Re: Summary of the LLMNR Last Call

Margaret Wasserman <> Mon, 19 September 2005 00:12 UTC

Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1EH9Gb-0003nz-Gi; Sun, 18 Sep 2005 20:12:17 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1EH9GY-0003nr-Ed; Sun, 18 Sep 2005 20:12:14 -0400
Received: from (ietf-mx []) by (8.9.1a/8.9.1a) with ESMTP id UAA03874; Sun, 18 Sep 2005 20:12:13 -0400 (EDT)
Received: from [] ( by with esmtp (Exim 4.43) id 1EH9M3-000626-Kh; Sun, 18 Sep 2005 20:17:56 -0400
Received: from [] (account margaret HELO []) by (CommuniGate Pro SMTP 4.1.8) with ESMTP-TLS id 523123; Sun, 18 Sep 2005 20:13:38 -0400
Mime-Version: 1.0
Message-Id: <p06200722bf53b19e14e4@[]>
In-Reply-To: <>
References: <>
Date: Sun, 18 Sep 2005 20:12:00 -0400
To: Stuart Cheshire <>, <>
From: Margaret Wasserman <>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Subject: Re: Summary of the LLMNR Last Call
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

At 3:55 PM -0700 9/18/05, Stuart Cheshire wrote:
>mDNS takes the approach
>that local lookups should be distinguishable from global lookups and
>accomplishes this through the use of a special local domain (.local).

This claim is one of the bits of misinformation that seems to be spread
about mDNS for some reason. It's repeated so often that people who
haven't read the draft assume it's true.


>    (14. Enabling and Disabling Multicast DNS)
>    The option to fail-over to Multicast DNS for names not ending
>    in ".local." SHOULD be a user-configured option, and SHOULD
>    be disabled by default because of the possible security issues
>    related to unintended local resolution of apparently global names.

Okay.  Please feel free to insert "In it's recommended default 
configuration" in whatever place is appropriate to make my statement 
more accurate.

Regardless of what is specified in mDNS, my point stands that several 
members of the community raised technical (security) and 
philosophical (application transparency) issues with the model used 
by LLMNR.  Perhaps they would have the same concerns about this 
optional feature in mDNS, but that is not my concern at the moment.


Ietf mailing list