Re: Name ownership and LLMNR (Re: Last Call: 'Linklocal Multicast Name Resolution...)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Name ownership and LLMNR (Re: Last Call: 'Linklocal Multicast Name Resolution...)



--On torsdag, september 01, 2005 20:30:56 +0200 Iljitsch van Beijnum <iljitsch at muada.com> wrote:

"You choose" in the DNS case is because you believe (presumably) in
the chain of servers between you, the root node and the
authoritative server for my domain; in the LLMNR *or* mDNS case, it
would be "because he's here and he says so".


What I'm missing in this story is how the application finds out who  said
so. So either you need to allow "Harald said so" for all  applications or
for none of them. That is not good.

Yep.
In the DNS case, "the DNS server I asked said so".
In the LLMNR and mDNS case, "the machine that answered my multicast said so".

Flight of imagination: DNSSEC-Signed records (with the SIG/KEY chain in additional data?) would seem to be one possibility to "prove" that the data being presented was "legitimate" under DNS delegation rules, even when you don't have a present connection to the Internet.

My imagination doesn't fly far enough at this time of night to figure out any relationship beteen a ".local" name and the term "legitimacy". But it's late in the evening, so my imagination is not flying very far - perhaps mDNS works because they deliberately abandoned the idea of name ownership.

YMMV.

                      Harald


_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf



Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.