Re: Name ownership and LLMNR (Re: Last Call: 'Linklocal Multicast Name Resolution...)

[Bill Manning <bmanning at karoshi.com>]

On Sep 1, 2005, at 15:17, Harald Tveit Alvestrand wrote:

> --On torsdag, september 01, 2005 20:30:56 +0200 Iljitsch van Beijnum 
> <iljitsch at muada.com> wrote:
>
> > > "You choose" in the DNS case is because you believe (presumably) in
> > > the chain of servers between you, the root node and the
> > > authoritative server for my domain; in the LLMNR *or* mDNS case, it
> > > would be "because he's here and he says so".
> >
> > What I'm missing in this story is how the application finds out who  
> > said
> > so. So either you need to allow "Harald said so" for all  
> > applications or
> > for none of them. That is not good.
>
> Yep.
> In the DNS case, "the DNS server I asked said so".
> In the LLMNR and mDNS case, "the machine that answered my multicast 
> said so".
>
> Flight of imagination: DNSSEC-Signed records (with the SIG/KEY chain 
> in additional data?) would seem to be one possibility to "prove" that 
> the data being presented was "legitimate" under DNS delegation rules, 
> even when you don't have a present connection to the Internet.
>
> My imagination doesn't fly far enough at this time of night to figure 
> out any relationship beteen a ".local" name and the term "legitimacy". 
> But it's late in the evening, so my imagination is not flying very far 
> - perhaps mDNS works because they deliberately abandoned the idea of 
> name ownership.

	the TBDS work presumed a shared, common name space (the DNS as we know 
it today) - where each node is "imprinted" with its FQDN
	and is tagged w/ an x509 cert.  The DNS delegations are signed.   a 
change w/ TBDS is that each node runs a DNS server, not just a
	stub resolver.  so it can ask questions and cache answers.... and when 
it (the node) runs "into" an authoritative server for something 
"higher"
 	in the heirarchy, it can "flush" the more specific data in favor of 
the authoritative stuff.   This does not prevent random nodes from 
trying to
	spoof being who they are not, but w/ the extra data (signed 
delegations & x509 certs) the receiving node does have somewhat more 
data
	on which to evaluate the "viability" of any given reply ...  With 
TBDS, it is also possible to assert extensions to the namespace, but 
they would
	only be honoured by parties that share the same security/trust "hooks" 
 e.g.  if we both know the "secret password" then our use of the 
.piglet  TLD
	works.... for us.  Others ignore these queries.   mDNS seems to have 
taken this idea but restricted it to a single extention, e.g. .local

	(and yes, there are many fine minefields here,  but the project ran 
out of funding)

> YMMV.
>
>                       Harald
>
>
> _______________________________________________
> Ietf mailing list
> Ietf at ietf.org
> https://www1.ietf.org/mailman/listinfo/ietf


_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf