguishable from global lookups and
>accomplishes this through the use of a special local domain (.local).

This claim is one of the bits of misinformation that seems to be spread
about mDNS for some reason. It's repeated so often that people who
haven't read the draft assume it's true.

[...]

>    (14. Enabling and Disabling Multicast DNS)
>
>    The option to fail-over to Multicast DNS for names not ending
>    in ".local." SHOULD be a user-configured option, and SHOULD
>    be disabled by default because of the possible security issues
>    related to unintended local resolution of apparently global names.

Okay.  Please feel free to insert "In it's recommended default 
configuration" in whatever place is appropriate to make my statement 
more accurate.

Regardless of what is specified in mDNS, my point stands that several 
members of the community raised technical (security) and 
philosophical (application transparency) issues with the model used 
by LLMNR.  Perhaps they would have the same concerns about this 
optional feature in mDNS, but that is not my concern at the moment.

Margaret

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf