Re: Summary of the LLMNR Last Call

Russ Allbery <> Tue, 20 September 2005 06:32 UTC

Received: from localhost.localdomain ([] by with esmtp (Exim 4.32) id 1EHbgT-0003Cq-ER; Tue, 20 Sep 2005 02:32:53 -0400
Received: from ([] by with esmtp (Exim 4.32) id 1EHbgP-00039t-Im for; Tue, 20 Sep 2005 02:32:51 -0400
Received: from (ietf-mx []) by (8.9.1a/8.9.1a) with ESMTP id CAA10254 for <>; Tue, 20 Sep 2005 02:32:48 -0400 (EDT)
Received: from ([]) by with esmtp (Exim 4.43) id 1EHbmA-0002Sn-FE for; Tue, 20 Sep 2005 02:38:47 -0400
Received: from (windlord.Stanford.EDU []) by smtp3.Stanford.EDU (8.12.11/8.12.11) with ESMTP id j8K6Wavg017718; Mon, 19 Sep 2005 23:32:36 -0700
Received: by (Postfix, from userid 1000) id 6AB7BE7CA7; Mon, 19 Sep 2005 23:32:36 -0700 (PDT)
From: Russ Allbery <>
To: Bernard Aboba <>
In-Reply-To: <> (Bernard Aboba's message of "Mon, 19 Sep 2005 23:20:15 -0700 (PDT)")
Organization: The Eyrie
References: <> <p0620074fbf5509dd070a@[]> <> <> <>
Date: Mon, 19 Sep 2005 23:32:36 -0700
Message-ID: <>
User-Agent: Gnus/5.110004 (No Gnus v0.4) XEmacs/21.4.17 (linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9
Cc: Margaret Wasserman <>,
Subject: Re: Summary of the LLMNR Last Call
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

Bernard Aboba <> writes:

>> We agree that home burglary is a serious problem.  This is why we
>> recommend that everyone hire an armed guard for their house.  If your
>> house is monitored by armed guards, burglary is very unlikely.  Given
>> that there is an effective security mechanism available, there's really
>> no need to consider simple deterrants that won't provide true security.

> Not sure what this has to do with a link-scope resolution protocol
> supporting name partitioning and DNSSEC.  LLMNR provides a simple
> deterrant in the case where security is available -- restricting the
> names for which queries are sent.  This is *exactly* the same mechanism
> used by mDNS.

It was a possibly too sarcastic way of pointing out that I don't think
DNSSEC is an answer to this concern.

The difference between LLMNR and mDNS is one that I think is important.
This is a place where a SHOULD is the least that needs to be said, and a
MAY is simply not strong enough, not only for security reasons, but partly
for that.  If you said MAY *if* DNSSEC or TSIG is used, SHOULD otherwise,
I would be somewhat less concerned, but still dubious.

> The NetBIOS and DNS names spaces have coexisted for more than two
> decades without requiring exact matches, because they do not overlap.

If LLMNR required that the namespaces not overlap, I believe that would
address many (although not all) of the concerns that were raised here.

> Similarly, "exact matches" can be ensured via security schemes such as
> DNSSEC while permitting overlapping name spaces.

Is .com signed yet?

> *Both* the mDNS and LLMNR specifications agree on this point. The only
> difference is that mDNS uses ".local" for partioning, while it is
> suggested (but not required) that LLMNR implementations use single-label
> names.

That's a very important difference to me.

Russ Allbery (             <>

Ietf mailing list