Re: Name ownership and LLMNR (Re: Last Call: 'Linklocal Multicast Name Resolution...)

[Tony Finch <dot@dotat.at>]

On Thu, 1 Sep 2005, Harald Tveit Alvestrand wrote:
>
> LLMNR allows me to treat names in a different way than mDNS does.
> If I have a name that I'm certain I own (this box is, with high certainty, the
> only one in the world named HALVESTR-W2K02.emea.cisco.com), LLMNR allows me to
> assert that name on a LAN even when the DNS is not available, or when that
> name is not currently asserted in the DNS.

This kind of naming is not possible for ad-hoc networks without Internet
connectivity and without any domain name registration.

On the other hand, even centrally-managed naming is vulnerable to LLMNR
breakage. I have evidence (from MTA EHLO hostnames) that it is fairly
common for organizations to make up domain names for their internal
networks that do not currently exist but which may be delegated in the
future, such as orgint.com or organization.int. This is pretty stupid, but
it isn't disrecommended by Microsoft. http://support.microsoft.com/?id=254680
If a future product uses LLNMR instead of dynamic DNS they'll have a lot
of unhappy customers who find their internal domain has been delegated
since they chose their naming structure.

> If we separate the concept of "name ownership" from "name assertion
> mechanism", and regard the DNS as just one mechanism of name assertion, then
> the problem reduces to "how do I prove that I have rights to the name", rather
> than "what name should I assert".

The delegation structure of DNS proves the right to a name.

Tony.
-- 
f.a.n.finch  <dot@dotat.at>  http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf