Re: Summary of the LLMNR Last Call

Bernard Aboba <> Tue, 20 September 2005 13:05 UTC

Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1EHhoj-0004Z3-BZ; Tue, 20 Sep 2005 09:05:49 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1EHhod-0004Wo-Og for; Tue, 20 Sep 2005 09:05:43 -0400
Received: from (ietf-mx []) by (8.9.1a/8.9.1a) with ESMTP id JAA28509 for <>; Tue, 20 Sep 2005 09:05:41 -0400 (EDT)
Received: from ([] ident=mailnull) by with esmtp (Exim 4.43) id 1EHhuS-00040t-C9 for; Tue, 20 Sep 2005 09:11:45 -0400
Received: from ([] by with esmtpa (Exim 4.51) id 1EHhoZ-000O02-9c; Tue, 20 Sep 2005 09:05:39 -0400
Received: by (Postfix, from userid 1000) id 316EB35015; Tue, 20 Sep 2005 06:05:39 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1994934FFE; Tue, 20 Sep 2005 06:05:39 -0700 (PDT)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Report-Abuse-To: (see for abuse reporting information)
X-MHO-User: aboba
Date: Tue, 20 Sep 2005 06:05:38 -0700 (PDT)
From: Bernard Aboba <>
To: Margaret Wasserman <>
In-Reply-To: <p06200755bf557e9290de@[]>
Message-ID: <>
References: <> <p0620074fbf5509dd070a@[]> <> <p06200755bf557e9290de@[]>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Spam-Score: 1.9 (+)
X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464
Subject: Re: Summary of the LLMNR Last Call
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

> You might note that in the technical discussion, I argued _against_ the idea
> that this is a problem with LLMNR.  Personally, I consider the fact that mDNS
> attaches special semantics to .local to be a problem with mDNS.

If the DNSEXT WG wants to document recommended resolver behavior with 
respect to the .local domain, it can do so.  However, your message essentially 
*orders* the WG to do so, as a precondition for publishing any documents on 
the topic.  That is inappropriate. 

> Absent any mandatory-to-implement security, we sometimes accept an
> applicability statement that explains the environments in which it is safe to
> use a protocol without any protocol-specific security mechanism, but I didn't
> find that in the LLMNR document either.  Is it there?

Yes, it is. 

>From Section 5.2:

   Limiting the situations in which LLMNR queries are sent, as described
   in Section 2, is the best protection against these attacks.  

>From Section 2:

   While these conditions are necessary for sending an LLMNR query, they
   are not sufficient.  While an LLMNR sender MAY send a query for any
   name, it also MAY impose additional conditions on sending LLMNR
   queries.  For example, a sender configured with a DNS server MAY send
   LLMNR queries only for unqualified names and for fully qualified
   domain names within configured zones.

Is this issue only about whether the MAYs are to be upgraded to a SHOULD 
or MUST?

Ietf mailing list